What we’re about
This is the Toronto Chapter for OWASP. The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.
If you are interested in application security, come join us! OWASP Toronto meetings are open to EVERYONE to join for FREE.
For more information, please visit our website at https://www.owasp.org/index.php/Toronto
Sponsors
See all
SonatypeGlobal Contributing Corporate Member & Local Event Supporter
Security InnovationGlobal Contributing Corporate Member & Local Event Supporter
Security CompassGlobal Contributing Corporate Member & Local Event Supporter
Hewlett Packard EnterpriseGold Local Chapter Supporter
CheckmarxGlobal Contributing Corporate Member & Silver Local Chapter Supporter
AmazonLocal Event Supporter
ShopifyLocal Event Supporter- SonatypeGlobal Contributing Corporate Member & Local Event Supporter
- Security InnovationGlobal Contributing Corporate Member & Local Event Supporter
- Security CompassGlobal Contributing Corporate Member & Local Event Supporter
- Hewlett Packard EnterpriseGold Local Chapter Supporter
Upcoming events (1)
See all- The Dark Side of AI: Developing unsecure applications in minutes!Microsoft Reactor, Toronto, ON
***************************************
Note for IN-PERSON attendance:You MUST register using the Microsoft Reactor event page. At doors open time, registered attendees will receive a personalized QR code allowing them to enter. Sorry, NO walk-ins for this event.
The registration will close Tuesday May 6 at 4:00 PM.
Note for ONLINE livestream:
If you cannot attend in-person, please join us virtually via the livestream! Details to be announced shortly.
***************************************Schedule:
- 5:30 PM: Doors Open
- 6:00 PM Talk Begins
- 7:00 PM Q/A & Networking
Talk Description:
AI is the ultimate accelerant for application development—its power unmatched—but without balance and control, it can quickly ignite new risks, turning potential into destruction. Explore the tangible impact of AI-generated code in this session by playing with fire – Using GPT-driven prompts, we’ll build a fully functional application, and in real time, we’ll uncover how common security flaws like SQL injection, cross-site scripting, and weak authentication can manifest in AI-generated code.
Through hands-on exploration, we’ll walk through the potential impact of these vulnerabilities and how these risks could be avoided with secure coding practices, defined policies, developer guardrails, and thorough security audits and code reviews.By the end of the session, you'll have a deep understanding of how to:
- Recognize and assess the risks AI introduces in your code.
- Implement secure coding practices and enforce security policies.
- Integrate security audits, code reviews, and testing into your development workflow to ensure AI-generated code is safe for production.
This session is vendor agnostic and designed to empower you to reap the benefits of AI without sacrificing security.
Not open
