In 2022 I prepared a talk, aimed at non-security people working on building software such as developers and DevOps engineers. The aim was to introduce them to some key ways in which OWASP can help them level up their security knowledge and practices for either free or very cheap.
5 reasons to attend an OWASP Global Event
I recently had the privilege of attending and speaking at the OWASP AppSec USA 2018 conference in San Jose, California, one of OWASP'S global events. This was the first time I had attended a OWASP global event despite having attended chapter meet-ups and regional conferences so I wanted to take this opportunity to pull out some of my highlights.
Setting up an OWASP Juice Shop CTF
I recently used the very excellent OWASP Juice Shop application developed by the very excellent Björn Kimminich to run an internal Capture the Flag event (CTF) for my department. It went really well and got really good feedback so I thought I would jot down some practical notes on how I did it.
AppSecEU 2018 – UNOFFICIAL Frequently asked questions
Some *completely unofficial* answers to questions about OWASP and the AppSecEU 2018 debacle based purely on publicly available information.
The Grinch who stole AppSecEU
Whilst most people were preparing for the festive season, in a shock move OWASP decided to suddenly claw back its flagship conference from the hugely successful OWASP Israel chapter and hold it in the UK (again) instead.
Reflections on attending and presenting at AppSec Israel 2017
For various reasons, this year was the first year I made it to OWASP AppSec Israel, the national Application Security conference here in Israel. Not only that but I was honoured to be accepted to present as well. It was a long day including a speakers/organisers dinner in the evening but as well as being tired I was also really buzzing with excitement and I thought I’d jot down a few notes about the day.
The OWASP Top 10 — An update and a chance to have your say
If you care about AppSec, you have until 30th August to have your say on what new items should be in RC2 and until 18th September to provide additional data on vulnerabilities found.