OWASP Newcastle February meetup

OWASP Newcastle Chapter
OWASP Newcastle Chapter
Public group

Online event

This event has passed


This is an online only event. The stream will start around 1900.

Running order:

1900 - OWASP Newcastle Welcome
Talk one - Detect complex code patterns using semantic grep
5 minute break
Talk two - A glance at how GDPR fines risk breeding laziness in Cyber security Management

Talk overviews:

Our first event of 2021 and we’re back with two great talks.

Talk 1

Title: Detect complex code patterns using semantic grep

Speaker: Colleen Dai

Bio: Colleen Dai is a security software engineer at r2c, a startup working on building static analysis tools that focus on precision and being custom-fit to the consumer. At r2c, Colleen has worked on the language parsing along with AST matching. She is also writing rules to find security vulnerabilities in open source code. Colleen recently received her B.S. in Computer Science and M.S. in Statistics from Stanford. She regularly enjoys Brazilian Jiujitsu, drawing, and trying (and failing) not to eat everything in her fridge.

Description: We’ll discuss a program analysis tool we’re developing called Semgrep. It’s a multilingual semantic tool for writing security and correctness queries on source code (for Python, Java, Go, C, and JS) with a simple “grep-like” interface. The original author, Yoann Padioleau, worked on Semgrep’s predecessor, Coccinelle, for Linux kernel refactoring, and later developed Semgrep while at Facebook. He’s now full time with us at r2c.

Semgrep is a free open-source program analysis toolkit that finds bugs using custom analysis we’ve written and OSS code checks. Semgrep is ideal for security researchers, product security engineers, and developers who want to find complex code patterns without extensive knowledge of ASTs or advanced program analysis concepts.
Talk 2

Title: Wham, bam, thank you scam!

Speaker: Adam Pickering

Description: A glance at how GDPR fines risk breeding laziness in Cyber security Management

You can also join our Google Group which is how we'll be sending out emails to events and is also going to be used as a forum for discussion.