OWASP Orlando - Chapter Meeting

This is an In-Person Event
Food to be provided (Typically pizza or sandwiches)

Introductions

Speaker 1: Kevin Johnson

Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is a faculty member at IANS and was an instructor and author for the SANS Institute.

Topic: Replacements: What Malcolm Gladwell and Keanu Reeves can teach AppSec. A reflection of how appsec is focused in the wrong place and how we can improve it. The talk includes stories and tangents based on Kevin's work and consulting.

Speaker 2: Jennifer Shannon

Jennifer Shannon is a Senior Security Consultant with Secure Ideas with a background in malware analysis, penetration testing, and teaching. She graduated with honors from Florida State College at Jacksonville’s networking program. An avid computer geek for most of her life, she began her journey in cybersecurity as a SOC Analyst where she showed an aptitude for both penetration testing and malware analysis. She was quickly promoted into a role that capitalized on her abilities. She has experience performing penetration tests against web applications, mobile software and platforms, and social engineering. She is the co-leader for the TOOOL chapter in Jacksonville, FL, and continues to be passionate about teaching and is eager to share her knowledge with anyone who will listen.

Topic 2: Real-world API Pentesting Case Studies
APIs (Application Programming Interfaces) have become the backbone of modern software systems, enabling seamless communication and integration between various applications and services. However, they also present a significant security challenge, with potential vulnerabilities that can lead to data breaches, unauthorized access, and other security incidents. In this talk, we delve into the world of API pentesting through a collection of real-world case studies, providing valuable insights and lessons learned from our experiences.