The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
Tuesday, June 12, 2018
Outstanding training being offered by professionals in the industry!
Getting ready is easy - visit the AppSec EU 2018 website to register, plan your hotel and book your travel.
1. Register for the event at AppSec EU website. Check out the schedule of great training programs, exceptional keynotes, and seminar topics. AppSec EU will offer attendees an experience that will enhance your learning, networking and overall understanding of Application Security Issues. Register Now!
2. Book your hotel. It's only a month away and the AppSec EU Hotel Map page shows the best hotel choices at the best rates. Don't delay in booking your room, book in advance and benefit from the best pricing.
3. Plan your travel. The AppSec EU 2018 Travel page provides you with many options to get to the QEII. If you are coming from central Europe, you can take a plane, train or car; it's easy to get to London! Traveling in from outside of central Europe, not a problem, there are many airports to choose from to arrive into the UK from the United States, Middle East or other regions outside of central Europe.
4. Want to Volunteer? Awesome! We need good volunteers ready to help make the conference experience a great one! The AppSec EU website allows you to register as a volunteer as well.
The conference program is strong, the training offers hands-on learning and meeting with fellow security colleagues is priceless...
Join us at AppSec EU 2018!
We look forward to seeing you in London!
Check out the training being offered at OWASP AppSec EU:
3-Day Training: Exploiting Websites by using offensive HTML, SVG, CSS and other browser-eveil by Mario Heiderich
3-Day Training: Practical DevSecOps: Continuous Security in the age of cloud by A. Imran Mohammed and Raghunath Gopinath
3-Day Training: Mobile-Sec Exploitation Breakout by Blessen Thomas
3-Day Training: Advanced Web Hacking - Black Belt edition by Anant Shrivastava, Sunil Yadav and Sudhanshu Chauhan
2-Day Training: Attacking and Defending SOAP- and Rest- based Web Services by Juraj Somorovsky
2-Day Training: OWASP ModSecurity Core Rule Set by Walter Hop
2-Day Training: Secure Coding Tournament - Leave no developer behind by Sebastien Deleersnyder & Steven Wierckx
2-Day Training: Web Application Security Essentials by Fabio Cerullo
2-Day Training: Pentesting the modern application stack by Francis Alexander and Bharadwaj Machiraju
2-Day Training: Automated Defense using Serverless for AWS, Azure and GCP - Madhu Akula & Subash Sn
1- Day Training: Access Control for Rest API's by Johan Peeters and Michael Boeynaer
1- Day Training: ModSec CRS Community Summit by ChristianFolini
As you read this we are busily working with volunteers and the staff to put the finishing touches on AppSec EU 2018 which will take place in London in two short months from 2-6 July 2018.
The AppSec EU 2018 keynote, training, and conference schedules have been posted. We are thankful to the selection committees who have worked tirelessly to review (many times) the training submissions and the many conference seminar submissions.
The committee has prepared an exceptional program for attendees and the community. We have some superb keynote speakers. The training program is diverse and very comprehensive offering something for everyone. The seminar program is filled with a variety of interesting topics presented by some of the best speakers working and sharing their experiences in application security. While the training, events, programming, and planning is important, it is a small part of the details needed for a successful conference.
The most important part is "YOU" the attendee / participant. That being said, I want to strongly encourage you to come to London and attend AppSec EU 2018. This is your conference and training program, put together by your peers just for you.
Your presence at the conference makes all the difference and adds exponentially to the overall conference experience. Plan your schedule and come to London and join us for a great event filled with learning, training, and networking. Come together with other application and internet security professionals to gain greater insight into the newest trends and programs to help you in your daily work and business. As I said, this is your event, so come to AppSec EU 2018 and be a part of a great experience.
The connector below continues to develop and evolve to provide you with more information on what is going on in the community. Notice the highlights on projects and chapters. We hope you enjoy what we have to share with you and look forward to your comments and suggestions on how we might be able to continue to connect with you.
Chairman, Global Board of Directors
Projects are moving ahead with exciting and new developments. To see more information on the projects that have new updates and information by visiting GitHub here to see what's new!
Each month we would like to highlight one of OWASP's very own projects: OWASP Code Pulse 2.0 was recently released and now includes support for .NET in addition to Java! Code Pulse is a glass box tool that provides insight into the real-time code coverage of penetration testing activities. Code Pulse automatically detects coverage information while the tests are being conducted and will even make it possible to understand the overlaps and boundaries of the different tools coverage.
Code Pulse presents coverage information in a visual form to make it easy to understand at-a-glance which parts of an application have been covered, and how much. The real-time coverage feedback makes it easy to adjust testing activity based on the observed coverage. In addition, for testing activities relying on multiple techniques (a variety of dynamic analysis tools for instance) it's easy to split up the recorded activity to understand which code was covered by each tool independently or alternatively to view coverage overlaps between multiple tools.
For more information see the OWASP project page or the Code Pulse project website.
The OWASP team and the many volunteers have been very busy planning and preparing for AppSec EU 2018 and AppSec USA 2018. These are your conferences and the program and training is being selected and developed for you the community. Join OWASP and register for the conferences and help us make the experience a memorable one.
Each Month we will highlight a Chapter. This month we are focusing on London and Bristol.
These two chapters represent a total of 360+ members. The leader for Bristol is Katy Anton and the leaders for London are: Sam Stepanyan, Sherif Mansour Farag and Dr. Grigorios Fragkos. Both Chapters host regular meetings at least one every two months and generate average attendance of 75-100 attendees each. The meetings focus on topics such as: "Exploiting unknown browsers and objects "- Gareth Heyes Or "Lightning Talk: "Introducing Remediate the Flag: a Hands-On AppSec Training Platform" - Andrea Scaduto and much more!
These dedicated chapter leaders joined together and hosted a meeting at the Just-eat offices in London and Bristol. The event was live in Bristol with live streaming for the participants in London, and on YouTube, bringing together close to 200 participants in two locations. This was the second joined event, and the feedback from audience for this type of event where the presentations were held in one location and live streamed in the other location was positive. This is a great example of how chapters can work together to bring learning and networking to a new level.
We applaud this great team of leaders and thank them for their dedication and support to OWASP and the Application Security Community!