Modern Threat Modeling & Cloud Systems in OWASP Sacramento
Explore modern threat modeling techniques for cloud systems at OWASP Sacramento's June 2023 event. Agenda includes community topics and more. Membership at Granite City offers workspace perks and access to exclusive events. Learn about threat modeling history and methodologies like STRIDE and PASTA.
1 views • 14 slides
OWASP Bricks - Web Application Security Learning Platform
OWASP Bricks is a web application security learning platform built with PHP and MySQL. It offers a simple, clean, and friendly interface where users can break the bricks and learn security concepts. The platform is open source, free to use, and almost all levels can be solved using the OWASP Mantra
1 views • 10 slides
Exploring OWASP: A Comprehensive Look at Application Security and Tools
Delve into the world of OWASP (Open Web Application Security Project) to understand its mission, the significance of application security, available resources, global chapters, sponsors, publications, software projects, and the innovative OWASP Live CD. Discover the benefits and tools offered by OWA
1 views • 18 slides
Understanding Modern Phishing Techniques and Evilginx Framework
Explore the evolution of phishing from its inception to modern-day strategies like Evilginx, a man-in-the-middle attack framework. Learn about the effectiveness of phishing, its impact on financial losses, and how Evilginx bypasses multi-factor authentication to capture sensitive information. Dive i
7 views • 30 slides
Cybersecurity Challenges: Attacks on Web Applications and Cost of Security Breaches
In the realm of cybersecurity, attacks on web applications pose a significant threat with 78% of attacks targeting applications. The consequences of these attacks are immense, with projected costs reaching $6 trillion annually by 2021. Notable breaches in recent years highlight the urgency for robus
8 views • 23 slides
Understanding the Importance of OWASP Dependency-Check Project
Explore the significance of OWASP Dependency-Check in managing software dependencies and mitigating known vulnerabilities in applications. Learn about the risks associated with using components with vulnerabilities and the challenges of patching programs. Discover how OWASP Dependency-Check provides
1 views • 26 slides
Best Practices for Secure Password Storage - OWASP Foundation Guidelines
Learn about secure password storage techniques recommended by OWASP Foundation, including adding salt, slowing down hashing functions, using HMAC isolation, and imposing difficult verification processes on attackers. Remember to use proper encoding, avoid limiting password types or lengths unreasona
0 views • 10 slides
Understanding Microservices Security Challenges
Presentation by Travis and David at the Dallas OWASP chapter delves into the intricacies of securing microservices architecture, highlighting common issues, diverse technologies, and key components. With tech giants like Amazon and Netflix already onboard, organizations are navigating the unique sec
0 views • 34 slides
Understanding the Organizational Scope of OWASP SAMM Assessments
Dr. Carsten Huth, a seasoned professional in the field of application security, shares insights on the scope, considerations, and best practices related to conducting OWASP SAMM assessments in organizations. The assessment scope ranges from individual development teams to the entire organization, pr
0 views • 15 slides
OWASP Events and Initiatives Overview
Explore a comprehensive overview of various OWASP events and initiatives, including past conferences, testing guides, proactive controls, AppSensor, dependency checker, WebGoat, cyber security week, and more. Get insights into key dates, program tracks, website references, and resources related to c
0 views • 15 slides
The Essentials of Offensive Security in Web Applications
Comprehensive overview of key aspects of offensive security in web applications including testing areas, OWASP guidelines, top 10 vulnerabilities, essential tools, web scoping, handling dangerous portions, understanding request types, and following a specialized methodology for exploitation. The con
0 views • 13 slides