[Owasp-germany] OWASP Stammtisch Hamburg, November 1st

Dirk Wetter dirk at owasp.org
Thu Oct 25 19:12:29 UTC 2018

Hi all,

next talk will be in English. Sorry that Jim Manico couldn't make it. Fortunately we have a
perfect replacement for him. It's (Dr.) Philippe De Ryck from Belgium. The only catch is we
can't bribe him with German beer as the Belgium beer is way better than the Hawaiian... ;-)

Location:   Xing, Dammtorstr. 30, Hamburg
Start time: 18:30 hours
Speaker:    Dr. Philippe De Ryck
Topic:      Common API security pitfalls
Wrap up:    TBD, probably Klimperkiste

The shift towards an API landscape indicates a significant evolution in the way we build
applications. The rise of JavaScript and mobile applications have sparked an explosion of
easily-accessible REST APIs. But how do you protect access to your API? Which security aspects
are no longer relevant? Which security features are an absolutely must-have, and which
additional security measures do you need to take into account?

These are hard questions, as evidenced by the deployment of numerous insecure APIs. Attend this
session to find out about common API security pitfalls, that often result in compromised user
accounts and unauthorized access to your data. We expose the problem that lies at the root of
each of these pitfalls, and offer actionable advice to address these security problems. After
this session, you will know how to assess the security of your APIs, and the best practices to
improve them towards the future.

Philippe De Ryck is the founder of the SecAppDev conference which celebrates his 15th
anniversary. He also found Pragmatic Web Security, where he travels the world to train
developers on web security and security engineering. He holds a Ph.D. in web security from KU
Leuven. Google recognizes Philippe as a Google Developer Expert for his knowledge of web
security and security in Angular applications.

OWASP Stammtisch in General
Our meeting is about web applications and their (in)security and/or about IT security in
general. People come together which care as a hobby or in their job about IT security:
developers, managers, pentesters and everybody else who's interested in it. The atmosphere is
open and relaxed. Who's coming to sell products or their services: this is not the right place.
OWASP is about sharing technical information and education.
Feel free to forward our meetup information to colleagues or friend. They are welcome, too.
Participation is free and open -- as the O in OWASP.

Please let me know by Wednesday morning if you plan to attend either by sending me an e-mail or
RSVP to meetup (https://www.meetup.com/OWASP-Hamburg-Stammtisch/events/255794105/) as our host
is planning drinks and probably food. Also, unless space, this room is not infinite but has

Cheers , Dirk

OWASP Volunteer
Send me encrypted mails (Key ID 0xD0A74569)

More information about the Owasp-germany mailing list