Upgrade to Pro — share decks privately, control downloads, hide ads and more …

owaspnz-chch-meetup-2021-workshop-planning-and-covid

 owaspnz-chch-meetup-2021-workshop-planning-and-covid

A397cb38965ab9f310e7148b8c3d1105?s=128

Kim Carter

April 01, 2021
Tweet

Transcript

  1. @purpleteamlabs @binarymistbooks @binarymist 

  2. COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack purpleteam now in

    alpha and pre-releases being published regularly Anything else people want to mention? 
  3. WHAT DO YOU WANT FROM OWASP CHCH THIS YEAR? We

    have 3 slots le for this year Ideas for meetups... 
  4. 1. Talk and workshop 3 things that Devs can do

    in their Sprints to improve their security, possibly a series of these? 2. Session on what goes into a good build pipeline 3. A walk through the new OWASP API Security Top 10 and how they compare with the OWASP Top 10 Web Application Security Risks 4. Threat modelling code, how to do it? how to get the most out of it? 5. OWASP tooling and all the new projects that are happening 
  5. OWASP MEETUP COVID 

  6. IMPACTS What negative infosec impacts has Covid had on you

    and/or your work-place? What positive infosec impacts has Covid had on you and/or your work-place? 
  7. ATTACKERS TACTICS What sort of attacks are on the rise?

    Obviously phishing, what else? What have you and/or your org done or are doing about this? 
  8. BUSINESS CONTINUITY Has business continuity been affected for you, if

    so, how? How can you improve this? What do we need to be thinking about in our jobs in relation to InfoSec and personal OpSec? What must orgs and us personally be considering in order to sustain/create data, application, infrastructure and personal security while still considering efficiencies and user experience? 
  9. REMOTE WORK How has/is remote work changed/changing the infosec stack?

    What do we need to be thinking more about now than we used do? 
  10. TAKE-AWAYS (IMPROVEMENTS) What do we need to improve? Ideas on

    how? 