web-security

DAST with OWASP purpleteam

Justin Beyer speaks with Kim Carter about Dynamic Application Security Testing and how OWASP PurpleTeam can help. Then dives into the composition of PurpleTeam.

PurpleTeam

Modern Development Teams move fast - Choose a Security Solution that can keep up.Automatable Security Regression Testing for your Applications and APIs.The CLI can be run manually which provides a dashboard, but it’s sweet spot is being inserted into Development Team’s build pipelines and run in headless ([`noUi`](https://github.com/purpleteam-labs/purpleteam/blob/main/README.md/#configure-ui)) mode.

OWASP purpleteam

Carl and Richard chat with Kim Carter about purpleteam, an open-source project for testing web applications and APIs as part of your CI/CD pipeline

PurpleTeam at Alpha

Where has Kim been for the last couple of years? This post explains why he's been so quiet and what he has been working on.

Talk - Building PurpleTeam (a Security Regression Testing SaaS) - From PoC to Alpha

Developers / Engineers know that a build pipeline is an essential part of creating robust and reliable software, but what to put in it? This talk covers the creation of purpleteam from PoC to Alpha release, and why it’s an ideal fit for the security regression testing slot of your build pipeline.

Workshop - Init Security Titans

Workshop to initialise, train and deploy the Jade Security Champions across the Jade Development Teams.

Talk - Security Regression Testing on OWASP Zap Node API

The OWASP ZAP HTTP intercepting proxy is useful for manually attacking your Web apps and APIs. Now, we have the official Node API to programatically drive ZAP to regression test our creations. Kim will show you how to build a fully featured security regression testing CLI, consumable by your CI/nightly builds.

Natalie Silvanovich on Attack Surface Reduction

Natalie Silvanovich from Google Project Zero talks with Kim Carter about what attack surface reduction is about.

Péter Budai on End to End Encryption

Head of Cryptography Engineering at Tresorit, Péter Budai talks with Kim Carter about End to End Encryption.

Conference - OWASP New Zealand Day

The eighth OWASP New Zealand Day conference, held at the University of Auckland.