Thank you @occamsec for supporting #OWASP as a Silver Corporate Supporter https://owasp.org/supporters/list. We are looking forward to working with you and your team! #appsec #supportnonprofit #developers #cybersecurity #infosec
Recent searches
Search options
Administered by:
#owasp
0 posts0 participants0 posts today
Exciting news alert! Secure your SUPER Early Bird Tickets for the 2025 #OWASP Global #AppSec EU event in Barcelona. Snag a spot at a discounted rate for the May conference. Act fast, these prices won't last long! Don't miss out, register now: https://owasp.glueup.com/event/owasp-global-appsec-eu-2025-123983/
Calling all Speakers! Don't miss out on this thrilling opportunity to submit your paper for the 2025 #OWASP Global #AppSec EU Call for Presentations. Share your knowledge with the #cybersecurity community and shine a light on your skills. Take action now!
https://sessionize.com/owasp-global-appsec-eu-2025-cfp
Thank you @equixly for generously supporting #OWASP as a Gold Corporate Supporter and offering a valuable Individual Member benefit. We are excited to work with you and your team! https://owasp.org/supporters/list #appsec #developers #corporatesupport #nonprofit #cybersecurity
#blackfriday deal: play #OWASP #wrongsecrets for free at https://wrongsecrets.com . All we need is you to star our GitHub repo!
次回のOWASP Saitama MTG #23 は 12/10 1900〜より忘年会を兼ねてさいたま市で開催です!チャプターリーダーの @alterakey による今年の振り返りとともに、jetbeeさんからはOWASP Juice Shopの構造についてお話をいただけるそうです!参加登録はこちらからどうぞ! https://buff.ly/3CTlZVx #OWASP #OWASP_Saitama
connpassOWASP Saitama MTG #23 (2024/12/10 19:00〜)## ハイブリッド開催を行ないます これまで試験的にオフラインのみの開催としてきましたが、参加者の利便性を鑑み今回から当面の間ハイブリッド開催とします。 ※1 終了後、現地組のみ完全オフレコのSkytalksおよび懇親会へと移行します。 ※2 オフラインで参加された方にはチャプターステッカーをお配りしています。 今回はさいたま開催回です; 現地会場としてRaiBoC Hall (市民会館おおみや) の集会室2を使用します。 (各線大宮駅下車、東口徒歩5分ほどです) ※会議室内での水分補給は可能なようですがゴミは各自でお持ち帰りください。 ## 忘年会を兼ねての開催になりま...
Did you know that ISO27001 requires you to do threat modeling?
A 8.27 Requires you to "regularly update threat models to reflect changes in the system and external threat landscape." see: www.isms.online/iso-27001/ch...
Why not try out threat modeling at copi.owasp.org
#appsec #cybersec #owasp
Copi
· Play Cornucopia O...
ISMS.onlineISO 27001:2022 Annex A 8.27 Checklist GuideISO 27001 A.8.27 Secure System Architecture and Engineering Principles Checklist Implementing the control A.8.27 Secure System Architecture and Engineering Principles within the ISO 27001:2022 framework is critical for organisations aiming to ensure that their information systems are secure, resilient, and compliant. This control emphasises the need for security to be an integral part of the system design and engineering process from the very beginning. For a Chief Information Security Officer (CISO), overseeing this implementation presents several challenges, from balancing security with usability to ensuring continuous compliance with evolving regulations. Scope of Annex A.8.27 A.8.27 Secure System Architecture and Engineering Principles
Don't miss out! Share your expertise at the 2025 #OWASP Global #AppSec EU conference in Barcelona! The Call for Trainers is now LIVE! Seize the opportunity to inspire others. Send your proposal here: https://sessionize.com/owasp-global-appsec-eu-2025-cft/
Don't miss out on this thrilling opportunity! Get your SUPER Early Bird Tickets for 2025 #OWASP Global #AppSec EU in Barcelona now! Book your spot at a special discounted rate for the May conference. Hurry, these prices are only for a limited time!!! REGISTER TODAY: https://owasp.glueup.com/event/owasp-global-appsec-eu-2025-123983/
Cybersecurity 101: OWASP Top 10 for LLM Applications
TechSplicer Blog · Cybersecurity 101: OWASP Top 10 for LLM Applications, updated for 2025In an expected turn of events, OWASP has released the Top 10 for Large Language Models, updated for 2025. This is yet again a milestone in the new normal of AI integrating not only in the development…
Exciting news for all Speakers! Join the action by submitting your paper for the 2025 #OWASP Global #AppSec EU Call for Presentations. Contribute to the #cybersecurity community and showcase your expertise. Seize this opportunity today!
https://sessionize.com/owasp-global-appsec-eu-2025-cfp
#devsecops #AI #threatmodeling
先日のOWASP Saitama MTG #22 トーク #1 についての資料を公開します。ありがとうございました。
https://speakerdeck.com/alterakey/in-the-middle-of-chatter-number-2
#OWASP #OWASP_Saitama
Speaker DeckIn The Middle Of Chatter #2
Good time at Columbus #OWASP tonight. Small crowd (probably the weather) but good times hacking at Security Journey's tool. I wish they were on Masto.
Field Notes from Sasha the Security Flamingo's HomeLab
After shaking off the flap-lag from #BSidesMelbourne (thanks for the amazing hospitality, mates!), I've been diving deep into LLM security testing with Ollama in my lab. As someone who's spent years wading through network security (with a 4-digit CCIE to prove it!), I find the parallel between traditional security controls and LLM security fascinating.
Current Project: Implementing and testing OWASP's security guidelines for LLMs in a local environment.
Key Observations from the Pink Side of Security: Local LLMs need just as much security attention as cloud-based ones
System prompts are your first line of defense - think of them as your ACLs for language models
Prompt injection testing requires the same methodical approach as traditional pentesting
Output validation is crucial - even a flamingo knows not to trust unvalidated responses!
Quick Tip for Those Starting Out:
When setting up Ollama for security testing, start with a baseline model and document ALL changes to your system prompt. You'd be surprised how many security issues can be traced back to prompt mutations - and I've seen enough BGP mutations in my networking days to know the importance of tracking changes!
Next week, I'll be sharing my flamingo-friendly framework for LLM security testing. Because if a flamingo with one-leg stance can handle complex routing protocols, anyone can learn to secure their LLMs!
#AISecurityTesting #LLMSecurity #OWASP #SecurityResearch #Ollama #HomeLab #InformationSecurity #BSidesMelbourne
P.S. Special shoutout to the Heathrow security team who recently swabbed me for explosives. Yes, even security flamingos get extra screening! 
EXCITING NEWS! SUPER Early Bird Ticket Sales for #OWASP Global #AppSec EU in Barcelona are now on sale! Secure your spot at a heavily discounted rate for the conference in May. These rates won't be available for long! REGISTER TODAY: https://owasp.glueup.com/event/owasp-global-appsec-eu-2025-123983/
OWASP Members Benefit: OWASP-reserved instance on the @SecureFlag secure coding training platform & the AI-powered threat modeling tool ThreatCanvas: https://www.secureflag.com/owasp
Join the #OWASP community today & start building secure software! #securecodingtraining #threatmodeling
Calling all Speakers!!! Get ready to be part of something big! Submit your paper for the 2025 #OWASP Global #AppSec EU Call for Presentations today. Share your expertise and contribute to the #cybersecurity community. Don't let this opportunity pass you by! 
) 
Bluesky SocialOWASP Starter PackJoin the conversation
Exciting news! Show off your skills as a trainer at the 2025 #OWASP Global #AppSec EU conference in Barcelona! The Call for Trainers is OPEN! Don't let this chance to impart your wisdom slip away. Submit your proposal here: https://sessionize.com/owasp-global-appsec-eu-2025-cft/
