- From Theory to Practice: Live OWASP Top 10 DemonstrationsKroger Blue Ash Technology Center, Blue Ash, OH
This meeting will be in-person! Thank you to Kroger for hosting at their Kroger Blue Ash Technology Center. For security, RSVP by 2 days prior to the meeting is required.
Sponsored by WWT
Join us for an interactive cybersecurity session where we'll move beyond theoretical discussions to hands-on exploitation of the OWASP Top 10 vulnerabilities. This live demonstration will showcase real-world attack techniques using industry-standard tools in a safe, controlled environment.
What You'll Learn
- Practical exploitation techniques for each OWASP Top 10 vulnerability category
- Professional penetration testing methodology using Burp Suite
- How attackers think and operate in real scenarios
- Defensive strategies from an attacker's perspective
Session Format
This will be a live, step-by-step walkthrough using WebGoat (a deliberately vulnerable application) and Burp Suite. Attendees will witness actual vulnerability exploitation, from initial discovery through successful compromise, with clear explanations of each technique.Audience
Perfect for security professionals, developers, and anyone looking to understand practical application security. No advanced penetration testing experience required - we'll explain each step clearly while demonstrating real attack scenarios.Takeaways
Attendees will leave with a practical understanding of how these vulnerabilities are exploited in the wild, plus a complete methodology guide for conducting their own ethical security testing.
Bring your laptops if you want to follow along with your own WebGoat instance!Approximate schedule:
4:00 - Doors open. Come for networking and refreshments!
4:15 - Presentation begins.
5:15 - Networking and refreshments resume!
6:00 EOE (End of Event) - The Dark Side of AI: Writing Insecure Apps in MinutesKroger Blue Ash Technology Center, Blue Ash, OH
This meeting will be in-person! Thank you to Kroger for hosting at their Kroger Blue Ash Technology Center. For security, RSVP by 2 days prior to the meeting is required.
Sponsored by Ox Security
AI is the ultimate accelerant for application development - it's power unmatched - but without balance and control, it can quickly ignite new risks, turning potential into destruction. Explore the tangible impact of AI-generated code in this session buy playing with fire - Using GPT-driven prompts, we'll build a fully functional application, and in real time, we'll uncover how common security flaws like SQL injection, cross-site scripting, and weak authentication can manifest in AI-generated code.
Through hands-on exploration, we'll walk through the potential impact of these vulnerabilities and how these risks could be avoided with secure coding practices, defined policies, developer guardrails, and thorough security audits and code review.
By the end of the session, you'll have a deep understanding of how to:
- Recognize and assess the risks AI introduces in your code.
- Implement secure coding practices and enforce security policies.
- Integrate security audits, code reviews, and testing into your development workflow to ensure AI-generated code is safe for production.
This session is vendor agnostic and designed to empower you to reap the benefits of AI without sacrificing security.
Approximate schedule:
4:00 - Doors open. Come for networking and refreshments!
4:15 - Presentation begins.
5:15 - Networking and refreshments resume!
6:00 EOE (End of Event)
