OWASP Frankfurt

Hello everyone, we're excited to invite you to the OWASP Frankfurt Chapter Meetup #72!
Our OWASP Chapter serves central Germany, particularly within the Rhine-Main (Hesse) region, as a platform to discuss and share information on application security topics.
Anyone interested and enthusiastic about application security or security in general is welcome. All meetings are free and open. You do not have to be an OWASP member to attend our event.

What are we going to talk about?

• Title to be announced: We are excited to welcome Alexander Steinbrecher, Cyber Security Specialist at DZ BANK AG and Patrick Eisenschmidt, Red Team Manager / TIBER-TLPT Lead at NVISO Security.
• Let's talk vulnerabilities in plain sight by vin01: For our second talk we are welcoming vin01, an independent security researcher. He will be talking about vulnerabilities and security risks hiding in plain sight. Also, let's try to figure out how secure is the web infrastructure used by our governments, universities and small businesses? All through publicly available data.

Socializing Opportunities: There will be plenty of time to socialize before and after the event.

Afterwards? We will begin and conclude the evening with the opportunity to socialize at the venue with free food and both cold & hot drinks.

When? Our Meetup takes place on 31.07.2025 from 18.00 to 22.00 o'clock CEST.

Where? The event will be held at codecentric AG, located at Lise-Meitner-Straße 4, 60486 Frankfurt am Main, Germany.

Hello everyone, we're excited to invite you to the OWASP Frankfurt Chapter Meetup #73!

Our OWASP Chapter serves central Germany, particularly within the Rhine-Main (Hesse) region, as a platform to discuss and share information on application security topics. Anyone interested and enthusiastic about application security or security in general is welcome. All meetings are free and open. You do not have to be an OWASP member to attend our event.

What are we going to do?

• We’re excited to welcome Javan Rasokat for a 2-hour hands-on OWASP workshop that tackles the challenges of modern web security – moving from reactive patching to proactive prevention.

IMPORTANT NOTE: As this is a hands-on workshop, you'll be expected to bring along a laptop with a pre-configured environment (nodeJS or Docker) and a code editor of your choice (see further information below).

In this interactive session, you’ll explore how to eliminate entire classes of web vulnerabilities using modern browser security features such as:

• Content Security Policy Level 3 (CSPv3)
• Trusted Types
• Sec-Fetch Metadata

Through group-based, hands-on exercises using a pre-secured demo application, you’ll test real-world security features, analyze their effectiveness, and learn how to enforce them at scale across your own environments. This workshop is designed to be language-agnostic and accessible – whether you're a developer, security engineer, or architect.

What To Bring?

• A laptop capable of running either a NodeJS-based web app or a Docker container
• A code editor of your choice
• Note: No programming knowledge is needed.

Socializing Opportunities: There will be plenty of time to socialize before and after the event.

Afterwards?
We will begin and conclude the evening with the opportunity to socialize at the venue with free food and both cold & hot drinks.

When?
Our Meetup takes place on 24.09.2025 from 18.00 to 21.00 o'clock CEST.

Where? The event will be held at usg AG, located at Frankfurter Str. 233/Haus c1, 63263 Neu-Isenburg, Germany.