Hi all,

we'll have our next online event in two weeks. Presenting language will be English. It'll be something special for a number of reasons.

I am glad to have Sven Schleier and Carlos Holguera as a guest speaker at our OWASP Hamburg stammtisch. They'll present topics where OWASP in the past years made substantial impact: mobile application security. Sven and Carlos have been involved in many of the OWASP mobile security projects (https://owasp.org/www-project-mobile-security/) for a long time. Specifically they are project leads for OWASP MSTG and OWASP MASVS.

Sven is actually German but living in Singapore, Carlos is chiming in from Berlin. To make it less painful for Sven we settled on an unusual time slot. An occasion for Europeans to start into the weekend. :-)

TLDR:

Title: "Building Secure Mobile Apps - (You don’t have to learn it the hard way!)"
Speaker: Sven Schleier / Carlos Holguera
Location: Online
Start: 29th of January 2021, 4:00 pm
Beering/networking: Stick around afterwards if you like.

Abstract :

There are numerous ways of developing mobile apps today, but how do you ensure that security is part of the development process? What are the attacks I should be concerned about and what can I do to avoid being an easy target? The OWASP Mobile Security Testing Guide (MSTG) and Mobile AppSec Verification Standard (MASVS) are agile written books by a team of numerous contributors that describe the attack surface of mobile apps, how to exploit them and what you can do to protect your apps.

In this talk we will make a deep dive into both projects and then head off into some nice mobile hacking demos in both iOS and Android.

Want to secure your app? See you there!

How to participate

OWASP Hamburg Meetup members who RSVP'd for the event will see the Google Meet invite URL at the RHS and can join the video conference directly. I'll update the invite URL later. Please make sure you are muted by default.

Our OWASP "Stammtisch"

Our meeting is about web applications and their (in)security and/or about IT security in general. People come together who care as a hobby or in their job about information security: developers, managers, pentesters and everybody else who's interested. The atmosphere is open and relaxed. Who's coming to sell products or services: Move on, this is not the right place. OWASP is about education and sharing (mostly) technical information.

Feel free to forward our meetup URL to your colleagues or friends. They are welcome, too. Participation is free and open -- as the O in OWASP.

Cheers, Dirk