Tuesday, June 12, 2018

Outstanding training being offered by professionals in the industry! 

Don't miss out register today!

Wednesday, June 6, 2018

Are you ready for AppSec EU 2018???


Are you Ready?

AppSec EU is one month away!  Are you ready? 

Getting ready is easy - visit the AppSec EU 2018 website to register, plan your hotel and book your travel.

1. Register for the event at AppSec EU website.   Check out the schedule of great training programs, exceptional keynotes, and seminar topics.  AppSec EU will offer attendees an experience that will enhance your learning, networking and overall understanding of Application Security Issues.  Register Now!

2. Book your hotel. It's only a month away and the AppSec EU Hotel Map page shows the best hotel choices at the best rates.  Don't delay in booking your room, book in advance and benefit from the best pricing.

3. Plan your travel.  The AppSec EU 2018 Travel page provides you with many options to get to the QEII.  If you are coming from central Europe, you can take a plane, train or car; it's easy to get to London!  Traveling in from outside of central Europe, not a problem, there are many airports to choose from to arrive into the UK from the United States, Middle East or other regions outside of central Europe.  

4. Want to Volunteer?  Awesome!  We need good volunteers ready to help make the conference experience a great one!  The AppSec EU website allows you to register as a volunteer as well.  

The conference program is strong, the training offers hands-on learning and meeting with fellow security colleagues is priceless...

Join us at AppSec EU 2018!
We look forward to seeing you in London!

Check out the training being offered at OWASP AppSec EU:
3-Day Training: Exploiting Websites by using offensive HTML, SVG, CSS and other browser-eveil by Mario Heiderich
3-Day Training: Practical DevSecOps: Continuous Security in the age of cloud by A. Imran Mohammed and Raghunath Gopinath
3-Day Training: Mobile-Sec Exploitation Breakout by Blessen Thomas
3-Day Training: Advanced Web Hacking - Black Belt edition by Anant Shrivastava, Sunil Yadav and Sudhanshu Chauhan
2-Day Training: Attacking and Defending SOAP- and Rest- based Web Services by Juraj Somorovsky
2-Day Training: OWASP ModSecurity Core Rule Set by Walter Hop
2-Day Training: Secure Coding Tournament - Leave no developer behind by Sebastien Deleersnyder & Steven Wierckx
2-Day Training: Web Application Security Essentials by Fabio Cerullo
2-Day Training: Pentesting the modern application stack by Francis Alexander and Bharadwaj Machiraju
2-Day Training: Automated Defense using Serverless for AWS, Azure and GCP - Madhu Akula & Subash Sn
1- Day Training: Access Control for Rest API's by Johan Peeters and Michael Boeynaer
1- Day Training: ModSec CRS Community Summit by ChristianFolini
Register Now for Training
Our mailing address is:
OWASP Foundation 
1200-C Agora Drive, # 232
Bel Air, MD 21014  US
Fax: 1-443-283-4021
Contact Us
Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.


Monday, May 21, 2018

May 2018 Connector

May 2018


Letter from the Chairman

Dear OWASP Community,

Welcome to the April OWASP Connector!

As you read this we are busily working with volunteers and the staff to put the finishing touches on AppSec EU 2018 which will take place in London in two short months from 2-6 July 2018.

The AppSec EU 2018 keynote, training, and conference schedules have been posted.  We are thankful to the selection committees who have worked tirelessly to review (many times) the training submissions and the many conference seminar submissions.

The committee has prepared an exceptional program for attendees and the community.  We have some superb keynote speakers.  The training program is diverse and very comprehensive offering something for everyone. The seminar program is filled with a variety of interesting topics presented by some of the best speakers working and sharing their experiences in application security.   While the training, events, programming, and planning is important, it is a small part of the details needed for a successful conference.

The most important part is "YOU" the attendee / participant.  That being said, I want to strongly encourage you to come to London and attend AppSec EU 2018.  This is your conference and training program, put together by your peers just for you.

Your presence at the conference makes all the difference and adds exponentially to the overall conference experience.   Plan your schedule and come to London and join us for a great event filled with learning, training, and networking.  Come together with other application and internet security professionals to gain greater insight into the newest trends and programs to help you in your daily work and business.   As I said, this is your event, so come to AppSec EU 2018 and be a part of a great experience.

The connector below continues to develop and evolve to provide you with more information on what is going on in the community.  Notice the highlights on projects and chapters.  We hope you enjoy what we have to share with you and look forward to your comments and suggestions on how we might be able to continue to connect with you.

Your Chairman,
Martin Knobloch

Chairman, Global Board of Directors


Projects are moving ahead with exciting and new developments.  To see more information on the projects that have new updates and information by visiting GitHub here to see what's new!

Each month we would like to highlight one of OWASP's very own projects: OWASP Code Pulse 2.0 was recently released and now includes support for .NET in addition to Java!   Code Pulse is a glass box tool that provides insight into the real-time code coverage of penetration testing activities. Code Pulse automatically detects coverage information while the tests are being conducted and will even make it possible to understand the overlaps and boundaries of the different tools coverage.  

Code Pulse presents coverage information in a visual form to make it easy to understand at-a-glance which parts of an application have been covered, and how much. The real-time coverage feedback makes it easy to adjust testing activity based on the observed coverage. In addition, for testing activities relying on multiple techniques (a variety of dynamic analysis tools for instance) it's easy to split up the recorded activity to understand which code was covered by each tool independently or alternatively to view coverage overlaps between multiple tools.
For more information see the OWASP project page or the Code Pulse project website.

OWASP would like to give a warm welcome to our NEW Leader of the OWASP Glue Tool Project, Omer Levi Hevroni!


Join us at one (or both!) of our premier Application Security events:

     AppSec Europe
July 2nd-6th
QE II Centre
London, UK
AppSec USA
October 8th-12th
Fairmont San Jose
San Jose, CA

The OWASP team and the many volunteers have been very busy planning and preparing for AppSec EU 2018 and AppSec USA 2018.  These are your conferences and the program and training is being selected and developed for you the community.  Join OWASP and register for the conferences and help us make the experience a memorable one.

For more information on the training and conference program, please visit the AppSec EU 2018 web site.

AppSec USA 2018 boasts three great keynote speakers!  More information on the speakers can be found here.

 You may also be interested in one of our other affiliated events:

Event Type Date Location
OWASP LatamTour 2018 Regional Event April 4-20, 2018  
HACK NYC 2018 Local Event May 8-10, 2018 New York City
SuperSec Regional Event May 12 - 13, 2018 Spain
OWASP Sibiu Conference 2018 Regional Event May 24, 2018 Sibiu, Romania
OWASP Italy Day 2018 Regional Event June 16, 2018 Milano, Italy
blackhat USA 2018 Local Event August 4-9, 2018 Las Vegas, Nevada
DEF CON 26 Local Event August 9-12, 2018 Las Vegas, Nevada
OWASP Portland 2018 Training Day Training Event October 3, 2018 Portland, Oregon
AppSec Morocco 2018 Regional Event October 4-5, 2018 Morocco
OWASP AppSec Day 2018 Regional Event October 19, 2018 Melbourne, Australia
LASCON 2018 Regional Event October 23-26, 2018 Austin, TX
OWASP Appsec Indonesia 2018 Regional Event November 1-3, 2018 Indonesia
German OWASP Day Regional Event November 19-20, 2018 M√ľnster, Germany
OWASP Norway Day 2018 Regional Event November 29, 2018 Norway


Event Date Location
InfoSecurity Europe June 5-7, 2018 London
Hack in Paris June 25-29, 2018 Paris


Each Month we will highlight a Chapter.  This month we are focusing on London and Bristol.

These two chapters represent a total of ​ 360+ members.  The leader for Bristol is Katy Anton and the leaders for London are: ​Sam Stepanyan, ​Sherif Mansour Farag and​ Dr. Grigorios Fragkos. Both Chapters host regular meetings at least one every two months and generate average attendance of 75-100 attendees each. The meetings focus on topics such as:​ "Exploiting unknown browsers and objects "- Gareth Heyes​ Or "Lightning Talk: "Introducing Remediate the Flag: a Hands-On AppSec Training Platform" - Andrea Scaduto and much more!

These dedicated chapter leaders joined together and hosted a meeting at the Just-eat offices  in London and Bristol. The event was live in Bristol with live streaming for the participants in London, and on YouTube,  bringing together close to 200 participants in two locations. This was the second joined event, and the feedback from audience for this type of event  where the presentations were held in one location and live streamed in the other location was positive. This is a great example of how chapters can work together to bring learning and networking to a new level.  

We applaud this great team of leaders and thank them for their dedication and support to OWASP and the Application Security Community!



Premier Corporate Member

Contributor Corporate Members

make a donation
join us
OWASP Foundation * 1200-C Agora Drive, #232 *  Bel Air, MD 21014 *  US
+1 443-283-4021(fax)
Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

This email was sent to *|EMAIL|*
why did I get this?    unsubscribe from this list    update subscription preferences