|
89 | 89 | "timezone": "Asia/Kolkata", |
90 | 90 | "description": "Join us at the OWASP Gurugram Chapter event where we will dive deep into the best practices for incorporating cybersecurity into software development processes. Our expert speakers will cover topics such as cloud security, computer security, information security, application security, and software security. Learn how to effectively secure your applications, protect your networks, and defend against cyber threats. Whether you're a developer, security professional, or IT enthusiast, this event will provide valuable insights and practical tips to enhance your software security skills. Don't miss this opportunity to network with peers, ask questions, and stay updated on the latest trends in cybersecurity." |
91 | 91 | }, |
| 92 | + { |
| 93 | + "group": "Houston", |
| 94 | + "repo": "www-chapter-houston", |
| 95 | + "name": "Houston TX Chapter Study Group - Power up with PowerShell", |
| 96 | + "date": "2025-08-27", |
| 97 | + "time": "19:15-05:00", |
| 98 | + "link": "https://www.meetup.com/owasp-houston-texas-chapter/events/309131427", |
| 99 | + "timezone": "America/Chicago", |
| 100 | + "description": "This weekly one hour study group series is designed to help you learn how to use Windows PowerShell 5.1 and cross-platform PowerShell 7.x.\n\nThe focus will be on real world scenarios and learning by doing. The first sessions will focus on Windows but later sessions will cover 7.x on Linux.\n\nSince 5.1 is the default on Windows servers, we will start there. The primary IDE will be VS Code as it is the officially supported current PowerShell editor. Since you can't normally install it on production servers, though, running and debugging scripts in it will also be covered as it overcomes the \"it works on my system\" issue." |
| 101 | + }, |
92 | 102 | { |
93 | 103 | "group": "Houston", |
94 | 104 | "repo": "www-chapter-houston", |
|
137 | 147 | "time": "18:30-04:00", |
138 | 148 | "link": "https://www.meetup.com/owasp-jacksonville/events/309788238", |
139 | 149 | "timezone": "America/New_York", |
140 | | - "description": "Monthly OWASP Jax meeting." |
| 150 | + "description": "This is a placeholder event while we confirm this month's speaker. Stay tuned for updates, we'll share details as soon as they're locked in!\n\nInterested in presenting or know someone who might be? Reach out, we're always looking for speakers!" |
141 | 151 | }, |
142 | 152 | { |
143 | 153 | "group": "Klagenfurt", |
|
149 | 159 | "timezone": "Europe/Vienna", |
150 | 160 | "description": "**OWASP Klagenfurt \u2013 Summer Edition Meetup** \n\n**Location: TBC (Makerspace or Business Beach @ Strandbad Loretto)**\n\nJoin us for a relaxed summer meetup with fresh insights and great discussions!\n\n**Topics:**\n\"**Consolidating Access in the Cloud\u201d**\nLessons learned from taming a jungle of user IDs, API keys & service accounts \u2013 with a focus on access control in IBM Cloud.\n\n**\u201cIntroduction to Pentesting\u201d**\nA practical look into penetration testing: what it is, why it matters, and how to get started.\n\n Stay tuned for the final location \u2013 either the Makerspace or right by the lake at Strandbad Loretto!" |
151 | 161 | }, |
| 162 | + { |
| 163 | + "group": "Los Angeles", |
| 164 | + "repo": "www-chapter-los-angeles", |
| 165 | + "name": "OWASP LA Monthly In-Person Meeting - Aug 27, 2025", |
| 166 | + "date": "2025-08-27", |
| 167 | + "time": "17:30-07:00", |
| 168 | + "link": "https://www.meetup.com/owasp-los-angeles/events/306091958", |
| 169 | + "timezone": "America/Los_Angeles", |
| 170 | + "description": "**TOPIC:** Conquering Castle Envy \u2013 The Flawed Mindset That\u2019s Holding Application Security Back\nJoin us for great networking, dinner and drinks, and see a presentation by **Jeff Willams,** Co-Founder and CTO, **Contrast Security**\n\n**ABSTRACT:** Application security has spent 25 years stuck in the wrong mindset \u2014 treating software like a castle that can be fortified, inspected, and declared secure. That mental model leads to confident failure: endless scanning, training, and compliance rituals that rarely stop real threats. In this talk, we\u2019ll re-examine AppSec\u2019s go-to tools \u2014 threat modeling, scanning, pentesting, firewalling \u2014 through a new lens, so you can see why they keep falling short. The problem isn\u2019t effort. It\u2019s context. You\u2019re trying to secure a living, breathing software city using a blueprint for a castle.\n\nWe\u2019ll introduce a new model: Runtime Security. This isn\u2019t theory \u2014 it\u2019s about observing real production environments, with real users, data, connections, and threats. We\u2019re not trying to secure a castle. Your application ecosystem is a massive, dynamic city \u2014 alive, interconnected, and always under construction. It needs monitoring, coordination, fast response, and resilience \u2014 not moats and silos. We\u2019ll show how teams are using runtime visibility and feedback loops to focus on what matters, adapt quickly, and prove they\u2019re making a difference. The most serious AppSec threat isn\u2019t in your code \u2014 it\u2019s in your head. Shift your thinking, and everything else starts to fall into place.\n\n**Thanks to our SPONSOR**: *[Contrast Security](https://www.contrastsecurity.com/)*\n*You can't stop what you can't see*\n*Application Detection and Response for Modern Enterprises*\n*Stop attacks in your applications and APIs from development to production*\n\n**CODE OF CONDUCT**\nWe hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:\n[https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy](https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy)" |
| 171 | + }, |
152 | 172 | { |
153 | 173 | "group": "Los Angeles", |
154 | 174 | "repo": "www-chapter-los-angeles", |
|
189 | 209 | "timezone": "America/Chicago", |
190 | 210 | "description": "AI is the ultimate accelerant for application development - it's power unmatched - but without balance and control, it can quickly ignite new risks, turning potential into destruction. Explore the tangible impact of AI-generated code in this session buy playing with fire - Using GPT-driven prompts, we'll build a fully functional application, and in real time, we'll uncover how common security flaws like SQL injection, cross-site scripting, and weak authentication can manifest in AI-generated code.\n\nThrough hands-on exploration, we'll walk through the potential impact of these vulnerabilities and how these risks could be avoided with secure coding practices, defined policies, developer guardrails, and thorough security audits and code review.\n\nBy the end of the session, you'll have a deep understanding of how to:\n\n* Recognize and assess the risks AI introduces in your code.\n* Implement secure coding practices and enforce security policies.\n* Integrate security audits, code reviews, and testing into your development workflow to ensure AI-generated code is safe for production.\n\nThis session is vendor agnostic and designed to empower you to reap the benefits of AI without sacrificing security." |
191 | 211 | }, |
| 212 | + { |
| 213 | + "group": "Patna", |
| 214 | + "repo": "www-chapter-patna", |
| 215 | + "name": "Securing the Frontend \u2014 Real-World JS Threat Detection at scale with Jsmon", |
| 216 | + "date": "2025-08-02", |
| 217 | + "time": "12:00+05:30", |
| 218 | + "link": "https://www.meetup.com/owasp-patna-chapter/events/310226095", |
| 219 | + "timezone": "Asia/Kolkata", |
| 220 | + "description": "In this session, Inderjeet Singh, CEO and Co-Founder of Jsmon Inc., shares how leading organizations are transforming JavaScript security using Jsmon. Discover how you can proactively detect leaked API keys, exposed endpoints, and other client-side risks across countless web assets. Whether you are a developer, security enthusiast, or an engineer, this session will help you stay ahead of modern JavaScript threats." |
| 221 | + }, |
192 | 222 | { |
193 | 223 | "group": "Peterborough", |
194 | 224 | "repo": "www-chapter-peterborough", |
|
232 | 262 | { |
233 | 263 | "group": "Vancouver", |
234 | 264 | "repo": "www-chapter-vancouver", |
235 | | - "name": "Move Fast and Secure Things: A Guide to Scaling Security", |
236 | | - "date": "2025-08-21", |
| 265 | + "name": "ISACA + OWASP Vancouver Social", |
| 266 | + "date": "2025-08-27", |
237 | 267 | "time": "18:00-07:00", |
238 | 268 | "link": "https://www.meetup.com/owasp-vancouver-chapter/events/305510822", |
239 | 269 | "timezone": "America/Vancouver", |
240 | | - "description": "**Move Fast and Secure Things: A Guide to Scaling Security** with **Greg Sienkiewicz**\n\nScaling security isn\u2019t just about checking boxes - it\u2019s about evolving from survival mode to a mature, developed program. Startups move fast, but as you scale, customers demand trust, compliance becomes mandatory, and security debt turns into real risk.\n\nThis is real talk from the trenches - we\u2019ll share exactly how we evolved our security program from one built around reactive chaos to proactive resilience. If you\u2019re scaling fast, these lessons will help you move fast - without breaking trust.\n\n**Greg Sienkiewicz** is a DevSecOps engineer at Rewind, an Ottawa-based scale-up focused on protecting SaaS and cloud data. He holds multiple industry certifications, including ISC2 Certified Cloud Security Professional (CCSP) and AWS Certified Security - Specialty. He is a long-time supporter of OWASP - holds a Lifetime Membership - and is actively involved in the Ottawa chapter." |
| 270 | + "description": "We are working on a joint social event together with ISACA. Details and registration link to be posted shortly, stay tuned!" |
241 | 271 | }, |
242 | 272 | { |
243 | 273 | "group": "Virtual", |
244 | 274 | "repo": "www-chapter-virtual", |
245 | | - "name": "OWASP Virtual Chapter Meeting with Guest Speaker Arshan Dabirsiaghi", |
| 275 | + "name": "From Reinforcement Learning to LLMs to Reinforce", |
246 | 276 | "date": "2025-08-20", |
247 | 277 | "time": "12:00-04:00", |
248 | 278 | "link": "https://www.meetup.com/owasp-virtual-chapter/events/309892428", |
249 | 279 | "timezone": "America/New_York", |
250 | | - "description": "Coming soon!" |
| 280 | + "description": "**From Reinforcement Learning to LLMs to Reinforcement Fine Tuning: A Pragmatist\u2019s Guide to AI in Application Security**\n\nAI is everywhere in marketing decks and company OKRs, but which flavors of AI actually move the needle in application security? This talk dissects how modern AI paradigms\u2014transformers (LLMs), agents, reinforcement learning (RL), RLHF (Reinforcement Learning with Human Feedback), and the emerging RFT (Reinforcement Fine-Tuning)\u2014map to real AppSec problems. We\u2019ll explore which areas benefit from transformer-based reasoning, why RL has failed to disrupt AppSec, and how newer approaches may be able to improve human workflows without sacrificing explainability or trust. Leaders will walk away with a sharper mental model of which AI tools are production-ready for AppSec use cases." |
251 | 281 | }, |
252 | 282 | { |
253 | 283 | "group": "Wrongsecrets", |
|
0 commit comments