Event

OWASP Birmingham December Meeting

Date
December 5, 2024
Event Type
In person
Location
Europe
Save My Spot
Event Overview

We’re excited to feature David Archer, Solution Architect at Endor Labs, at this meetup, who will deliver an engaging session titled “Ship Happens: The Stormy Seas of Supply Chain Security.”

Session Overview:
Modern software development is a sprawling network of open-source dependencies, sophisticated build tools, plugins, pipelines, repositories and runtimes. This “supply chain” is under relentless attack and many of the potential threats are poorly understood by our development and security teams. We’ll take a warts-and-all look at how software is produced, re-used and “secured”. We'll explore strategies to mitigate some of the threats that exist and share practical takeaways that you can immediately implement in their software development practices. Expect to leave with a feeling of dread(!), but also hopefully a deeper understanding of supply chain security and where you should pay closer attention to your software factory.

Don’t miss out on this opportunity to gain crucial insights into securing your software supply chain!

Join us for the OWASP Birmingham December Meeting!

Contents
Contents
Agenda
What to Expect
Speakers
Save My Spot

Want to stay in the loop?

Sign up for our newsletter.

Welcome to the resistance
Oops! Something went wrong while submitting the form.
Claude Fable 5: Mythos-grade hype, record cheating, and a few hall-of-fame entries
Average results with 59.8% on functional solves and just 19.0% on security solves
Read more
Recall, not reasoning: how AI coding agents cheat security benchmarks
Recall, not reasoning: how AI coding agents cheat security benchmarks
Read more
Endor Labs + Cursor: Building the security foundation for agentic coding
Endor Labs + Cursor: Building the security foundation for agentic coding
Read more
Introducing Full Stack Reachability: Container Scanning That Actually Reduces Noise
Cut container vulnerability noise by up to 90% with full-stack reachability analysis spanning application and container image OS layers.
Read more
Classic Vulnerabilities Meet AI Infrastructure: Why MCP Needs AppSec
MCP servers inherit classical vulnerabilities like command injection, path traversal, and SSRF. Here's why LLMs and MCP deserve the same security practices as traditional applications.
Read more
How Fake Font Packages Abused npm as a CDN
101 packages disguised as font files distributed 34 TiB of data via npm's infrastructure—with a total of 4.3 PiB transferred via downloads.
Read more