What we’re about
OWASP London Chapter
OWASP (The Open Worldwide Application Security Project) is a worldwide not-for-profit organisation focused on improving the security of software. With over 250 local Chapters worldwide and 110,000+ volunteers OWASP's open community is dedicated to enabling organisations and individuals to develop and maintain applications that can be trusted. OWASP's meet-ups, tools, standards, guidelines, documents and forums are free and open to anyone interested in improving application security.
Visit OWASP London webpage here: https://www.owasp.org/london
Follow us on Twitter: https://twitter.com/OWASPLondon
Follow us on LinkedIN: https://www.linkedin.com/company/owasplondon
"Like" us on Facebook: https://www.facebook.com/OWASPLondon
Watch recordings of talks presented at our events on our YouTube channel: https://www.youtube.com/OWASPLondon
^Please subscribe to our YouTube channel to get notified when the latest video recordings of our talks get published.
We are also on Slack: https://owasp.slack.com #chapter-london channel (for Slack invites visit: http://owaspslack.com/.))
We also have a mailing list, sign-up here: https://groups.google.com/a/owasp.org/forum/#!forum/london-chapter/join
We usually run 7-10 events per year: meet-ups ("Chapter Meetings"), Capture The Flag (CTF) tournaments, Hackathons, workshops and hacking/cyber-security themed pub quizzes.
Please note that while we do advertise our meetups here on Meetup[.]com due to the Meetup platform limitation we do not use the Meetup's RSVP system and instead use Eventbrite for free tickets and registration to attend our events. If you have an account on EventBrite you can follow us there as well: https://owasplondon.eventbrite.co.uk/
You don't have to be an OWASP member to attend any of our meetups or CTFs - they are free and open to everyone interested in Application Security, booking is required.
There is a paid membership, which is a donation to the OWASP Foundation - it gives you discounts on many cyber-security conferences around the world, voting rights, @owasp.org email address and many other benefits like free access to paid training platforms. Join OWASP Global Foundation as a paid member here: https://www.owasp.org/index.php/Membership
Upcoming events (1)
See all- OWASP London Chapter Meetup [IN-PERSON]Just Eat, London
This event is kindly sponsored and hosted by JustEat. There is limited seating available for in-person attendees. Registration required. Please note that all our events are live-streamed on YouTube for the online audience. Recordings will be available on the OWASP London YouTube channel.
Venue Location: JustEat, Fleet Place House, 2 Fleet Pl, London, EC4M 7RF (note: the entrance is directly opposite Starbucks front doors)
Nearest Tube Station: St. Pauls (Central Line) - 6 mins walk
Doors Open at 6pm for registration, food, drinks and networking. The talks start at 6:30pm (we start on time).TALKS
OWASP Introduction, Welcome and News - Sam Stepanyan, Sherif Mansour and Andra Lezza
Welcome and a brief update on OWASP Projects & upcoming OWASP Conferences from the OWASP London Chapter Leaders"A Data-Led Approach to Cybersecurity" - Disha Mukherjee
Come along on a journey as we explore the transformative power of big data in the realm of cybersecurity. We'll dive into the data deluge, the might of data analytics in sniffing out threats, and the crucial role of real-time monitoring. Learn how a data-focused approach to security can revolutionize your defenses, from harnessing advanced analytics to envisioning the future of AI in cybersecurity. Get set to unlock the potential of big data in strengthening your systems and reducing risks. Together, let's boost security with data and chart a path towards enhanced protection against ever-evolving cyber threats."How To Write Insecure Code and Other Stories" - Shruti Kulkarni
We live in a "speed-to-market" era. Including security controls in applications sometimes may be considered an overhead. However, if security controls are not added to applications during development, it may be challenging to add them later on. In this presentation, we will see how code can be written insecurely and really how simple it is to include the required security controls in the application."DevSecOps Worst Practices" - Tanya Janca
Quite often when we read best practices we are told ‘what’ to do, but not the ‘why’. When we are told to ensure there are no false positives in the pipeline, the reason seems obvious, but not every part of DevOps is that intuitive, and not all ‘best practices’ make sense on first blush. Let’s explore tried, tested, and failed methods, and then flip them on their head, so we know not only what to do to avoid them, but also why it is important to do so, with these DevSecOps WORST practices.SPEAKERS
Disha Mukherjee (@DishaMukherjee)
Disha is a Data Engineer on the Information Security Team at Just Eat Takeaway. Her job is all about designing, developing, and maintaining efficient data pipelines that help us make informed decisions about all things security-related.Shruti Kulkarni (@shruti-s-kulkarni)
Shruti is a cyber security / enterprise security architect with experience in ISO27001, PCI-DSS, policies, standards, security tools, threat modelling, risk assessments. Shruti works on security strategies and collaborates with cross-functional groups to implement information security controls in software development life-cycle, service operations, service delivery such that security controls support business requirements.Tanya Janca (@shehackspurple)
Tanya Janca, also known as SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security’. She is also the founder of "We Hack Purple", an online learning community that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty five years, won countless awards, and has been everywhere from public service to tech giants, writing software, leading communities, founding companies and ‘securing all the things’. She is an award-winning public speaker, active blogger & podcaster and has delivered hundreds of talks on 6 continents. Tanya values diversity, inclusion, and kindness, which shines through in her countless initiatives. Advisor: Nord VPN, Aiya Corp Faculty: IANs ResearchFounder: We Hack Purple, OWASP DevSlop, #CyberMentoringMonday, WoSECTICKETS
This event is free to attend for both members and non-members of OWASP and is open to anyone interested in web application and cyber security. Please note that you MUST book your place to be admitted to the event by the building security - your name will be checked against the guest list.CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. OWASP Code Of Conduct: https://owasp.org/www-policy/operational/code-of-conductNot open
![OWASP London Chapter Meetup [IN-PERSON] cover photo](https://secure.meetupstatic.com/photos/event/6/5/9/d/event_518306013.webp "OWASP London Chapter Meetup [IN-PERSON]")
