OWASP London Chapter Meetup [In-Person]

This event is kindly hosted at Aon by LevelBlue Cyber Solutions and sponsored by SecureFlag. There is limited seating available for in-person attendees. Registration required.
This event will be live-streamed on YouTube.
Recordings will be available on the OWASP London YouTube channel.

Venue Location: Aon/LevelBlue, The Leadenhall Building, 122 Leadenhall Street, London EC3V 4AN
Nearest Tubes: Bank (6 minute walk), Liverpool Street (7 minute walk), Aldgate (7 minute walk)
Doors Open at 6pm for registration, pizza, drinks and networking. The talks start at 6:30pm (we start on time!).

TALKS:

OWASP Introduction, Welcome and News - Sam Stepanyan, Andra Lezza, Sherif Mansour - OWASP London Chapter Leaders

"Protecting your Generative AI App from the Five Deadly Risks - STOIC Security" - Jeff Watkins

Generative AI offers incredible opportunities, but comes with significant cybersecurity challenges. As adoption accelerates, so do the risks - data theft, model manipulation, poisoned training data, operational disruptions, and supply chain vulnerabilities.

"Scaling Threat Modeling with a Developer-Centric Approach" - Andrew Hainault & Andrea Scaduto

This talk introduces Rapid Developer-Driven Threat Modeling (RaD-TM), a lightweight, tool-agnostic approach designed for developers to embed threat modeling into the SDLC without relying on security experts. RaD-TM focuses on targeted assessments of specific functionalities rather than application-wide models, enabling iterative and efficient risk mitigation.

RAFFLE - win a prize kindly donated by our sponsors!

SPEAKERS:

Jeff Watkins

Jeff Watkins is Chief Technology Officer at CreateFuture, where he leads AI strategy, engineering, and cloud to deliver secure, human-centred digital products for global brands. A veteran technologist with over 25 years’ experience across financial services, healthcare, and retail, he is a recognised leader in cybersecurity and AI, championing “secure-by-design” practices for generative AI. A sought-after keynote speaker, Jeff has headlined international conferences including Webinale, AppDevCon, and the International JavaScript Conference. He co-hosts the award-winning “Compromising Positions” podcast and contributes regularly to publications such as Wired, Forbes, and Raconteur. His mission is clear: to build technology that elevates people.

Andrew Hainault

Andrew has over 25 years’ experience working in Information Security, Information Technology and Software Engineering, for public and private sector organisations in many sectors - including financial services / fintech, energy utilities, media, entertainment and insurance. With extensive application security and software engineering experience, Andrew has delivered secure SDLC programmes and penetration testing projects. He has designed and overseen information security programmes, enterprise-level cyber risk and incident response readiness assessments, as well as delivering board-level training.
After beginning his career at Capgemini, Andrew worked at Cassini Division before running his own consultancy. He joined Gotham Digital Science in 2014 and then Aon in 2016 after its acquisition of Stroz Friedberg. He has led the Security Advisory Practice in UK & EMEA within Aon since 2019(and is now at LevelBlue).

Andrea Scaduto

With a strong foundation in cybersecurity, Andrea holds an MSc in Computer Engineering, multiple IT Security certifications, and more than a decade of industry experience. His expertise spans breaking, building, and securing web, mobile, and cloud applications, with extensive knowledge of secure coding techniques aimed at reducing the cost of fixing vulnerabilities at scale.

TICKETS:

OWASP meetups are free and open to anyone interested in application security. Please note that you MUST book your place to be admitted to the event by the building security. Your name will be checked against the guest list and a photo ID might be required.

CODE OF CONDUCT:

We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. OWASP Code Of Conduct: https://owasp.org/www-policy/operational/code-of-conduct