What we’re about
OWASP London Chapter
OWASP (The Open Worldwide Application Security Project) is a worldwide not-for-profit organisation focused on improving the security of software. With over 250 local Chapters worldwide and 110,000+ volunteers OWASP's open community is dedicated to enabling organisations and individuals to develop and maintain applications that can be trusted. OWASP's meet-ups, tools, standards, guidelines, documents and forums are free and open to anyone interested in improving application security.
Visit OWASP London webpage here: https://www.owasp.org/london
Follow us on Twitter: https://twitter.com/OWASPLondon
Follow us on LinkedIN: https://www.linkedin.com/company/owasplondon
"Like" us on Facebook: https://www.facebook.com/OWASPLondon
Watch recordings of talks presented at our events on our YouTube channel: https://www.youtube.com/OWASPLondon
^Please subscribe to our YouTube channel to get notified when the latest video recordings of our talks get published.
We are also on Slack: https://owasp.slack.com #chapter-london channel (for Slack invites visit: https://owasp.org/slack/invite))
We also have a mailing list, sign-up here: https://groups.google.com/a/owasp.org/forum/#!forum/london-chapter/join
We usually run 7-10 events per year: meet-ups ("Chapter Meetings"), Capture The Flag (CTF) tournaments, Hackathons, workshops and hacking/cyber-security themed pub quizzes.
Please note that while we do advertise our meetups here on Meetup[.]com due to the Meetup platform limitation we do not use the Meetup's RSVP system and instead use Eventbrite for free tickets and registration to attend our events. If you have an account on EventBrite you can follow us there as well: https://owasplondon.eventbrite.co.uk/
You don't have to be an OWASP member to attend any of our meetups or CTFs - they are free and open to everyone interested in Application Security, booking is required.
There is a paid membership, which is a donation to the OWASP Foundation - it gives you discounts on many cyber-security conferences around the world, voting rights, @owasp.org email address and many other benefits like free access to paid training platforms. Join OWASP Global Foundation as a paid member here: https://www.owasp.org/index.php/Membership
Upcoming events
1
![OWASP London Chapter Meetup [IN-PERSON]](https://secure.meetupstatic.com/photos/event/6/2/7/0/highres_531145200.jpeg)
OWASP London Chapter Meetup [IN-PERSON]
1 Principal Place, 115 Worship Street, EC2A 2FA, London, GBDetalis
This event is kindly hosted by Amazon.
Raffle prize is sponsored by Semgrep. There is limited seating available for in-person attendees. Registration required (bring PhotoID!)
This event will also be live-streamed on YouTube.
Recordings will be available on the OWASP London YouTube channel.Venue Location: Amazon London HQ, 1 Principal Place, London EC2A 2FA
Nearest Tubes: Liverpool Street (6 minute walk), Shoreditch High Street (3 minute walk)
Doors Open at 6pm for registration, pizza, drinks and networking. The talks start at 6:30pm (we start on time!).TALKS:
OWASP Introduction, Welcome and News - Sam Stepanyan, Andra Lezza, Sherif Mansour - OWASP London Chapter Leaders
"AI Agents Gone Rogue? Building, Defending and Attacking AI Agents" - Katie Paxton Fear
Welcome to the AI era: LLMs are dead, long live agentic AI! But uhh what is agentic AI anyway? Well for a lot of the sci fi loving nerds out there it's basically everything we want from AI and more. Instead of being limited to a chatbox, agentic AI promises true autonomous AI working together in a swarm to achieve their goals. Want to book a flight tomorrow at 9am? Simply ask AI and it will deploy a flight booking agent finding the perfect flight options for you. Perhaps you want to generate some code? It enlists a team of agents from planning architecture to writing code and checking for security issues, all working together to deploy your idea into production, just come back in a few minutes. This dream can quickly become a nightmare, from agents inadvertently becoming insider threats, to threat actors building autonomous hackbots to find and exploit vulnerabilities, to malware deployed as an agent. Thankfully though, this is all brand new and we have time, right? Well maybe not as much as we'd like...
"Deep Dive into the OWASP Top 10 for Agentic Applications" - John Sotiropoulos
Join John Sotiropoulos from the OWASP GenAI Security Project's Agentic Security Initiative (ASI) for an in-depth look at the upcoming OWASP Top 10 for Agentic Applications. This session will explore the key risks and mitigations shaping the security of agentic and autonomous AI systems, how they connect with the OWASP Top 10 for LLM Applications, and the Agentic Risk Exposure Spectrum — a model that maps risk and control relevance across different levels of agentic adoption.
RAFFLE - win a prize kindly donated by our sponsors!
SPEAKERS:
Dr Katie Paxton-Fear (@InsiderPhd)
Katie is Staff Security Advocate at Semgrep and a Lecturer in Cyber Security at Manchester Metropolitan University, however, in her free time, she’s a bug bounty hunter and an educational YouTuber. She started out hacking in June 2019 during a HackerOne mentorship program and now hopes to be a mentor to others, creating educational cyber security videos on YouTube. In her videos, she attempts to bridge the gap between “I know what bug bounties are” and “bug bounty hunter” giving advice specifically tailored to bug hunting. She’s now produced over 50 videos on bug bounty hunting for an audience of over 95,000 YouTube subscribers. Aimed at a beginner audience these go from finding your first bug, to how to use specific tools, to how to find specific bug classes. Katie has discovered and responsibly reported security vulnerabilities to several large organisations such as Verizon Media and the US Department of Defense
John Sotiropoulos
John Sotiropoulos is the Head of AI Security at Kainos, where he helps safeguard national-scale AI projects. He serves on the OWASP GenAI Security and Top 10 for LLM Applications Project Board, overseeing the project, contributing to LLM Top 10 entries - including leading the supply chain category - and actively liaising with standards bodies, cyber agencies, and industry communities. John also co-leads the OWASP Agentic Security Initiative, driving the development of agentic security guidelines and the forthcoming OWASP Top 10 for Agentic Applications. He is the author of the UK Government’s official Implementation Guide for the AI Cyber Security Code of Practice, now adopted internationally as an ETSI standard, and the author of the Amazon bestselling book Adversarial AI – Attacks, Mitigations, and Defense Strategies
TICKETS:
OWASP meetups are free and open to anyone interested in application security. Please note that you MUST book your place to be admitted to the event by the building security. Your name will be checked against the guest list and a PhotoID is required!
CODE OF CONDUCT:
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. OWASP Code Of Conduct: https://owasp.org/www-policy/operational/code-of-conduct
140 attendees
Past events
56
![OWASP London Chapter Meetup [In-Person]](https://secure.meetupstatic.com/photos/event/a/e/e/a/highres_530504778.jpeg)
![OWASP London Chapter Meetup [In-Person]](https://secure.meetupstatic.com/photos/event/b/7/d/c/highres_529967068.jpeg)
