About us
Who is the OWASP® Foundation?
The Open Worldwide Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.
Tools and Resources
Community and Networking
Education & Training
Upcoming events
1
OWASP Singapore Chapter x Sectalks Singapore Meetup
WeWork, 21 Collyer Quay, Level 2, Singapore 049320, Singapore, SG## Details
OWASP Singapore Chapter, together with Sectalks Singapore, is hosting a security meetup on 27th April 2026. Whether you're based in Singapore or visiting for Black Hat or DEF CON, this is a great chance to connect with security professionals from across the region.
⚠️⚠️ Kindly RSVP on both Meetup and by completing this registration form: https://forms.gle/ibzvXh5opv8WucSM8
AGENDA
- 7:00pm: Registration
- 7:15pm: Introduction
- 7:30pm: Talk 1
- 8:10pm: Talk 2
- 8:45pm: Snacks + Networking
SPONSORS: Dexian Asia Pacific | SECDIM |
TALK DETAILS
Talk 1 : Conquering the Flames of Threat Modeling: Crash Course to OWASP Threat Dragon
Speaker : Donavan Cheah
About the talk: This session covers the fundamentals of threat modeling, starting with the four key questions from the Threat Modeling Manifesto, followed by an overview of the STRIDE framework. It introduces OWASP Threat Dragon and demonstrates how to deconstruct application architecture using sample projects. The talk also explores how to combine application-level threat modeling with the OWASP Web Security Testing Guide to build a structured pentesting methodology, and highlights why developing a threat modeling mindset is essential for growing from a junior to a senior pentester, before wrapping up with key takeaways.
Speaker Bio: Donavan brings nearly a decade of cybersecurity experience across red teaming, penetration testing, threat modeling, and risk assessments. He has actively contributed to the open source community through his series of deliberately vulnerable machines on Vulnhub between 2018 and 2021, and has demonstrated strong technical depth by delivering threat modeling talks at conferences across Europe and Asia, including DefCamp in Romania, FIRST Central Asia in Uzbekistan, GCC 2025 in Taiwan, and SINCON in Singapore, often using OWASP Threat Dragon to introduce practical concepts. At Thales, he also led the development of a fully functional, Singapore-built cybersecurity gamification experience called “Defend the Breach” within just three months, enabling participants to step into the role of CISOs and make strategic decisions around cyber budgets, threat response, and security capabilities.
Talk 2 : [Details Coming soon]
Since this is a free event, please RSVP only if you’re sure you can attend. We’ll be arranging food based on the number of responses, and no-shows can lead to unnecessary food wastage.
17 attendees
Past events
28
![[FREE] Online Mini API Security Hands-On Workshop](https://secure.meetupstatic.com/photos/event/b/8/4/7/highres_532067175.jpeg)
