Part of OWASP® Foundation - 234 groups

Indianapolis OWASP Chapter

Name: OWASP Meeting
Start: 2025-09-09T23:00:00.000Z
End: 2025-09-10T01:00:00.000Z
Location: Guidepoint

4.8

92 ratings

Indianapolis, IN, US

648 members · Public group

Organized by OWASP® Foundation and 4 others

What we’re about

The Open Worldwide Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. Our programming includes:

Community-led open source projects including code, documentation, and standards
Over 250+ local chapters worldwide
Tens of thousands of members
Industry-leading educational and training conferences

We are an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of our projects, tools, documents, forums, and chapters are free and open to anyone interested in improving application security. The OWASP Foundation launched on December 1st, 2001, becoming incorporated as a United States non-profit charity on April 21, 2004.

The Indianapolis chapter is a group of security and software development professionals that have an interest in learning about web application security in a casual environment.

We meet quarterly.

Featured event

Tue, Sep 9, 2025, 7:00 PM EDTOWASP Meeting

Guidepoint, Fishers, IN

Topic 1
Secure Vibe Coding: 5 Key Lessons
AI coding assistants like Cursor, Copilot, and Windsurf significantly increase productivity and assist with mundane coding tasks. But while powerful, these tools carry risks: trained on vast public datasets, they inherit bad patterns without necessarily ensuring secure application development. In this talk, we'll share five key lessons for security engineers and developers to improve code security:

Implement guardrails
Get real-time security signal
Watch your dependency blast radius
Compensate for non-determinism
Invest in prompt engineering

Bio:
Nate Michalov is a seasoned application security professional with over 12 years of diverse experience. Throughout his career, Nate has contributed to organizations such as Endor Labs, Apiiro, Snyk, Veracode, and Annkissam, where he has focused on securing digital ecosystems while aligning technological strategies with business objectives. In various roles including customer success architect, senior sales engineer, and senior SAST specialist, Nate has consistently tackled complex challenges at the intersection of business and technology. Known for his collaborative approach and dedication to staying informed about emerging trends, Nate is recognized as a trusted advisor in promoting innovation and resilience in application security.

Topic 2
Title: From the Engineering Trenches: What Every CISO Needs to Know About AI Development

Abstract:
After leading our engineering team through the AI development transformation, from the introduction of the first copilot version to today's autonomous agents, I've learned that the most dangerous security risks are the ones created by well-intentioned security policies and practices that don't match AI development realities. This presentation walks through critical milestones where engineering and security are either aligned for success or misaligned for chaos. You'll learn how to spot the warning signs of engineering-security friction, practical approaches for building security that works at AI-enabled development speed, and why the engineering teams that partner best with security are the ones moving fastest with AI.

Bio:
Leading tech innovator David Hafley, Head of Engineering at Pixee, blends leadership with tech expertise. Known for shaping global engineering teams, he champions large language models at Pixee, driving content and vulnerability solutions. Prior roles include Chief Product Officer at Dyknow, VP of Engineering at Contrast Security, and varied leadership roles from AWS environments to DevOps culture building. A seasoned speaker, David Hafley brings a wealth of knowledge to the Python conference stage, connecting tech, leadership, and the Python community.