Your security is only as strong as your people's will to keep it.

Educate.
Endorse.
Or eliminate.

Stay silent. Stay secure.

#CyberSecurity #HumanFactor #SecurityAwareness #InsiderThreat #RiskManagement

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“DevSecOps: More Than Just Pipelines”
📽️ https://twp.ai/4in9pH

#CyberSecurity #SecurityAwareness #appsec

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“Security Metrics that Matter”
📽️ https://twp.ai/4in9pD

#CyberSecurity #SecurityAwareness #appsec

Trusted services like Google Drive are now used as gateways for cyberattacks. Imagine clicking on a link that feels safe—but ends up stealing your credentials. How vulnerable are we really?

https://thedefendopsdiaries.com/chainlink-phishing-a-new-era-of-cyber-threats/

#chainlinkphishing
#cybersecurity
#phishingthreats
#infosectrends
#securityawareness

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“Building Security Champions”
📽️ https://twp.ai/4in9p0

#CyberSecurity #SecurityAwareness #appsec #securitychampions

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“Top Ten Security Tips for APIs”
📽️ https://twp.ai/4in9ou

#CyberSecurity #SecurityAwareness #appsec #APISecurity

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“Incident Response for Devs” - And #DevOps folks too!
📽️ https://twp.ai/4in9ow

#CyberSecurity #SecurityAwareness #IncidentResponse

Breaking My Security Assignments

https://www.akpain.net/blog/breaking-secnet-assignments/

#HackerNews #Breaking #My #Security #Assignments #CyberSecurity #InfoSec #Hacking #Assignments #SecurityAwareness

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“Shifting Security Everywhere” - Not just LEFT anymore!
📽️ https://twp.ai/4in9oh

#CyberSecurity #SecurityAwareness #appsec

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“Secret Hunting” - Finding secrets code! #notgood
📽️ https://twp.ai/4in9ok

#CyberSecurity #SecurityAwareness #appsec

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“DevSecOps Worst Practices”
📽️ https://twp.ai/4in9of

#CyberSecurity #SecurityAwareness #appsec #RSAC

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“Adding SAST to CI/CD, Without Losing Any Friends”
📽️ https://twp.ai/4in9oa

#CyberSecurity #SecurityAwareness #appsec

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

"Maturing Your Application Security Program"
📽️ https://twp.ai/4in9oW

#CyberSecurity #SecurityAwareness #appsec

📢 OWASP Ottawa June 2025 Meetup 📢

Join us in person at the University of Ottawa for our next OWASP Ottawa meetup on June 18, 2025, as we explore the human side of cybersecurity.

📅 Date: June 18, 2025
⏰ Time: 6:00 PM EST – Arrival, setup & pizza 🍕
6:30 PM EST – Technical Talks
📍 Location: 150 Louis-Pasteur Private, University of Ottawa, Room 117
🎙️ Talk: “Hacking the Human Firewall: Insights from Social Engineering Corporations”
👥 Speakers: Kyle Falcon, PhD, Ahmed Shah, Mathieu Quirion, and Kevin Tremblay – Security & GRC Analysts at Malleum

Despite all the advanced tech, humans remain the weakest link in cybersecurity. This talk will dive into real-world social engineering campaigns and will discuss:

• OSINT - Determining Targets and Entry Points
• NIST Phish Scale - Evaluating the Content of a Phishing Email
• Email Phishing - How Attackers Get SPAM Into the Corporate Inbox
• Phone Social Engineering - Experiences in Impersonation and Taking Over Accounts
• Physical Security - Outcomes from Just Hanging Around the Office

You'll leave with:
• A deeper understanding of attacker psychology & methods
• Practical tips to strengthen your organization’s human defenses

📺 Can’t join in person? We’ll livestream on YouTube: https://www.youtube.com/@OWASP_Ottawa

🔗 RSVP now: https://www.meetup.com/owasp-ottawa/events/308219237/

Come learn, network, and grab some pizza 🍕 with Ottawa’s cybersecurity community!

#OWASP #Ottawa #Cybersecurity #SocialEngineering #InfoSec #Networking #SecurityAwareness

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

"Using Artificial Intelligence, Safely"
📽️ https://twp.ai/4in9oR

#CyberSecurity #SecurityAwareness #appsec #AI

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

"Shift Left Doesn't Mean Anything Anymore"
📽️ https://twp.ai/4in9oU

#CyberSecurity #SecurityAwareness #appsec

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

Seatbelts for Web Apps (#SecurityHeaders) (with Scott Helme)
📽️ https://twp.ai/4in9oQ

#CyberSecurity #SecurityAwareness #appsec

@dalai @ip6li wenn das kein unangekündigtes "#SecurityAwareness"-#Training ist bin ich erschrocken.

• €30k p.m.? Wirklich?? Kompetenztechnisch wäre hier selbst €30k p.a. zuviel...

Allein die Nutzung von #Govware wie #Outlook welche #Passwörter (und generell Logins zu Postfächerm) im #Klartext an #Microsoft schickt sollte Grund genug sein diesen wegen gröblicher Pflichtverletzung zu feuern und in Regress zu nehmen!

Why Take9 Won’t Improve Cybersecurity

There’s a new cybersecurity awareness campaign: Take9. The idea is that people—you, me, everyone—should just pause for nine seconds and think more about the link they are planning to click on, the file they are planning to downlo... https://www.schneier.com/blog/archives/2025/05/why-take9-wont-improve-cybersecurity.html

#psychologyofsecurity #securityawareness #computersecurity #Uncategorized #phishing

When a data breach hits the headlines, it always feels distant. Big companies, faraway places, lots of numbers - but no real context.

What if you could see cyber risk happening right around you? In your town. In your industry. Today.
That question kicked off the wild ride that became BreachMap. I built a tool that maps real-world breaches by location and sector - It visualises risk in ways everyone can understand - whether you're a solopreneur, small business, an MSP, or a security pro.
It gives your security awareness local relevance, not just generic noise. It started as a curiosity project, but turned in to something I needed to finish.

BreachMap v1 is now live @ https://www.breachmap.app

Big love to everyone who’s helped test, build, and break it along the way.

This is just the beginning.

#BreachMap #CyberSecurity #StartupJourney #Infosec #DataBreach #ThreatIntelligence #MSP #HumanSecurity #SecurityAwareness #BuiltInPublic