Skip to content

Details

NOTE: IN-PERSON EVENT

Speaker 1: Brandon Soroudi, Visiting fellow at National Security Institute
https://nationalsecurity.gmu.edu/

Topic: Disinformation is the malware of a free society
Abstract:
The future of information security is not protecting networks or endpoints. A new and unique security condition has emerged that has no IOC’s or TTP’s. However, it is arguably the most dangerous of all emerging threats. If exploited, it can alter elections, destabilize governments, and bring a swift end to truth and the institutions that rely on truth. The future of information security is detecting and preventing the spread of disinformation, but does the security community have the tools and framework to do it?

Speaker 2: Haral Tsitsivas, Principal Product Security Engineer, Arlo Techologies

Topic: OWASP Top 10 2021
Abstract:
The OWASP Top Ten is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications. In this talk we'll look at the changes between the previous version of 2017 and the 2021 version. For the Top Ten 2021, the team calculated average exploit and impact scores in the following manner. We grouped all the CVEs with CVSS scores by CWE and weighted both exploit and impact scored by the percentage of the population that had CVSSv3 + the remaining population of CVSSv2 scores to get an overall average. We mapped these averages to the CWEs in the dataset to use as Exploit and (Technical) Impact scoring for the other half of the risk equation.

Schedule:
6:00pm - 6:30pm Networking, Food & Drink
6:30pm - 6:35pm Welcome and Introduction
6:35pm - 7:15pm Presentation 1
7:15pm - 8:00pm Presentation 2
8:00 pm Raffle for Planet Cyber Sec tickets

### Code of Conduct

We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy

### Sponsorship

Vendors who are interested in sponsoring OWASP OC monthly meetings, please send an email to orange-county-leaders@owasp.org

Events in Irvine, CA
Cloud Security
Cybersecurity
Network Security
OWASP
Hacking

Sponsors

Sponsor logo
Become an OWASP-OC Meeting Supporter
Become a meeting supporter by donating $1200 to the chapter.
Sponsor logo
Google Cloud Security
Meeting Venue Sponsor: Make Google part of your security team
Sponsor logo
PeopleSpace
Meetup Supporter: A tech startup community fostering startups.
Sponsor logo
Synopsys
Meeting &Streaming Supporter: helping customers build trust in software.
Sponsor logo
Security Innovation
Meeting Supporter: Training that goes beyond the code.
Sponsor logo
Contrast Security
Meeting Supporter: Comprehensive Security Observability for Software
Sponsor logo
ShiftLeft
Meeting Supporter: Release secure code at scale.
Sponsor logo
Endor Labs
Meeting Supporter: Use open source without drowning in security noise
Sponsor logo
Qwiet AI
Meeting supporter: On a mission to change the world of security

Members are also interested in