Explore modern threat modeling techniques for cloud systems at OWASP Sacramento's June 2023 event. Agenda includes community topics and more. Membership at Granite City offers workspace perks and access to exclusive events. Learn about threat modeling history and methodologies like STRIDE and PASTA.

1 views • 14 slides

OWASP Bricks is a web application security learning platform built with PHP and MySQL. It offers a simple, clean, and friendly interface where users can break the bricks and learn security concepts. The platform is open source, free to use, and almost all levels can be solved using the OWASP Mantra

1 views • 10 slides

Delve into the world of OWASP (Open Web Application Security Project) to understand its mission, the significance of application security, available resources, global chapters, sponsors, publications, software projects, and the innovative OWASP Live CD. Discover the benefits and tools offered by OWA

1 views • 18 slides

Explore the evolution of phishing from its inception to modern-day strategies like Evilginx, a man-in-the-middle attack framework. Learn about the effectiveness of phishing, its impact on financial losses, and how Evilginx bypasses multi-factor authentication to capture sensitive information. Dive i

7 views • 30 slides

In the realm of cybersecurity, attacks on web applications pose a significant threat with 78% of attacks targeting applications. The consequences of these attacks are immense, with projected costs reaching $6 trillion annually by 2021. Notable breaches in recent years highlight the urgency for robus

8 views • 23 slides

Explore the significance of OWASP Dependency-Check in managing software dependencies and mitigating known vulnerabilities in applications. Learn about the risks associated with using components with vulnerabilities and the challenges of patching programs. Discover how OWASP Dependency-Check provides

1 views • 26 slides

Learn about secure password storage techniques recommended by OWASP Foundation, including adding salt, slowing down hashing functions, using HMAC isolation, and imposing difficult verification processes on attackers. Remember to use proper encoding, avoid limiting password types or lengths unreasona

0 views • 10 slides

Presentation by Travis and David at the Dallas OWASP chapter delves into the intricacies of securing microservices architecture, highlighting common issues, diverse technologies, and key components. With tech giants like Amazon and Netflix already onboard, organizations are navigating the unique sec

0 views • 34 slides

Dr. Carsten Huth, a seasoned professional in the field of application security, shares insights on the scope, considerations, and best practices related to conducting OWASP SAMM assessments in organizations. The assessment scope ranges from individual development teams to the entire organization, pr

0 views • 15 slides

Explore a comprehensive overview of various OWASP events and initiatives, including past conferences, testing guides, proactive controls, AppSensor, dependency checker, WebGoat, cyber security week, and more. Get insights into key dates, program tracks, website references, and resources related to c

0 views • 15 slides

Comprehensive overview of key aspects of offensive security in web applications including testing areas, OWASP guidelines, top 10 vulnerabilities, essential tools, web scoping, handling dangerous portions, understanding request types, and following a specialized methodology for exploitation. The con

0 views • 13 slides