May the Force be with you (because it’s still May, we can still do this right?!😬) ...and because AppSec Village at @defcon needs volunteers!

Sign up to help us make the village epic: https://buff.ly/R8sX9dV

#communitydriven #donatetoeducate #appsec

Would you like to know how mature your #AppSec program is? Please take my survey to receive a target report based on your answers of how to level up your program—no matter your current maturity level.

https://twp.ai/4im1ej

*Report is free, but you join the Semgrep newsletter.

🚨 Hurry! Expo space for #OWASP Global AppSec US in Washington, DC is almost gone. Don’t miss your chance to connect with the appsec community! #developers #appsec #cybersecurity #washingtondc
🔗 http://dc.globalappsec.org/

Attending Confidence Con in Krakow 🇵🇱 this weekend? Be sure to check out our Szymon
Drosdzol's presentation - API Authorization Antipatterns: https://confidence-conference.org/lecture-2025/#id=100431

#doyensec #appsec #CONFidenceConf

AppSec Ezine - 589th edition #AppSec #Security pathonproject.com/zb/?33afd768...

AppSec Ezine

AppSec Ezine - 589th https://pathonproject.com/zb/?33afd7687908185d#i0U+L14wGdG2sapGqAztLxcX+YN2ixT6DbUx+C4I8k0= #AppSec #Security

Some decent AppSec advice in here from a security chief at Sony.

https://www.darkreading.com/vulnerabilities-threats/defense-depth-approach-modern-era

#appsec #defenseindepth

They are saying "new browser based attack" but isn't this just user redress?

https://www.infosecurity-magazine.com/news/browser-exploit-technique/

#appsec #clickjacking

Love learning about all things AppSec for free?
Enjoy hearing fresh voices?
Love live demos, open tools, and curious minds doing cool things?
Yep. Us too! That's why AppSec Village ✨ exists ✨.
We're 100% volunteer run. If you’ve learned something, been inspired by a talk, or just dig what we’re about, we’d love your support.
Donate today: https://buff.ly/dg9buf7

#communitydriven #donatetoeducate #appsec

Criei um labzinho de desenvolvimento seguro espefico para uma linguagem e vulnerabilidade que estava pegando aqui com os devs, tem td um passo a passo, quem quiser. #js #appsec #devsec #learn https://github.com/fguisso/backoffice-balm

We are kicking off our 2025 meetups! Our first meetup is on June 11th and we have Nate Michalov talking about evolving your AppSec Program in the age of AI! RSVP by June 9th at https://www.meetup.com/owaspboston/events/308127174/ to grab a spot.
#appsec #ai #owasp ##owaspboston

We're at @owasp Global AppSec EU 2025 as a Golden Sponsor! 🎉
Stop by Booth G-02 to see how Xygeni helps you #FixFast and #ShipSecure with our new AI AutoFix. Grab some awesome merch & let's talk #AppSec!
#OWASP #AppSecEU2025 #Cybersecurity #DevSecOps #AI #InfoSec

Most important slide at Sarah-Jane Maddens keynote this morning at the #owasp #appsec global conference in Barcelona

#infosec #team #ciso

We also discuss Dustin’s new venture, Katilyst (https://twp.ai/9PSkCT), a new startup focused on empowering engineering teams to take ownership of security in a practical, scalable way.

#RSAC2025 #SecurityChampions #Katilyst #AppSec #DevSecOps

2/2

For reference, here is the old chart by Dan Geer from a couple decades ago (source: https://all.net/Metricon/measuringsecurity.tutorial.pdf)

#security #swsec #infosec #appsec

🚨 Expo space is going fast! Don’t miss your opportunity to showcase at #OWASP Global AppSec US in Washington, DC. Secure your spot today! #developers #appsec #cybersecurity #washingtondc
🔗 http://dc.globalappsec.org/

Working within the #AppSec space, I'm often bemused by calls with potential vendors. So often the problems that my employer faces seems to be news to the vendor's presales team. It is like they have never even considered the possibility of some of our challenges. It feels very much like the tool vendors are way behind what we need, and are constantly being surprised by our requests.
When I am talking about our day-to-day challenges, I don't expect a vendor to be considering my questions to be "tough" questions. These are just things we need their tools to do...

👉 Download now 🔥

https://twp.ai/4inh0o

#SecureSDLC #AppSec #CyberSecurity
2/2

@bsidesboulder I have made so many memes for this!!!

I'm so excited to talk about the fun intersection of #appsec and #containers and systems design!

😎That feeling when a newsletter actually delivers.

The first edition drops today at 9:15 am EST... don’t catch a critical case of FOMO.

Subscribe now and stay one step ahead: https://mailchi.mp/appsecvillage/newsletter-signup

#appsec #appsecvillage #newsletter #community #cybersecurity