Lmst
Login
Josh Grossman (tghosth👻) :verified:

Your friendly AppSec Ghost 👻 | Personal account, content does not represent my employer. | Board member at twitter.com/OWASP_IL
| Project leader at twitter.com/OWASP_ASVS

Personal site:
joshcgrossman.com
Twitter:
twitter.com/JoshCGrossman/
LinkedIn
linkedin.com/in/joshcgrossman/
GitHub
github.com/tghosth
Blue Sky
bsky.app/profile/joshcgrossman
Josh Grossman (tghosth👻) :verified: boosted:
OWASP IsraelOWASP_IL@infosec.exchange
2025-12-10

Kicking off our December meetup at @orcasec with some announcements from @JoshCGrossman.

(Including save the date, 18 May 2026, for #AppSecIL!!)

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-12-01

Register:
owasp.glueup.com/event/162538/

More details:
owasp.glueup.com/event/london-
bouncesecurity.com/training/va

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-12-01

LONDON, BABY!

I'm bringing my course "Building a High-Value AppSec Scanning Programme" to London as part of @owasp's London training days, 23-24 February 2026.

As seen at OWASP Global conferences, @BlackHatEvents and @NDC_Conferences, don't miss your chance to attend!

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-11-11

#justaithings

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-11-04

CFTs for both @BlackHatEvents #BHUSA and @owasp Global AppSec EU (Vienna) are now open and close in early December!

Thinking of submitting? Check out my blog series for @BounceSecurity "So you want to train at Black Hat (or other conferences)?"

bouncesecurity.com/blog/2025/0

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-09-02

If you attended my vibe coding session at the @owasp Community at @Defcon (or you didn't but you are interested) and you want to continue the conversation, Emile Delcourt opened a dedicated channel on the @owasp slack workspace:
owasp.slack.com/archives/C09D5

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-08-11

I can't bring myself to tag everyone but thanks to everyone I met and chatted to, every one of you enhanced the experience.

For those of you working as volunteers and organisers, you are the ones who make all of this happen and you have my undying respect and appreciation!

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-08-11

4) Getting to switch things down a gear at the annual one-of-a-kind ShabbatCon with great conversations and the famous "no-fire" talks.

5) Crazy golf at the Chainguard/Orca party with Avi and Kim, I do love crazy golf!

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-08-11

3a) Volunteering for the OWASP Community space at DEFCON to talk to people about the foundation and collect donations in exchange for t-shirts.

3b) Delivering a "What is OWASP" talk for the community space as well as leading a packed discussion about AppSec and vibe coding.

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-08-11

1) Delivering another round of my training course about accelerating your AppSec programme.

2) Meeting loads of people at Black Hat, some intentionally and some by happy coincidence and building connections.

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-08-11

About to head home after a packed week+ in Vegas for Hacker Summer Camp.

Some highlights for me:

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-08-06

My searing hot take for today is that everyone hitting out at "security influencer" culture might want to consider that being able to persuade and influence is probably the most important tool in your security skillset.

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-08-05

Excited to be back delivering my course again at Black Hat USA!

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-07-17

In "Making your preparations" I discuss some of the preparations you might need in the run-up to the course including materials and visa considerations.

Although visas are one of the last things I mention, it might be one of the first things to consider.
bouncesecurity.com/blog/2025/0

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-07-17

In "Selling and Marketing your course", I talk about possibly the hardest part of the whole process, getting people to sign-up! I don't have all the answers but hopefully I have some ideas and thoughts that will be useful to you.
bouncesecurity.com/blog/2025/0

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-07-17

The final two parts of my blog series about delivering training at conferences have now been released!

You can check them out on the @BounceSecurity website now!

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-06-24

Pulled last year's class workbook out so that I can prepare the updated version for this year.

You still have time to sign up for my updated course at @BlackHatEvents #BHUSA, in person in Las Vegas, August 4-5.

Sign-up here:
blackhat.com/us-25/training/sc

More information about the course:
bouncesecurity.com/training/ac

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-06-12

You can find the whole series here:
bouncesecurity.com/blog/2025/0

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-06-12

So you have a great training course with super-cool interactivity, now you have to get it accepted.

In my next blogpost, I talk about writing a proposal which appeals to both the review board and also your potential attendees.

Check it out here:
bouncesecurity.com/blog/2025/0

Josh Grossman (tghosth👻) :verified:JoshCGrossman@infosec.exchange
2025-06-11

Last week, I was honoured to received a Distinguished Lifetime Member award from OWASP at Global AppSec EU Barcelona 2025.

I wrote more about it here:
linkedin.com/posts/joshcgrossm

Client Info

Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst