OWASP London Chapter Meetup

This event is kindly hosted by Civo Tech Junction and sponsored by Endor Labs . There is limited seating available for in-person attendees. Registration required.
This event will be live-streamed on YouTube.
Recordings will be available on the OWASP London YouTube channel.

Venue Location: Civo Tech Junction, First Floor, 32-37 Cowper Street, London, EC2A 4AW
Nearest Tube: Old Street (Northern Line), Cowper Street exit - 1 min walk
Doors Open at 6pm for registration, pizza, drinks and networking. The talks start at 6:30pm (we start on time!).

TALKS:

OWASP Introduction, Welcome and News - Sam Stepanyan, Andra Lezza, Sherif Mansour - OWASP London Chapter Leaders

"Attacks on Open Source Supply Chains: How Hackers Poison the Well" - Henrik Plate

The ubiquitous use of open source during software development makes it an interesting and valuable target for software supply chain attacks, where
attackers inject malicious code in upstream open source projects such that it is executed by software developers or end users down the line. This talk provides an overview about common attack vectors, illustrated by real-world examples, and sheds some light on countermeasures.

"Introducing the OWASP SocialOSINTLM Project" - Brenden Miller

SocialOSINTLM is a powerful Python-based tool designed for Open Source Intelligence (OSINT) gathering and analysis. It aggregates and analyzes user activity across multiple social media platforms, including Twitter / X, Reddit, Hacker News (via Algolia), Mastodon and Bluesky. Leveraging AI through the OpenRouter API, it provides comprehensive insights into user engagement, content themes, behavioral patterns, and media content analysis.

"Using LLMs To Accelerate Threat Detection" - Richard Finlay Tweed

Inventing good detections is hard, using them with your SIEM (Security information and event management system) is even harder. That's where Large Language Models (LLMs) come in. This talk will describe how to use your existing runbooks, and experience, to improve your threat detection coverage

RAFFLE - win a prize kindly donated by our sponsors!

SPEAKERS

Henrik Plate

Henrik Plate is the principal security researcher at Endor Labs. He formerly worked for SAP Security Research, where he established and led the focus topic “Open Source Security” starting 2014. He co-authored academic papers on this topic, presented at academic and industry conferences like the RSA, and started several open source projects in this space. He earned his PhD in 2024 from the University of Rennes, France, with a thesis titled “On the Security Risks of Open Source Consumption”, and holds a CISSP certification

Brenden Miller

Brenden Miller is a Cyber Security Consultant at Accenture UK & Ireland. He brings over 20 years of technical experience working internationally, evolving through roles in systems administration, SRE, and cloud engineering. His interest in data and AI applications led to the creation of SocialOSINTLM, a tool applying AI and NLP to social media open-source intelligence.

Richard Finlay Tweed

Richard Tweed is a Kubernetes specialist at Tessl. Over the last five years he has been ensuring security, scalability and compliance across all major Kubernetes cloud platforms. He's also the lead maintainer of kube-audit-rest.

TICKETS:

OWASP meetups are free and open to anyone interested in application security. Please note that you MUST book your place to be admitted to the event by the building security.

CODE OF CONDUCT:

We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. OWASP Code Of Conduct: https://owasp.org/www-policy/operational/code-of-conduct