What we're about

OWASP Orange County Chapter. The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

Support your Orange County Chapter: only $50 for the entire year!

Become an OWASP Member TODAY (https://www.owasp.org/index.php/Membership)

Upcoming events (3)

OWASP OC April meeting: Keeping Hacks Away from Your Hacked-Together App

Speaker: James Shewmaker, President, BLUEN0TCH Topic: Keeping Hacks Away from Your Hacked-Together App Abstract: The real word is ripe with kludgy systems. Scripts are the duct tape of the digital world—useful but not resilient. James will speak about security issues encountered during development of the Bunker011 Hacking Game Project: script security, REST shims, and "breakable" modules. Consider the fact that your application will be hacked; make it hackable in a specific way—for easy recovery. Speaker Bio: James Shewmaker is the founder and principal consultant at Bluenotch Corporation, Long Beach, California, which provides customized security services focusing on investigations, penetration testing, and analysis. James authored and maintains the post-exploitation content in the SANS Security 660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking course. Before becoming a SANS Certified Instructor in 2009, his creative technical work led him on many adventures, including "The Great Translator Invasion of 2003". James led the development and operations for NetWars as a US Cyber Challenge game in June 2009. He is currently developing an independent cyber challenge, Bunker011, and is involved in the US Cyber Challenge as an instructor at Cyber Camps. James regularly teaches a Tactical Offense and Defense day at SANS Security events. Schedule: 6:00pm Food, Drinks & Networking 6:40pm Presentation (followed by Q&A) A raffle will be held at the end of the meeting for OWASP swag and a free conference pass to the AppSec Cali 2020 conference. You must be present to win.

OWASPOC May mtg: CMD+CTRL WebApp Capture The Flag Hackathon, Training, Mentoring

OWASP OC is collaborating with Security Innovation to create an interactive meetup where individuals will have a chance to learn about and apply real application security concepts using Security Innovation's CMD+CTRL capture the flag platform. Information on CMD+CTRL * Unique in the industry, CMD+CTRL is an immersive and fun learning environment where you will exploit your way through hundreds of vulnerabilities that lurk in business applications today – and learn quickly that attack and defense are about thinking on your feet. Unlike gamification that mimics how an application should respond, CMD+CTRL comprises real websites, traffic, technologies, and vulnerabilities that represent actual application behavior. This unmatched realism brings the immediate gratification and long-term memory benefits of “learning by doing" that teams need in order to protect the enterprise. Security Innovation Will Provide * Experts to lead attendees through this training session and hackathon which will introduce participants to core security concepts and provide insight into how hackers break into a web site leveraging common vulnerabilities, insecure practices and more! This workshop is ideal for all skill levels – beginner to advanced. * CMD+CTRL platform: a fully-featured Shadow Bank financial application to practice situational awareness like an attacker. Participants Will Need * A laptop to connect to our CMD+CTRL website…and your evil streak! BurpSuite or Zap are optional, for those already familiar with them. Schedule: 5:30 - 6:00 - Networking & dinner 6:00 - 6:15 - Welcome and Kickoff/Intro to CMD+CTRL – How to Think Like an Attacker 6:15 - 6:45 - Hack Away! 6:45 - 7:00 - Learning Lab #1 – SQL Injection 7:00 - 7:30 - More Hacking! 7:30 - 7:45 - Learning Lab #2 -- Cross-Site Scripting 7:45 - 8:30 - Final Hacking Time! 8:30 - 9:00 - Wrap-up, Q&A, and Announce Winners, Prizes

PeopleSpace OC User Groups Summer Bash 2018


PeopleSpace OC User Group Summer Bash 2019. EVENTBRITE REGISTRATION: https://ocug-summerbash-2019.eventbrite.com/ Our OC Tech User Groups at PeopleSpace is OC's biggest technology meetup collaboration event. We're celebrating SUMMER with food, drinks and raffle prizes. The magic happens everywhere in between. Come join us, have a good time and kick off the Summer Season with a BASH! This is a joint group effort by the following meetup groups: OWASP OC Open Web Application Security Project OCJUG Orange County Java User Group OC Android Developers Orange County Android PeopleSpaceOC PeopleSpace: OC Tech Hub OCRUG Orange County R User Group OC Python AI & Analytics Applied Artificial Intelligence and Analytics OC Deep Learning R Ladies Irvine This event is free to the community. Come together and network, win some prizes and have a few drinks! We will be serving Summer foods, beers/wine, water, juice, soda & more. Watch the video of Summer Bash 2018: https://youtu.be/HTfj2PFv1yY EVENT SPONSORS, AND PARTNERS We are grateful for the support of local community partners without whom this event would not be possible. BE A SPONSOR! Sponsorship is a critical part of this event. Without which, it is difficult for us to serve the tech community and our members. Thank you for your consideration! BENEFITS: - Get your logo with preferred hyperlink on all User Group event pages - 2 minutes to speak about your product or service during announcements and thank you mention at the end of the event. - 6 ft Table booth during the event - Distribution of any swag or merchandise Please email [masked] for further details. Yes, PeopleSpace is a 501(c)(3)! Our EIN is[masked]. Your gift is tax deductible to the full extent provided by law, less the fair market value of any substantial gifts chosen at the time of your donation.

Photos (184)