owasp

Talk - Incident Response and Application Intrusion Detection

Talk by Chris and Kim on Incident Response and Application Intrusion Detection

OWASP purpleteam

Carl and Richard chat with Kim Carter about purpleteam, an open-source project for testing web applications and APIs as part of your CI/CD pipeline

Workshop - Planning and Covid

Planning for this years Meetup sessions followed by a discussion on Covid

PurpleTeam at Alpha

Where has Kim been for the last couple of years? This post explains why he's been so quiet and what he has been working on.

Talk - Building PurpleTeam (a Security Regression Testing SaaS) - From PoC to Alpha

Developers / Engineers know that a build pipeline is an essential part of creating robust and reliable software, but what to put in it? This talk covers the creation of purpleteam from PoC to Alpha release, and why it’s an ideal fit for the security regression testing slot of your build pipeline.

Talk - Security Regression Testing on OWASP Zap Node API

The OWASP ZAP HTTP intercepting proxy is useful for manually attacking your Web apps and APIs. Now, we have the official Node API to programatically drive ZAP to regression test our creations. Kim will show you how to build a fully featured security regression testing CLI, consumable by your CI/nightly builds.

Conference - OWASP New Zealand Day

The eighth OWASP New Zealand Day conference, held at the University of Auckland.

Workshop - Building Security Into Your Development Teams

Kim's flagship Software Developer focussed training, this time at OWASP New Zealand Day conference.

Holistic Info-Sec for Web Developers

A three part book series focused on lifting the security knowledge of Software Developers, Engineers, and their teams, so that they can continuously deliver secure technical solutions on time and within budget, without nasty surprises. First book is complete, second book is content complete and currently in technical review.

Workshop - Web Developer Quiz Night

Attacking a set of carefully curated questions around info-sec, white hat, black hat, attack and defense.