| layout | title | tags | level | region | meetup-group | country | postal-code |
|---|---|---|---|---|---|---|---|
col-sidebar |
OWASP Salt Lake City |
owasp-slc wasatch-appsec |
0 |
North America |
owasp-slc |
USA |
84101 |
Welcome to the OWASP Salt Lake City Chapter (aka your local appsec support group). We try to meet most months and we plan to alternate between virtual and in person meetings.
- Join us at our upcoming chapter meetings (RSVP for upcoming events through our meetup page)
- Chat with us on Slack
- Follow us on Twitter
- February's event will probably be virtual, date and topic TBD
- Met at HealthEquity's Draper office
- Talked about Tanya Janca's Alice and Bob Learn Application Security book
- Should threat models require approval? By whom?
- How does Tanya's advice that devs not use the first result from StackExchange (since it is probably the least secure) change, if at all, with recent developments in AI for code generation?
- Met at Aumni's Cottonwood Heights office
- Talked about SDLC
- How do you move fast without breaking things
- You can only fix security bugs as fast as you can release
- Talked about passing the torch to new group leaders
- Met at Murray Park
- Talked about AI helping us to automate our AppSec jobs by assisting us in performing code reviews or threat modeling.
- Challenges of getting deterministic results that are accurate.
- Small Language Models (see Louis Barrett's talk from LASCON).
- Met at HealthEquity's office
- We talked about the book Nine Lies About Work and how it can relate to AppSec and working with Security Champions and Developers.
- Talked about doing "Bug of the Month" to help raise awareness.
- Thinking about Lie #8, we discussed how developers love solving problems so try to leverage that for your AppSec program.
- Virtual meet up
- We talked about using HMACs in various situations vs other solutions
- We also talked about envelop encryption and using it to encrypt specific fields in a database
The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects ,tools, documents, forums, and chapters are free and open to anyone interested in improving application security.
Chapters are led by local leaders in accordance with the Chapter Leader Handbook. Financial contributions should only be made online using the authorized online donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP Project, independent research, or related software security topic you would like to present.
Everyone is welcome and encouraged to participate in our Projects, Local Chapters, Events, Online Groups{:target='_blank'}, and Community Slack Channel{:target='_blank'}. We especially encourage diversity in all our initiatives. OWASP is a fantastic place to learn about application security, to network, and even to build your reputation as an expert. We also encourage you to be become a member or consider a donation to support our ongoing work.