November Meetup
Details
Join us for the upcoming November Bay Area OWASP meetup, proudly sponsored by Delve.co
Experience an evening of insightful security discussions, vibrant community networking, and engaging conversations — all complemented by delicious food and drinks, courtesy of our sponsor, Delve.co
5:00 PM : Doors open, Networking, food and drinks
5.30 PM :- Chapter introductions
5.45-6.30 PM :- GRC Engineering with AI tools
6.30-7.15 PM :- Core AI Concepts that Every Security Engineer Needs to Know
7.15-8.00 PM :- Zero Trust for Developer Secrets: Building a Multi-Layered Defense Against Credential Leakage"
Talk #1 GRC Engineering with AI flows
Description: The talk will be about integrating AI in GRC workflows. I’ll talk about the evolution of GRC automation and why AI is a helpful tool. I’ll talk about an example implementation of automated control testing using in a GRC platform. I’ll talk about prompt engineering and how to make api prompts dynamically. I’ll also touch on the basic genai use cases for risk management analysis and typical use cases for analyzing code bases to identify scope
Speaker: Miguel Horta GRC engineer at Ripple
Talk #2
Description: AI is reshaping the world of security — but for many engineers, it still feels like magic. This talk is all about opening that black box. We’ll break down the core AI concepts every security professional should understand, including embeddings, vector databases, model training, fine-tuning, RAG, MCP, and agents. Along the way, we’ll connect these ideas to real-world security implications and discuss why understanding how AI works is essential to protecting it. Because at the end of the day, you can’t secure what you don’t understand.
Speaker: Oguzhan Topgul has over 15 years of experience in web and mobile application security testing, malware analysis, threat hunting, and incident response. He currently leads the Security Engineering team at Fortinet, where he focuses on building secure systems and enabling resilient security practices. In addition to his role at Fortinet, Oguzhan teaches the Exploring New Horizons in Cybersecurity course at the University at Albany New York. A strong believer in community and collaboration, he has been organizing the Silicon Valley Cybersecurity Meetup since 2018 and actively volunteers at various industry events to share knowledge and connect with fellow professionals.
Talk 3# Zero Trust for Developer Secrets: Building a Multi-Layered Defense Against Credential Leakage
Description: As organizations increasingly work with blockchain technologies and sensitive credentials, preventing secrets from leaking into version control becomes critical. This talk presents a comprehensive approach to secrets management across 100+ developers: deploying pre-commit hooks via MDM, mass-configuring gitleaks across repositories, implementing server-side enforcement, building automated compliance monitoring with Slack alerts, and migrating smart contract developers from plaintext .env files to Foundry encrypted keystores. Attendees will learn defense-in-depth strategies, see compliance automation techniques.
Speaker: Vinod Tiwari, Security architect for AI-blockchain infrastructure