For full functionality of this site it is necessary to enable JavaScript. Here are the
instructions how to enable JavaScript in your web browser
.
HOME
PROGRAM
Agenda
Keynote Speakers
Speakers
SUPPORT US
Sponsorship Opportunities
Supporters
Get Involved
MORE
Sneak Peek - Flagship Project Track Episode One
Sneak Peek - Flagship Project Track Episode Two
20th Anniversary Event Memorabilia
Moderators
Register
HOME
PROGRAM
Agenda
Keynote Speakers
Speakers
SUPPORT US
Sponsorship Opportunities
Supporters
Get Involved
MORE
Sneak Peek - Flagship Project Track Episode One
Sneak Peek - Flagship Project Track Episode Two
20th Anniversary Event Memorabilia
Moderators
Register
OWASP's 20th Anniversary Celebration
- September 24, 2021
Speakers
AWS (mis)configuration from an attacker’s-eye view
Kavisha Sheth
Kavisha Sheth
Achieving Security by Shifting Left in Agile
Bhushan B Gupta
Bhushan B Gupta
Achieving the Web Isolation Nirvana - How far along are we?
Pedro Fortuna
Pedro Fortuna
Jasvir Nagra
Jasvir Nagra
Agile Threat Modeling with Open-Source Tools
Christian Schneider
Christian Schneider
All your Ether belong to us (a.k.a Hacking Ethereum-based DApps)
Luis Quispe Gonzales
Luis Quispe Gonzales
An Attackers View on APAC's 2021 Three Major Breaches
Guest Speaker Ric Campo
Guest Speaker Ric Campo
AppSec Timeline: Wins, Failures, Promises, and Predictions
Joseph Feiman
Joseph Feiman
Attacking the microservice systems: methods and practical tips
Alexander Barabanov
Alexander Barabanov
Automate Security, Don't Tell Your Boss
Matt Tesauro
Matt Tesauro
Automated Finding Correlation where do SAST, DAST and IAST overlap
Eitan Worcel
Eitan Worcel
Ran Klein
Ran Klein
Automatic Vulnerability Remediation - The Trusted and Secure Road to Developer Happiness
Dr. Aharon Abadi
Dr. Aharon Abadi
Rami Elron
Rami Elron
Back to Basics: Looking for subtle bugs in beginner programming constructs
Guest Speaker Cole Cornford
Guest Speaker Cole Cornford
Birds & Buttons - Cyber Risk Success Criteria for Board & Executives
Shamane Tan
Shamane Tan
Blockchain-based Security Framework for Cyber Physical Systems (BSF-CPS)
Dr. Abhilasha Vyas
Dr. Abhilasha Vyas
Bot or human? Detecting malicious bots with machine learning in 2021
Benjamin Fabre
Benjamin Fabre
Antoine Vastel
Antoine Vastel
Code-Origin Policy: Towards a Formal User Privacy Protection for the Web
Phu H. Phung
Phu H. Phung
Common Application Security Mistakes that Enable Automated Attacks
Jason Kent
Jason Kent
Common NGINX Misconfigurations That Leave Your Web Server Open To Attack
Spencer Pearlman
Spencer Pearlman
Connecting the Dots: How Threat Intelligence Protects the Applications
Catalin Curelaru
Catalin Curelaru
Costly mistakes in serverless computing
Miguel Calles
Miguel Calles
Creating an IoT-connected Mobile App Compliance Program Leveraging OWASP MASVS
Brian Reed
Brian Reed
Decoded: Leverage Cybersecurity as a Business Enabler
Guest Speaker Nicole Dove
Guest Speaker Nicole Dove
DevSecOps in 2031: How robots and humans will secure apps together
Guest Speaker Stefan Streichsbier
Guest Speaker Stefan Streichsbier
Developers Struggle with Application Security (and How to Make It Better)
Scott Gerlach
Scott Gerlach
Effective Usage Analysis: The Shortest Path Between a Developer and Accelerated Product Releases
Rami Elron
Rami Elron
Everything You Always Wanted to Know About Fingerprinting Browser Extensions, But Were Afraid to Ask
Nick Nikiforakis
Nick Nikiforakis
Feedback loop in DevSecOps - mature security process and dev cooperation
Daniel Krasnokucki
Daniel Krasnokucki
Fight Club | Grow your OWASP Chapter
Guest Speaker Tom Brennan
Guest Speaker Tom Brennan
Guest Speaker Sam Stepanyan
Guest Speaker Sam Stepanyan
Five philosophies to building better application logs
Veronica Schmitt
Veronica Schmitt
Good Bot, Bad Bot: Characterizing Automated Browsing Activity
Nick Nikiforakis
Nick Nikiforakis
Hack Your APIs in 15 Minutes or Less
Himanshu Dwivedi
Himanshu Dwivedi
How Security, Development & Testing can work together to stop the same recurring vulnerabilities appearing in the OWASP Top 10
Stefania Chaplin
Stefania Chaplin
How To Review Code For Vulnerabilities
Vickie Li
Vickie Li
Introducing graph theory to Policy-As-Code
Barak Schoster
Barak Schoster
It's Not Your Developers' Fault
Guest Speaker Edwin Kwan
Guest Speaker Edwin Kwan
Kubernetes Security: Attacking and Defending K8s Clusters
Magno Logan
Magno Logan
Live Q&A Session
Guest Speaker Troy Hunt
Guest Speaker Troy Hunt
Looking at 4 years of web honeypot attacks: tactics, techniques and trends
Raymond Pompon
Raymond Pompon
Malcolm Heath
Malcolm Heath
OWASP API Security Top 10 - A Beginner's Guide to Mitigation
Isabelle Mauny
Isabelle Mauny
OWASP Amass Flagship Project
Jeff Foley
Jeff Foley
OWASP Application Gateway: What is it and how can you use it to secure your webapp?
Gian-Luca Frei
Gian-Luca Frei
OWASP Application Security Verification Standard (ASVS) Flagship Project
Andrew van der Stock
Andrew van der Stock
Jim Manico
Jim Manico
OWASP CSRFGuard Flagship Project
Azzeddine Ramrami
Azzeddine Ramrami
Albert-Tóth István
Albert-Tóth István
OWASP Cheat Sheet Series Flagship Project
Jim Manico
Jim Manico
OWASP Cloud-Native Application Security Top 10 Flagship Project
Ron Vider
Ron Vider
OWASP Cyclone DX Flagship Project
Patrick Dwyer
Patrick Dwyer
Steve Springett
Steve Springett
OWASP DefectDojo Flagship Project
Matt Tesauro
Matt Tesauro
Aaron Weaver
Aaron Weaver
OWASP Dependency Track Flagship Project
Steve Springett
Steve Springett
OWASP Dependency-Check Flagship Project
Jeremy Long
Jeremy Long
OWASP ESAPI – A Retrospective: The Good, the Bad, & the Ugly
Kevin Wall
Kevin Wall
OWASP Juice Shop Flagship Project
Björn Kimminich
Björn Kimminich
OWASP Mobile Security Testing Guide Flagship Project
Carlos Holguera
Carlos Holguera
Sven Schleier
Sven Schleier
OWASP ModSecurity Core Rule Set Flagship Project
Christian Folini
Christian Folini
OWASP Nettacker Project
Sam Stepanyan
Sam Stepanyan
OWASP OWTF Flagship Project
Saurabh Nandedkar
Saurabh Nandedkar
OWASP Security Knowledge Framework Flagship Project
Glenn ten Cate
Glenn ten Cate
Riccardo ten Cate
Riccardo ten Cate
OWASP Security Shepard Flagship Project
Sean Duggan
Sean Duggan
OWASP Software Assurance Maturity Model (SAMM) Flagship Project
Seba Deleersnyder
Seba Deleersnyder
Bart De Win
Bart De Win
OWASP Top 10 Flagship Project
Andrew van der Stock
Andrew van der Stock
OWASP Top 10 Privacy Risks 2021
Florian Stahl
Florian Stahl
OWASP Web Security Testing Guide Flagship Project
Matteo Meucci
Matteo Meucci
OWASP ZAP Flagship Project
Simon Bennetts
Simon Bennetts
Objects In The Rear View Mirror Are Closer Than They Appear
Erez Yalon
Erez Yalon
Over 20 Years of SQL Injection Attacks in the Wild - Time to Refine and Optimize Web Attack Detection by Using Data Mining Techniques
Or Katz
Or Katz
Post-DevOps, what should we shift-left?
Riotaro OKADA
Riotaro OKADA
Preventing an OWASP Top 10 in the world of AI
Aaron Ansari
Aaron Ansari
Purple Teaming with OWASP Purpleteam
Kim Carter
Kim Carter
React Native Security. Addressing typical mistakes
Julia Potapenko
Julia Potapenko
Redefining Threat Modeling: Security team goes on vacation
Jeevan Singh
Jeevan Singh
Rough Consensus - An OWASP Story
Guest Speaker Jeff Williams
Guest Speaker Jeff Williams
Running a local Chapter
Serge Borso
Serge Borso
Scaling AppSec through Education
Grant Ongers
Grant Ongers
Security As Code - The New Model Of Achieving Security At Scale
Guest Speaker Dr. Chenxi Wang
Guest Speaker Dr. Chenxi Wang
Security Chaos Engineering - Turning the Tide in the War on Uncertainty in Cyber Security
Guest Speaker Aaron Rinehart
Guest Speaker Aaron Rinehart
Security Metrics: Protecting Our Digital Assets of the Future
Caroline Wong
Caroline Wong
Security begins with secure development environments
Steven Coochin
Steven Coochin
Vandana Verama
Vandana Verama
Software Security Engineering (Learnings from the past to fix the future)
Debasis Mohanty
Debasis Mohanty
Stop the looters: a method to detect digital skimming attacks
Nikolaos Alexiou
Nikolaos Alexiou
The future is simple
Rob van der Veer
Rob van der Veer
Spyros Gasteratos
Spyros Gasteratos
The future of Dev[Sec]Ops transformation
Guest Speaker Larry Maccherone
Guest Speaker Larry Maccherone
The making of the OWASP Top 10 and beyond
Brian Glas
Brian Glas
These are the Vulns You are Looking For: AppSec Champions & Jedi Mind Tricks
John Dickson
John Dickson
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security
Guest Speaker Dan Cornell
Guest Speaker Dan Cornell
Top 10 Challenges for DevSecOps
Gary Robinson
Gary Robinson
Unlocking Mobile App Security Secrets
Jan Seredynski
Jan Seredynski
Using binary search algorithms for blind sql injection
Juan Pablo Quiñe Paz
Juan Pablo Quiñe Paz
What Shall We Do With a Vendor SBOM?
Guest Speaker Wendy Nather
Guest Speaker Wendy Nather
Your code might be secure, but what about your pipeline? Challenges of securing build/deployment environment.
Marcin Szydlowski
Marcin Szydlowski
Your company, as a Knowledge Graph - the foundation of cybersecurity’s future
Ovidiu Cical
Ovidiu Cical
vAPI : Vulnerable Adversely Programmed Interface (OWASP API Top 10)
Tushar Kulkarni
Tushar Kulkarni