OWASP Gotheburg: Unofficial Security Fest Pre-Party

Welcome to OWASP Gothenburg’s unofficial warmup session to Security Fest for an evening with food, drink and interesting keynotes with the Cybersecurity Community! You do not need a ticket to Security Fest to attend, everyone with a cybersecurity interest is welcome to sign up.

Where: Assured Security Consultants,Norra Allégatan 7, 413 30 Göteborg

Agenda:

• 17:30 - 18:00 - Doors open
• 18:00 - 18:45 - Findings are not bugs , Jonas Magazinius

You hired pentesters. They found bugs. You patched them. You're done, right? About that.
A talk on what a pentest finding actually is, and what most organizations do with it instead. One ordinary finding, read four very different ways.

• 18:45 - 19:00 - Short break
• 19:00 - 20:00 - Myexia / Melusa: A Discordian Credential Stealer, Francisco Blas (Klondike) Izquierdo Riera

What's worse than a malicious actor stealing your user's credentials? A malicious actor stealing your users' credentials using your own platform for that! But as a platform owner you can do even worse.

How about making it impossible to report the abusive use of the platform by the malware? In this talk we will cover how we went from a malware report, to a malware analysis and all for nothing because Discord has made it impossible to report abusive webhooks.

• 20:00+ - Overtime + hangout @ Assured’s office

After the talks are done, Assured’s office will remain open for all event participants to hang out. There will be beer and good company served!