What we're about

OWASP Orange County Chapter. The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

Support your Orange County Chapter: only $50 for the entire year!

Become an OWASP Member TODAY (https://www.owasp.org/index.php/Membership)

Upcoming events (2)

Webster Univ CyberSecurity Series: Securing the Enterprise in a DevOps World

Webster Irvine Campus ∙ 32 Discovery, Suite 250 ∙ Irvine Presented by OWASP OC and Webster Irvine Please RSVP here: http://bit.ly/owaspwebsterfeb2019 Do not waitlist yourselves on this meetup page... Speaker: David Wayland, Director Information Security at a Fortune 500 financial company. Subject: Securing the Enterprise in a DevOps World Abstract: Today’s enterprises are really software companies. Securing a global enterprise requires security, development, vulnerability management and compliance and risk professionals to understand the engagement and inflection points in the software development life-cycle — and their roles in accelerating it. In this session, a Fortune 500 financial company will describe its journey to securing its highly regulated enterprise in a DevOps world—a technological and cultural transformation that secured its modern software “factory” while delivering on key business drivers. Speaker Bio: David Wayland (CISSP, ISSAP, ITIL, SCJP, CEA, CAN) is Director Information Security at a Fortune 500 financial company. He is a DevSecOpsevangelist, with over 20 years of experience in all aspects of the software development lifecycle and notable success leading small to large teams in a broad range of initiatives while in direct support of business objectives. Linkedin: https://www.linkedin.com/in/davidwayland/ The Cybersecurity Seminar Series is a partnership of OWASP, ISACA OC, IEEE OC Cybersecurity SIG, and ISSA-OC with Webster Irvine. Links available at Cybersecurity Seminar Series Eventbrite page. Seating is limited - no recruiters please for this event.

OWASP OC February meeting: I found a dangerous query! / Giving interesting talks

Speakers: Ken Kantzer, Founding Partner at PKC Security Josh Maddux, Software Engineer at PKC Security Topic: I found a dangerous query, now what?! Abstract: We’re all familiar with common SQLi/XSS/CSRF vulnerabilities you’d find in a generic app, but what happens when you’re facing an IoT device or a Salesforce integration, and a particular attack avenue that works elsewhere isn’t as easily exploitable? Finding vulnerabilities is still achievable, but exploitation requires a different set of techniques. We’ll be diving into several of real-life vulnerabilities to see what new things are being discovered in the AppSec world. Speaker Bio: Josh Maddux is a software engineer and security researcher at PKC. He got his start studying mathematics at the University of Oklahoma, where as an intern he wrote tools for MSCI in the portfolio analytics space. After graduating, he moved out to Los Angeles to write software. He's the proud holder of a CVE. When he's not coding, he enjoys playing violin, building robots, and thinking about timing attacks. Ken Kantzer leads PKC's security consulting efforts — conducting code security audits and developing secure applications for companies of all shapes and sizes. Before PKC, Ken was a Senior Consultant at Booz Allen Hamilton where he worked in cybersecurity for the defense and oil & gas sectors. Ken holds a Politics degree from Princeton University. ++++++++++++++++++++++++ Lightning Talk Speaker: Dominique Vance, actress, musician, teacher Lightning Talk Topic: Sidestepping performance anxiety & giving interesting talks Abstract: When surveyed, people consistently fear public speaking more than anything else. Yet we all have to do it to some extent. How can we be engaging, and most importantly not too terrified to actually speak? We will go over suggestions to mitigate performance anxiety and improve technical presentations. Bio: Dominique Vance runs small businesses and recently pivoted to CyberSecurity. She is also an actress, violinist, poker dealer and teacher, and management consultant. A child prodigy, she finished business and law degrees while performing all over the world on piano and violin. She has both soloed in Carnegie Hall and played CBGB’s. When not being an entrepreneur, she trains martial arts, studies Python and goes by Domino at cons. Schedule: 6:00pm Food, Drinks & Networking 6:40pm Lightning talk 7:00pm Technical presentation (followed by Q&A) A raffle will be held at the end of the meeting for OWASP swag and a free conference pass to the AppSec Cali 2020 conference. You must be present to win.

Past events (81)

AppSec California January 22-25, 2019

Annenberg Community Beach House

Photos (173)