Reminder für treffen morgen am 22.9.2022: "Introducing OWASP WrongSecrets: How to not handle your secrets!"

[Dirk Wetter]

Moin alle,

auch diesem Kanal auch gerne noch mal eine Einladung zum morgigen Online-Stammtisch in Hamburg.
(original: https://www.meetup.com/owasp-hamburg-stammtisch/events/288358438/).

Wer Zeit und Interesse hat und sich nicht bei Meetup anmelden will, um alle nötigen Videokonferenzdaten einzusehen,
kann mir gerne eine Mail schreiben, dann bekommt er/sie/etc gerne eine Mail mit URL und Access-Code zur Konferenz.

Weitere Details sonst folgen unten.


Schönen Gruß, Dirk



Hello there,

in two weeks we'll welcome our guest speaker Jeroen Willemsen presenting a little known but cool OWASP project: The OWASP WrongSecrets project!

Please note due to speaker constraints we'll start a bit later than ususal.

Presentation language will be English.

# TL:DR;)

Title: "Introducing OWASP WrongSecrets: How to not handle your secrets!"
Speaker: Jeroen Willemsen
Location: Online, please check the link the day before
Start: 22nd of September 2022, 9:00 pm (CEST)
Networking: Stick around afterwards a bit. Grab a soda, beer, a wine or the like.

# Abstract

We all have to store our secrets: when it comes to personal passwords in password managers, secrets in CI/CD, or just our runtime secrets required by our online services. But where do you store them? How do you secure them? In this session we present OWASP WrongSecret: a vulnerable app filled with challenges son how to NOT manage your secrets.
During this 45 minute session we explore the project itself, give live demos and give an update on the project in general.
Are you interested? Hope to see you there!

# Bio

Jeroen Willemsen is a Principal Security Architect and one of the project leader of OWASP WrongSecrets. As a more or less a jack of all trades with interest in mobile security, infrastructure security, risk management and application security he loves to research & share knowledge on security topics to anyone who wants to improve the security of their IT stack.

# How to participate

OWASP Hamburg Meetup members who rsvp'd for the event will see the URL at the RHS and can join the video conference directly. I'll update the invite URL ~ a day before. Also you would need a PIN which you will find here: [REDACTED].

Please make sure when the talk starts your video is off and you are muted.

Again we will be guest of cyber4edu which provides us with a privacy friendly video conference facility. Thank you!

# Our OWASP "Stammtisch"

Our meeting is about web applications and their (in)security and/or about IT security in general. People come together who care as a hobby or in their job about information security: developers, managers, pen testers and everybody else who's interested. The atmosphere is open and relaxed. Who's coming to sell products or services: Move on, this is not the right place. OWASP is about education and sharing (mostly) technical information.
Feel free to forward our meetup URL to your colleagues or friends. They are welcome, too. Participation is free and open -- as the O in OWASP.

Cheers, Dirk


--
OWASP Volunteer
Send me encrypted mails (Key ID 0x4D9CA7F2E2FA20B3)