Upgrade to Pro — share decks privately, control downloads, hide ads and more …

owaspnz-chch-meetup-2021-workshop-planning-and-covid

 owaspnz-chch-meetup-2021-workshop-planning-and-covid

Kim Carter

April 01, 2021
Tweet

More Decks by Kim Carter

Other Decks in Technology

Transcript

  1. @purpleteamlabs
    @binarymistbooks
    @binarymist

    View full-size slide

  2. COMMUNITY TOPICS
    Welcome
    InfoSecNZ Slack, OWASP Slack
    purpleteam now in alpha and pre-releases being
    published regularly
    Anything else people want to mention?

    View full-size slide

  3. WHAT DO YOU WANT FROM
    OWASP CHCH THIS YEAR?
    We have 3 slots le for this year
    Ideas for meetups...

    View full-size slide

  4. 1. Talk and workshop 3 things that Devs can do in their
    Sprints to improve their security, possibly a series of
    these?
    2. Session on what goes into a good build pipeline
    3. A walk through the new OWASP API Security Top 10
    and how they compare with the OWASP Top 10 Web
    Application Security Risks
    4. Threat modelling code, how to do it? how to get the
    most out of it?
    5. OWASP tooling and all the new projects that are
    happening

    View full-size slide

  5. OWASP MEETUP
    COVID

    View full-size slide

  6. IMPACTS
    What negative infosec impacts has Covid had on you
    and/or your work-place?
    What positive infosec impacts has Covid had on you
    and/or your work-place?

    View full-size slide

  7. ATTACKERS TACTICS
    What sort of attacks are on the rise?
    Obviously phishing, what else?
    What have you and/or your org done or are doing
    about this?

    View full-size slide

  8. BUSINESS CONTINUITY
    Has business continuity been affected for you, if so,
    how?
    How can you improve this?
    What do we need to be thinking about in our jobs in
    relation to InfoSec and personal OpSec?
    What must orgs and us personally be considering in
    order to sustain/create data, application,
    infrastructure and personal security while still
    considering efficiencies and user experience?

    View full-size slide

  9. REMOTE WORK
    How has/is remote work changed/changing the
    infosec stack?
    What do we need to be thinking more about now
    than we used do?

    View full-size slide

  10. TAKE-AWAYS (IMPROVEMENTS)
    What do we need to improve?
    Ideas on how?

    View full-size slide