About us
We are the Manchester, UK chapter of OWASP
We're looking at putting on exciting events that range all across the security space - from soft skills & ways of working to innovative white papers - all coming from the people & companies based in and around Manchester
Are you passionate about a security topic?
Do you want to speak at a future event?
Submit your interest here - https://forms.gle/zcm9bVNhgDixe8Gq5
Does your company want to sponsor a venue and/or refreshments for a future event?
Email Paul - paul.johnston@owasp.org
---------------------------
The Open Worldwide Application Security Project (OWASP®) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible so that individuals and organizations can make informed decisions. OWASP is uniquely positioned to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies, and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security.
Upcoming events
2
Secure the Flag!!
CoalFire, CoalFire, City Tower, New York Street, Manchester M1 4BT, Manchester, GBThis summer OWASP Manchester is joining forces with SecureFlag to bring you a summertime capture the flag tournament
-------------------------
All attendees will need to bring their own laptop in order to participate in the capture the flag activities.
-------------------------
SecureFlag’s Secure-The-Flag tournaments transform security training from passive lectures
into an interactive, social event. Engineers compete to solve hands-on coding labs in a
time-bound challenge session.Participants work inside fully provisioned hands-on development environments. They identify
vulnerabilities in running applications, then write and submit fixes that must pass both security
and functional tests. A live leaderboard tracks progress in real time, and the top three
performers win gifts from SecureFlag & our sponsor Anaplan.Special thank you to SecureFlag for creating this host the CTF & all the background to make it a success
-------------------------
Due to a corporate policy from the venue sponsor, to get into the venue & up to the event, you will need to register with your full name when signing up to the event AND show photo ID when checking in to the event on the night.
As we're still dealing with a large number of no-shows, if you don't attend without releasing your ticket, we may remove you from future events.
-------------------------
Agenda:
6:00 - Open doors & networking & drinks
6:15 - Introduction & Kickoff
6:30 - Tournament begins
8:30 - Tournament wraps up & prizes announced
9:00 - Vacate venue -> to the pub for more socialising
-------------------------
SPONSORS (Thank you for supporting our community!!)
-------------------------
CoalFire - Venue Sponsor
Anaplan - Food & Drink Sponsor
-------------------------68 attendeesFrom 0-Day to Secure Day
AJ Bell, 4 Exchange Quay, The Quays, Salford, GBThis July, OWASP Manchester welcomes you to AJ Bell’s generously hosted venue for an evening of thought-provoking talks, where three cybersecurity experts will unpack the latest innovations, emerging challenges, and developments shaping the security landscape.
Whether you're a seasoned security specialist or simply looking to expand your understanding of the evolving threat landscape, you'll leave with fresh perspectives, actionable knowledge, and the chance to connect with members of Manchester's thriving cybersecurity community. We look forward to welcoming you for an evening of learning, discussion, and networking.
-------------------------
Due to a corporate policy from the venue sponsor, to get into the venue & up to the event, you will need to register with your full name when signing up to the event AND show photo ID when checking in to the event on the night.
As we're still dealing with a large number of no-shows, if you don't attend without releasing your ticket, we may remove you from future events.
-------------------------
Agenda:
6:00 - Open doors & networking & drinks
6:15 - Introduction from OWASP
6:25 - Dan Harris - AJ Bell Introduction & Innovation
6:50 - Rory Sheldon - Using Firecracker microVMs and Foundation Models to Accelerate Malicious npm Package Analysis
7:15 - Refreshments (Food & Drinks & Networking)
8:00 - Alasdair Gorniak - Getting Your First 0-day
9:00 - Vacate venue -> to the pub for more socialisingLOCATION
-------------------------
AJ Bell
4 Exchange Quay,
The Quays,
Salford M5 3EE
-------------------------
SPEAKERSDan Harris
Chief Information Security Officer - AJ Bell - Nearly 20 years in security, the last decade leading functions inside major financial services firms. Dan started as a pen tester when he realised, he was better at breaking software than building it. Now he chairs senior risk committees but still loves a good exploit.Rory Sheldon
Staff Product Security Engineer at Snyk
Using Firecracker microVMs and Foundation Models to Accelerate Malicious npm Package Analysis
Static signatures and manual review can’t keep pace with the volume of malicious npm packages. This talk explores using Firecracker microVMs for safe, fast, disposable execution environments combined with foundation models to speed up analysis. We’ll cover the architectural decisions, what the models are actually good at, and the gaps that still need solving.Alasdair Gorniak
A cybersecurity researcher and ethical hacker focused on real-world vulnerability discovery. He has responsibly disclosed security issues to major organizations including Microsoft, NASA, and blockchain-based platforms, with multiple findings earning CVEs and bug bounties. His work spans web and local application security, grounded in hands-on testing of production software. Outside of breaking things, Alasdair pursues his personal faith, volunteers for charitable causes, and spends time outdoors with his family - running mountain trails and enjoying time in nature.
Getting Your First 0-day
We will be going over how you can get your first CVE and how you can use the knowledge from your first likely very poor CVE into something more much impactful. I will go over my starting CVE’s and then go into high impact CVE’s found by me and my team.
-------------------------
SPONSORS (Thank you for supporting our community!!)
-------------------------
AJ Bell - Venue Sponsor AND Food & Drink Sponsor
-------------------------41 attendees
Past events
12
