We’re excited to announce that our July OWASP Meetup will be Sponsored by Endor Labs
Join us for an evening of great conversations, community networking, and insightful security discussions — all in an awesome venue provided by Endor Labs. And yes, there will be delicious food and drinks generously provided by our sponsors!
5:00 PM : Doors open, Networking, food and drinks
5.30 PM :- Chapter introductions
5.45-6.15 PM :- Evolving Your AppSec Program in the Era of AI
6.15-7.00 PM :- Role mining for AppSec with AI and Open policy agent
7.0-7.45 PM :- MCP Security: Securing the newest API Standard Behind ChatGPT, Claude & Copilot
Talk#1 :- Evolving Your AppSec Program in the Era of AI
Description: AI is already transforming how software is built—but for security teams, it’s mostly just making life harder. Developers are shipping AI-generated code at breakneck speed, while security teams struggle to keep up. The challenge isn’t just securing AI-generated code and systems—it’s evolving your AppSec program to keep pace with software development.We'll explore how security teams can evolve their programs across two key dimensions: securing AI-driven software development and using AI to enhance security workflows. You’ll learn:
- Strategies for managing risks from AI-generated code and autonomous agents
- How security teams can use AI to reduce work and improve security outcomes
- Where AI can enhance security—and where human expertise remains irreplaceable.
AI isn’t just a security challenge; it’s a chance to build a smarter, more efficient security program. Join us to learn how to make AI work for security, not against it.
Speaker:- Andrew Stiefel is a product marketing manager at Endor Labs, where he focuses on open source security. He previously led product marketing for developer security products at 1Password and API security at NGINX. His writing on software supply chain security, DevSecOps, and API security has appeared in the CNCF blog, The New Stack, and Help Net Security.
Talk#2: Role mining for AppSec with AI and Open policy agent
Description: Sultan will share his experience how to use AI to create RBAC roles and ways to enforce them with OPA on large microservices deployments
Speaker: Sultan is a Product Security engineer at Zoox, where he is working to secure the infrastructure for the future of autonomous mobility. Previously, Sultan has worked at Roblox and Palo Alto Networks, building software in the IAM and IoT security space.
Talk#3: MCP Security: Securing the newest API Standard Behind ChatGPT, Claude & Copilot
Description: MCP is the new API standard behind tools like ChatGPT, Claude, GitHub Copilot, and Cursor powering over 5,000 servers. But this new protocol brings new risks: tool poisoning, shadow tools, rug pulls, and credential leaks that traditional AppSec tools weren’t built to detect.
Join us to learn:
- What Are MCPs and Why They Matter?
- Why “prompt → reasoning → tool” changes everything
- Real-world attacks like tool poisoning, shadow tools, and token misuse
- How leading AppSec teams are starting to secure this emerging layer?
- A solution to MCP Security in action
Speaker: Ankita is the Co-founder and CEO of Akto - the fastest growing API Security Solution for Modern Appsec Teams. She has 15 years of experience working at JP Morgan, VMware, Linkedin across engineering, security, GTM teams. She completed her engineering undergraduate from IIT Roorkee and Masters from Dartmouth College. She founded Akto in 2022 with a mission to secure APIs, apps and everything in between for appsec teams. She is leading her company to empower appsec teams with AI-first security practices and technology.
