What we're about

We all write secure code all the time, right?

If your answer to this question is yes, don’t read further.

Still reading? Join this group for sharing knowledge, best practices and ideas on how to make our products/projects more secure. Anyone willing to share their knowledge with a talk or a workshop, please feel welcome! All levels welcome!

Upcoming events (1)

OAuth 2.1 and AppSec

Needs a location

Hi all,

after a long break, largely due to Covid, we have our next in-person meetup.

Philippe de Ryck is so kind to present two different talks on OAuth 2.1 and securing applications built with modern frameworks. Those who have attended his earlier presentation at our meetup or have been lucky to attend the conference co-organised by him know that his talks are simply great.

Schedule
18:00 Doors open

18:30 Tapas

18:45 AppSec is too hard!?

Looking at available tools and features, it is easy to conclude that AppSec is shooting for the moon. Modern frameworks build security in by default, and vulnerable technologies are replaced by more secure alternatives. But regardless of all these good intentions, we see the same vulnerabilities popping up over and over again. Are we just careless when building applications, or is AppSec too hard?

Throughout this talk, we review various cases where frameworks and libraries get in the way of security, paving the way for application-level vulnerabilities. With practical examples, we investigate more robust approaches to application security. The patterns we discuss will not only help you to improve the security of your applications but also make application security more manageable at scale.

19:40 Questions/Quick Break

19:45 Forget about OAuth 2.0. Here comes OAuth 2.1

If you’ve ever looked at OAuth 2.0, you may be less than excited to hear about yet another OAuth version. Fortunately, OAuth 2.1 is a logical progression from OAuth 2.0, which significantly reduces the complexity of the OAuth ecosystem.

In this session, you will learn about the differences between OAuth 2.0 and OAuth 2.1. We dive into concrete scenarios supported by OAuth 2.1 and how you can leverage them in your applications. By the end of this session, you will have a clear idea of what OAuth 2.1 entails and how to follow current best practices to build a secure application architecture.

20:30 Drinks/Questions

20:50 End of the Event

Dr. Philippe De Ryck

Web Security Expert, Founder of Pragmatic Web Security

Philippe De Ryck helps developers protect companies through better web security. His Ph.D. in web security from KU Leuven lies at the basis of his exceptional knowledge of the security landscape. As the founder of Pragmatic Web Security, Philippe delivers security training and security consulting to companies worldwide. His online course platform allows anyone to learn complex security topics at their own pace. Philippe is a Google Developer Expert and an Auth0 Ambassador for his community contributions on the security of web applications and APIs.

Past events (8)

Security in and with AWS

Needs a location

Photos (26)