Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

owasp.org/www-chapter-portland
The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations are…


Andrew van der Stock - OWASP Executive Director - Our Software is the Firewall
Aug 8 • 25 min
Our special guest today is Andrew van der Stock. He is our new Executive Director at OWASP, taking the Foundation through organizational change and taking our mission to the next level. Andrew is a seasoned web application security specialist and…
Simon Bennetts and Rick Mitchell - The Great Proxy Wars - ZAP vs. Burp Suite
Jul 27 • 18 min
Our special guests today are Simon Bennetts and Rick Mitchell.Simon co-leads the OWASP Zed Attack Proxy (ZAP) project, which he started in 2009 and is a Distinguished Engineer at StackHawk, a SaaS company that uses ZAP to help users fix application…
Eva Galperin - Director of Cybersecurity at the Electronic Frontier Foundation (EFF) - Go Look Where No One Else is Looking
Jul 22 • 31 min
Our special guest today is Eva Galperin who is the Director of Cybersecurity at the Electronic Frontier Foundation (EFF). Prior to 2007, when she came to work for EFF, Eva worked in security and IT in Silicon Valley and earned degrees in Political…
Glenn Bravy and Merritt Wilson - Secure Code Warrior - Are Some Languages More Dangerous Than Others?
Jul 15 • 22 min
Our guests today are Glenn Bravy and Merritt Wilson.Glenn works at Secure Code Warrior, partnering with people who believe that secure code training can be both hands-on and enjoyable. When it comes to getting upskilling, active learning and consistent…
Jake King - Linux Cloud and Endpoint Security - Do It Wisely. Make it Easy.
Jul 8 • 23 min
Our guest today is Jake King, who is the CEO & Co-Founder of Cmd. He’s a long-time security practitioner specializing in infrastructure security, primarily in cloud environments. Prior to starting Cmd, Jake managed the security program at social…
Eric Higgins - Security From Zero: Practical Security for Busy People
Jun 26 • 18 min
Our guest today is Eric Higgins. He has been in the technology industry for over 20 years. He spent a decade in Silicon Valley, where he worked at Google and then led the security team at Optimizely. Now he runs a consulting firm that helps business…
Mike Goodwin and Jon Gadsden - Threat Dragon is for Threat Modeling. Come Help Build It!
Jun 7 • 26 min
Today we are going to be talking about - OWASP Threat Dragon - and our guests are Mike Goodwin, the founder, and Jon Gadsden, a major contributor to the project. Threat Dragon is a popular, free tool used for threat modeling, including diagramming,…
Ashish Patel - Best Practices for Proactive Cloud Security
Jun 2 • 16 min
We’re super delighted to have today, Ashish Patel. He’s a security engineer on the Box Infrastructure Security team. He usually lives in the realm of cloud security and automating security related tasks that scale across multiple clouds & attack…
Theresa Masse - Department of Homeland Security - Tips,Tricks and Free AppSec Services from the DHS - Stay Protected from the New Bad COVID-19 Actors
Apr 13 • 17 min
Our honored guest today is Theresa Masse. She is the U.S. Department of Homeland Security’s Cyber Security Advisor for Region X, including Oregon, Washington, Idaho and Alaska.Ms. Masse was the first Chief Information Security Officer (CISO) for the…
John Andersen - The Easiest Way to Use Machine Learning for AppSec (DFFML)
Apr 4 • 16 min
John Andersen is our distinguished guest today. He is a software security engineer with a passion for open source. He works for a really big Fortune 500 company here in Oregon doing product security and runs an open source project called Data Flow…
Tanya Janca - SheHacksPurple - Some of the Best AppSec Advice You’ll Ever Hear Here!
Mar 28 • 42 min
Our special guest today is Tanya Janca, also known as ‘SheHacksPurple’. She is the founder, security trainer and coach of SheHacksPurple.dev, specializing in software and cloud security. Her obsession with securing software runs deep, from starting her…
Laura Chappell - Inspiring the Next Generation of Security People to Do Wireshark Packet Analysis on the Interplanetary Internet
Mar 19 • 25 min
Welcome back to another edition of the OWASP PDX podcast.Our special guest today is Laura Chappell. She’s a leading expert in network packet analysis, a public speaker, educator and author, including several best selling books on Wireshark and TCP/IP….
Kaliya Young - How We See Identity for Authentication Needs to Change
Mar 15 • 18 min
Welcome back to another OWASP PDX podcast.Our special guest today is Kaliya Young. She is an expert when it comes to self-sovereign identity on the Internet. For many of us who build and integrate authentication systems into our web apps, an identifier…
U.S. Senator Ron Wyden (OR) - Election Security, Mind Your Own Business Act, Encryption Weakening, NSA Surveillance, FISA, SIM Swapping and STEM Initiatives
Feb 29 • 18 min
Welcome back to the OWASP PDX Podcast.Today we have a very distinguished guest, senior United States Senator for Oregon, Ron Wyden. He’s been a senator for our beautiful state since 1996. He’s a member of the Democratic Party and has previously served…
Ian Melven - Playing the Long Game in Infosec
Feb 22 • 14 min
Welcome to another edition of the Portland, Oregon OWASP podcast. Today we’ll be talking with, Ian Melven. Bio: Ian Melven currently leads security at an Los Angeles based startup. Previously, he built and led the Product Security team at New Relic. Ian…
Mark Curphey - Founder of OWASP - Security. Don’t Be Shy. Just Ask!
Feb 15 • 20 min
Today, we’re talking with none other than Mark Curphey, the founder of OWASP.
Chad Holmes - CMD+CTRL Web Application Cyber Range
Feb 7 • 11 min
Today we’ll be talking with Chad Holmes.Chad is a Product Marketing Manager for Security Innovation with a focus on educating customers on emerging Cyber Range technologies and how they can improve security education within organizations. Prior to…
Aaron and Ray - Application Security. It’s Really About the Code!
Feb 1 • 20 min
Today we’re going to be talking about Application Security. It’s Really About the Code! with Aaron and Ray
Ryan Krause - Some Good Advice for Those Who Want to Become Pen Testers
Jan 11 • 15 min
Today we’ll be talking with Ryan Krause. Ryan will talk about his experiences in pen testing along with great advice for those who want to break into this exciting field.
Tim Morgan - Breaking New Ground in Predictive Risk-Based Vulnerability Management
Dec 29, 2019 • 29 min
Today we will be talking to one of our own, Tim Morgan. Tim has been working on a new, innovated, risk-based vulnerability management system called DeepSurface. It’s built on both hard science and hard lessons that he learned from his customers over the…
Adam Shostack - Threat Modeling
Dec 19, 2019 • 22 min
Join our conversation with Adam Shostack about threat modeling.
Justin Angra - Intro to Chrome Exploitation
Dec 19, 2019 • 13 min
Join our conversation with Justin Angra about Chrome exploitation.
David Quisenberry & Ben Pirkl - OWASP Top 10 / Juice Shop Hack Session
Dec 19, 2019 • 13 min
Join our conversation with David Quisenberry and Ben Pirkl about the OWASP Top 10 and Juice Shop.
Alex Ivkin - Container Security
Dec 19, 2019 • 13 min
Join our conversation with Alex Ivkin about container security.
Patterson Cake - Overcoming Your Greatest InfoSec Adversary: You!
Dec 19, 2019 • 15 min
Join our conversation with Patterson Cake about security soft skills.