Skip to content

Commit

Permalink
remote update file
Browse files Browse the repository at this point in the history
  • Loading branch information
@OWASPFoundation
OWASPFoundation committed Feb 18, 2023
1 parent 369aec9 commit 3c1b754
Showing 1 changed file with 52 additions and 2 deletions.
54 changes: 52 additions & 2 deletions _data/community_events.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -204,10 +204,10 @@
"repo": "www-chapter-limassol",
"name": "OWASP Limassol Meetup",
"date": "2023-02-23",
"time": "6:30+02:00",
"time": "8:30+02:00",
"link": "https://www.meetup.com/owasp-limassol-meetup-group/events/291266510",
"timezone": "Asia/Nicosia",
"description": "**Calling all tech and security enthusiasts!**\n\nWe are excited to announce our upcoming [OWASP Limassol](https://owasp.org/www-chapter-limassol/) meetup. Join us for an evening of cool new ideas and inspiring presentations from industry experts.\nWe'll discuss the latest trends in web application security, share best practices and explore different approaches to building a secure online environment. So come on out and learn something new!\n\nWe look forward to seeing you there and would be delighted to offer a complimentary gift to each attendee!\n\n**Schedule:**\n18:30 \u2014 19:00 \u2014 Gathering & Intro\n19:00 \u2014 19:30 \u2014 [Valeriy Shevchenko](https://krevetk0.medium.com), Semrush:\n***Use information about modern attacks to stay safe.***\n19:30 \u2014 20:30 \u2014 Speaches TBA\n20:30 \u2014 21:00 \u2014 Entertainment for all the attenders\n21:00 \u2014 22:00 \u2014 Eat, drink, networking!\n\nMore information about the speakers is to come!\n[CFP is still open!](https://forms.gle/HSweZ7JtWwwe2FjaA)\n[You can also join us on Telegram.](https://t.me/+W1hEPzn4BOcwMTNi)"
"description": "**Calling all tech and security enthusiasts!**\n\nWe are excited to announce our upcoming [OWASP Limassol](https://owasp.org/www-chapter-limassol/) meetup. Join us for an evening of cool new ideas and inspiring presentations from industry experts.\nWe'll discuss the latest trends in web application security, share best practices and explore different approaches to building a secure online environment. So come on out and learn something new!\n\nWe look forward to seeing you there and would be delighted to offer a complimentary gift to each attendee!\n\n**Schedule:**\n18:30 \u2014 19:00 \u2014 Gathering & Intro\n19:00 \u2014 19:30 \u2014 [Valeriy Shevchenko](https://krevetk0.medium.com), Semrush:\n***Use information about modern attacks to stay safe.***\n19:30 \u2014 20:00 \u2014 [Denis Rybin](https://www.linkedin.com/in/denis-r-b9621496/), InDrive:\n***How modern package managers can help you deal with a supply chain attack***\n20:00 \u2014 20:30 \u2014 [Anatoly Makovetsky](www.linkedin.com/in/anatoli-m), Pepperstone\n***Security Engineering or Unpopular AppSec***\n20:30 \u2014 21:00 \u2014 Entertainment for all the attenders\n21:00 \u2014 22:00 \u2014 Eat, drink, networking!\n\nMore information about the speakers is to come!\n[You can also join us on Telegram.](https://t.me/+W1hEPzn4BOcwMTNi)"
},
{
"group": "Lisboa",
Expand Down Expand Up @@ -239,6 +239,16 @@
"timezone": "America/Los_Angeles",
"description": "**TOPIC**: Every Risk is Not a CVE: Bolster up Against Software Supply Chain Attacks\nJoin us for great networking, dinner and drinks, and see a presentation by Jamie Scott - Product Manager\n\n**ABSTRACT**: 3rd party and open source software components are both desired and indispensable ingredients used throughout the development lifecycle, but their consumption comes with considerable security risks, both for the developer herself and her downstream users. The rise of corresponding security incidents demonstrates that adversaries discovered those attack vectors as a viable and scalable attack pattern.\nWe will present a comprehensive, comprehensible and technology-agnostic taxonomy of attack vectors, created on the basis of hundreds of real-world incidents, and validated by experts in the domain. An interactive visualization of this taxonomy, available as open source itself, will be demoed throughout the talk to explain different techniques at the disposal of attackers, supported by real-world examples.\nFollowing, we will discuss the types of defenses you can put in place to detect and respond to such modern day attacks.\n\n**Thanks to our Sponsor**: Endor Labs\nEndor Labs\u2019 Dependency Lifecycle Management Platform is designed to address the weakest link in software supply chain security: the ungoverned sprawl of open source software in the enterprise. Endor Labs\u2019 mission is to help developers spend less time dealing with security issues and more time accelerating development through safe code reuse. With this solution, development and security teams are able to maximize software reuse by safely evaluating, maintaining, and updating dependencies at scale.\n\n*Vendors interested in sponsoring send an email to sponsorship.la@owasp.org*"
},
{
"group": "Manchester",
"repo": "www-chapter-manchester",
"name": "Proactive Security - How do you prevent vulnerabilities",
"date": "2023-03-07",
"time": "8:00Z",
"link": "https://www.meetup.com/owasp-manchester-uk-chapter/events/291657572",
"timezone": "Europe/London",
"description": "Hello & Welcome\n\nIn this session we'll be discussing Proactive Security. Meaning, how do you empower and enable engineering teams to own their own security to prevent the release of vulnerable code... what would secure coding practices look like, what is security by design, what security testing can teams do during the test & release process. More importantly, what can we put in place to really make the security teams work for their money\n\n**6:00 - Open doors**\n**6:45 - First talk**\n**7:30 - Refreshments**\n**8:00 - Second talk**\n**8:45 - Networking**\n**9:00 - Vacate venue -> to the pub for more socialising**\n\nWe'd like to say THANK YOU to the companies who helped make this event possible\nBarlcays DiSH - Thank you so much for sponsoring the venue\nBeyondTrust - Thank you so much for sponsoring the food & drink\nCytix - Special thanks for making introductions\n\nAre you passionate about a security topic?\nDo you want to speak at a future event?\nSubmit your interest here - https://forms.gle/zcm9bVNhgDixe8Gq5\n\nDoes your company want to sponsor a venue and/or refreshments?\nEmail Paul - paul.johnston@owasp.org"
},
{
"group": "Morocco",
"repo": "www-chapter-morocco",
Expand All @@ -249,6 +259,16 @@
"timezone": "Africa/Casablanca",
"description": "TOGAF and SABSA work together. SABSA is the world's leading security architecture framework.\nTOGAF is a modular enterprise architecture framework that is easily extensible to use domain best-practice.\nWith the [SABSA ](https://sabsa.org/)Institute and [The Open Group Architecture Forum](https://www.opengroup.org/architecture-forum) I created a methodlogy to use the both framework to design Secure Architecture and develop better enterprise architecture with best practice security architecture.\n\nDuring this talk I will show you:\n\n\\- How think of TOGAF *plus* SABSA.\n\\- Think enterprise architecture with world\\-class risk and security\\.\n\nAcronyms, Abbreviations, and Initialisms\nShort Form Full Form\nBOSS Business Operation Support Services\nCSA Cloud Security Alliance\nEA Enterprise Architecture\nSABSA Sherwood Applied Business Security Architecture"
},
{
"group": "Mumbai",
"repo": "www-chapter-mumbai",
"name": "OWASP Mumbai Online Meetup | 18th March 2023",
"date": "2023-03-18",
"time": "2:00+05:30",
"link": "https://www.meetup.com/owasp-mumbai-chapter/events/291680287",
"timezone": "Asia/Kolkata",
"description": "Session Details:\nIntroduction to OWASP Mumbai\n\nHow to build an efficient security automation strategy and teams for your organization? **With Prashasth Baliga**\n\nQnA and FeedBack\n\n**Synopsis:**\nThe focus of a security automation strategy is on implementing automated tools and processes to enhance the effectiveness and efficiency of an organization's security operations. The strategy covers several key steps, including identifying security risks and vulnerabilities, evaluating current security operations, setting clear automation goals, selecting the appropriate tools, implementing and testing them, continuously monitoring and improving, training the team, and ensuring compliance with regulations. With security automation, organizations have seen benefits such as improved efficiency and scalability, faster threat detection and response, cost savings, and better decision-making."
},
{
"group": "Netherlands",
"repo": "www-chapter-netherlands",
Expand Down Expand Up @@ -299,6 +319,16 @@
"timezone": "Europe/Oslo",
"description": "**Talk description**\n\nGone are the days when breaches were rare and security could safely be put low on the priority list; product security is now a customer demand and cyber crime has reached epic proportions. Our idolization of hackers, penetration testing and \u2018breaking\u2019 has not resulted in secure software for our industry, only egos, stereotypes and unaffordable security models. Modern application security approaches need to address both offensive (red team) and defensive (blue team) approaches, as well as continuous learning and advocacy for developers. This means Purple Team. This talk will explore how to combine defence, offence, automation, empathy and continuous learning, all without the requirement of ever wearing a hoodie. The future of security is PURPLE."
},
{
"group": "Poland",
"repo": "www-chapter-poland",
"name": "OWASP Meeting in Krakow - 1 Mar 2023",
"date": "2023-03-01",
"time": "8:00+01:00",
"link": "https://www.meetup.com/owasp-poland/events/291510346",
"timezone": "Europe/Warsaw",
"description": "Hi,\n[OWASP](https://owasp.org/) is a worldwide, non-profit organisation focused on application security issues and we are Polish chapter of this initiative.\n\nStarting from this meeting, we are changing our usual agenda a little bit, to give an opportunity to raise more subjects and to have more diverse discussions.\nWe will have one bigger (30 min) presentation and 3-4 shorter \"lightning talks\" with discussion. **If you want to have lightning talk** please let us know in advance by [filling the form](https://forms.gle/7JFiD3z2tKifogvs5). This will help us to plan the meeting.\n\nAgenda:\n\n1. [OWASP Cheat Sheets Series Project](https://cheatsheetseries.owasp.org/). Kuba Ma\u0107kowski - project co-leader will introduce you to the project idea and how security cheat sheets could be useful for your daily work - no mater if you are developer, architect or security tester. (about 30 min + discussion)\n2. After the break we will have series of short lightening talks with discussion (typical format is 5-10 minute talk followed by 5-10 minute discussion). [Please submit your proposals](https://forms.gle/7JFiD3z2tKifogvs5)!\nCurrent queue:\n* TBD\n3. Job announcements. If you are an employer, there will be a chance to present who you are looking for.\n\nPlease RSVP and save the date!\nIf you have a minute, **please share this link** with friends and in social media."
},
{
"group": "Recife",
"repo": "www-chapter-recife",
Expand All @@ -309,6 +339,16 @@
"timezone": "America/Recife",
"description": "O OWASP Recife em conjunto com a Tempest Security Intelligence tem muita alegria em divulgar o terceiro OWASP Tempest Tech Sessions!\n\nO evento \u00e9 h\u00edbrido (presencial + remoto). Corram porque as vagas presenciais s\u00e3o limitadas. Contudo, quem n\u00e3o puder participar presencialmente haver\u00e1 a op\u00e7\u00e3o de participar na modalidade remota atrav\u00e9s da plataforma Zoom, as vagas para essa modalidade ser\u00e3o ilimitadas.\n\n**TODAS AS INSCRI\u00c7\u00d5ES DEVEM SE REALIZADAS ATRAV\u00c9S DA PLATAFORMA EVENT3:**\n[https://www.even3.com.br/tempest-tech-sessions-pos-exploracao/](https://www.even3.com.br/tempest-tech-sessions-pos-exploracao/)\n\nVoc\u00ea dever\u00e1 escolher se sua participa\u00e7\u00e3o ser\u00e1 **presencial** ou **remota**.\n\n**Palestra:** Do Cobalt Strike ao Sliver: um panorama sobre as principais ferramentas de p\u00f3s-explora\u00e7\u00e3o usadas por cibercriminosos\n\n**Resumo:** O que os advers\u00e1rios fazem depois de invadir e explorar um sistema? Nessa palestra vamos discutir sobre as principais ferramentas de p\u00f3s explora\u00e7\u00e3o usadas atualmente, abordando tamb\u00e9m as fases de um ataque com base em frameworks como Cyber Kill Chain e Mitre ATT&CK, o funcionamento de um servidor de comando e controle e as principais estrat\u00e9gias de defesa e detec\u00e7\u00e3o.\n\n**Palestrantes:** Wanessa Souza\n**Shortbio:** Wanessa \u00e9 Analista de Seguran\u00e7a Senior na Tempest, atuando no time de Cyber Threat Intelligence h\u00e1 5 anos. Com uma paix\u00e3o a parte pela escrita criativa, Wanessa tamb\u00e9m \u00e9 poetisa, astr\u00f4noma amadora e ama trocar uma id\u00e9ia sobre tecnologia, rob\u00f3tica e viagens no tempo.\n**Formato da palestra:** H\u00edbridro - Presencial (com apenas 30 vagas limitadas) e Online, atrav\u00e9s da plataforma Zoom. O link de acesso \u00e0 palestra constar\u00e1 aqui na plataforma Even3 e tamb\u00e9m ser\u00e1 enviado para o seu e-mail cadastrado no momento da inscri\u00e7\u00e3o.\n\n**Certificado de Participa\u00e7\u00e3o:** A palestra confere certificado de 2 horas.\nEnviaremos para o seu e-mail em at\u00e9 48h \u00fateis ap\u00f3s a palestra. Para que o certificado seja aceito como horas complementares em sua Institui\u00e7\u00e3o de Ensino, \u00e9 importante que preencha o seu nome completo no momento da inscri\u00e7\u00e3o.\n\nEsperamos voc\u00ea na nossa palestra! At\u00e9 l\u00e1!"
},
{
"group": "Salt Lake City",
"repo": "www-chapter-salt-lake-city",
"name": "Wasatch AppSec OWASP-SLC (Virtual Meetup in February)",
"date": "2023-02-23",
"time": "2:00-07:00",
"link": "https://www.meetup.com/owasp-slc/events/291680114",
"timezone": "America/Denver",
"description": "Hi Everyone! We'll meet virtually this month.\n\nWe'll talk through metrics and engaging with management to show AppSec program value. And then we'll take a look at PortSwigger Academy and favorite lessons there.\n\nTopic for Discussion:\n\n* **Metrics to show AppSec program maturity and progression**\n* **Demonstrating value of AppSec program to management**\n* **Security Testing:** Poll for favorite [PortSwigger Academy](https://portswigger.net/web-security) lessons\n\n\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\nZoom Information:\n\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-\\-"
},
{
"group": "San Juan",
"repo": "www-chapter-san-juan",
Expand All @@ -319,6 +359,16 @@
"timezone": "America/Puerto_Rico",
"description": "Join us for our first event, where we will be doing Q&A on the upcoming Capture-The-Flag (CTF) event in early March!\n\nFor those of you who are new to cybersecurity, or new to tech in general, CTF's are a way for us to make the boring stuff more fun. CTF's usually come in two varieties:\n\n* **Jeopardy**: *is a type of cybersecurity competition. In a CTF, participants work to solve challenges that are often based on real-world scenarios, such as finding vulnerabilities in systems or decoding hidden messages. These challenges are usually organized into categories, such as web security, cryptography, or binary exploitation, and participants earn points for each challenge they successfully solve. CTFs are often used as a way for cybersecurity professionals to learn and improve their skills, and they can also be a lot of fun for people who are interested in this field.*\n\n* **Attack & Defense**: *Attack-Defense CTFs are a type of cybersecurity competition where teams are given a set of resources, such as servers or websites, and must defend them from attacks launched by other teams. At the same time, each team must also try to attack and compromise the resources of the other teams. In this type of CTF, points are usually awarded for successfully launching an attack or successfully defending against an attack.*\n\nWe want to be able to live stream the event, so stay tuned into all of OWASP San Juans social media. If you'd like to help promote, sponsor, donate, develop, or collaborate, please checkout our home page where to go!\n\nTo learn more, reach out to a community member, and we hope to see you there at the event!"
},
{
"group": "Santa Barbara",
"repo": "www-chapter-santa-barbara",
"name": "Proactive vs. Reactive AppSec",
"date": "2023-03-02",
"time": "7:30-08:00",
"link": "https://www.meetup.com/santa-barbara-owasp-chapter/events/291688284",
"timezone": "America/Los_Angeles",
"description": "OWASP SB and GitHub have joined forces to bring you the first security meetup of the year in beautiful Santa Barbara. Come join the local AppSec/InfoSec community for a great evening of technical talks and mindful networking. Dinner will be provided.\n\n**Event Agenda**\n05.30pm -- Event kickoff, with dinner and networking.\n06.00pm -- Announcements, by W. Mart\u00edn Villalba (OWASP SB).\n06.15pm -- Intro to GitHub Advanced Security, by Levy Forchheimer (GitHub).\n06.30pm -- Proactive vs. Reactive AppSec, by Ravi Gadhia (GitHub).\n07.30pm -- BYOT / Networking.\n08.30pm -- Event end.\n\n**Levy Forchheimer - Bio**\nLevy Forchheimer is an Enterprise Account Executive at GitHub. He's been in AppSec for nearly a decade and his expertise spans DevOps, SCA and Secret Management. Prior to GitHub, he was VP Sales at Spectral, which was Acquired by Check Point, in 2022. Their core focus was to help organizations detect hard coded secrets in their code base and prevent their leakage. Before that, he was at Mend, a leader in SCA - helping organizations understand their software supply chain and mitigate security risk accordingly.\n\n**Ravi Gadhia - Bio**\nRavi Gadhia is a technologist who began his career as a chip designer and found his way to customer-facing roles in the software industry. A graduate of Stanford and Columbia, he has been involved with various start-ups during his 25 year career in tech. His work has taken him to diverse geographies spanning Silicon Valley, the Asia-Pacific region, and now Silicon Beach. His primary areas of expertise are in software development, collaboration tools, and cloud native platforms. Ravi is currently Director of a Solutions Engineering at GitHub where he leads a technical sales team in the Western US. When he\u2019s not working, he enjoys reading and trying to keep up with his two boys.\n\n**BYOT: Bring Your Own Topic**\nThis meeting is a great chance to ask for technical help, career advice, share new ideas, look for feedback, and discuss anything related to AppSec/InfoSec.\n\n**Location**\nKiva Cowork - Funk Zone, 10 E Yanonali St, Santa Barbara, CA. The front door will be kept open for the duration of the event. If you have any trouble getting in, please do not leave, just knock on the front/side doors and/or message us through this platform.\n\nLooking forward to seeing you all!\n\nMart\u00edn\nOWASP SB Leader"
},
{
"group": "Seattle",
"repo": "www-chapter-seattle",
Expand Down

0 comments on commit 3c1b754

Please sign in to comment.