We are using our traditional "talk-pizza-talk" format, looking at two OWASP projects - one flagship and one incubator.

Talk 1: Gareth Dixon

Running a security event using OWASP Security Shepherd

In this talk I will cover running a security event using OWASP Security Shepherd. The event to be discussed was staged to promote engagement in a security initiative, understanding of security vulnerabilities and the application of knowledge to production services and applications. This talk will cover the project planning stage, through execution to the project retrospective.

Pizza and networking

Talk 2: Mike Goodwin

Enter the (Threat ) Dragon:Threat Modeling with OWASP Threat Dragon

Threat modeling is a great technique for hardening your application designs, but current tooling is a bit "crashy", limited to Windows or not free. OWASP Threat Dragon is an OWASP incubator project that aims to fix this and bring threat modeling to the masses. This talk is a tour round the tool, it's future road map and a look under it's hood. Mike the the project leader for Threat Dragon, so if you want to contribute, he would be very pleased to speak to you.