OWASP Birmingham, UK Chapter. Free to join, open to all.
We meet each quarter in central Birmingham to make connections in Cyber Security in the West Midlands. Join us to meet, network, share and discuss cybersecurity and information security. Hear great talks from experts in the field on a variety of relevant topics.
Join us virtually for two great infosec talks on the subject of DevSecOps, and security testing!
One of talks will focus on the culture of developing security good practices across an organisation, whilst the second talk will be about an talk about a free, open-source program analysis toolkit which finds bugs using custom analysis.
“Detect complex code patterns using semantic grep”
Yoann Padioleau is a software engineer at r2c, and the main author of Semgrep. Yoann started the AppSec, Test Engineering, and Program Analysis teams at Facebook.
We’ll discuss a free open-source program analysis tool we’re developing called Semgrep. It's a multilingual semantic tool for writing security and correctness queries on source code (for Python, Java, Go, C, and JS) with a simple “grep-like” interface. Semgrep is ideal for security researchers, product security engineers, and developers who want to find complex code patterns without extensive knowledge of ASTs or advanced program analysis concepts.
“Being secure by default”
Dan Abel has spent 25 years as a software engineer and technical leader. He works as a principal engineer for Tes Global.
Security initiatives rarely start with trust. Most endeavours push delivery teams out of ownership or expect them to work it out for themselves. This becomes a barrier to safe delivery rather than empowering and assisting. There is a gap between ‘ad hoc’ and ‘gatekeeper’ security that joins together autonomy and safety. We want to tell you how we have changed our culture and built confidence in security practices with a culture of collaboration across our organisation.
See you (virtually) all there. Can't wait.
Nathan + Jim