Tuesday, 8 November, 2022 UTC


Summary

It has been almost twelve years since I first attended an OWASP event, the OWASP Summit 2011 in Portugal, and it was memorable. Unlike conferences, which are more formal, the purpose of the summit is to network and share ideas with OWASP volunteers and the community. It made a lasting impression on me. So much so that I’m excited to announce that I’m starting a new OWASP Lisboa (Lisbon) chapter along with fellow leaders Nuno Loureiro, Tiago Mendo, and Carlos Serrão.
During my inaugural OWASP event in 2011, my company Jscrambler didn’t exist yet although our initial product, a code protection tool, had just been released. I had mostly worked in network and systems security but developing a JavaScript code protection product put Application Security (AppSec) on my radar. I started gravitating to anything related to browser security.
At my first OWASP event, I didn't know what to expect. The event was organized thematically, and people gathered to discuss projects of interest. It gave me the opportunity to connect with smart and dedicated people who were also committed to application security. Many became friends over the years.
The community was working together, sharing information, and coming up with brilliant solutions to further the AppSec field. It was a challenging, rewarding, and pivotal moment in my career. After that event, I decided to focus solely on application security. It triggered a chain of events that eventually led to me co-founding Jscrambler in January 2014.
I’ve since been in many other OWASP events as an attendee and as a speaker. Some of my speaking sessions include:
  • OWASP EU Tour 2013, “Protecting JavaScript code - facts and fiction”,
  • OWASP AppSec California 2017, “A case for integrity - JavaScript Apps should have it too”,
  • OWASP AppSec US 2017, “Crafting the next-generation Man-in-the-Browser Trojan”,
  • OWASP AppSec EU 2018, “A methodology for assessing JavaScript Software Protections”,
  • OWASP Poland Day 2018, “Are your JavaScript-based protections really secure?”
  • OWASP AppSec Tel Aviv 2019. “Rhyming with Hacks - the ballad of Supply Chain Attacks”,
  • OWASP 20th Anniversary Conference 2021, “Achieving Web Isolation Nirvana - How far along are we?”,
  • OWASP Global AppSec USA 2021, “Bots have gone phishing, but all they get is the boot”,
Interacting with the OWASP community has given me a lot, and I always felt that I had a responsibility to do more. The OWASP Lisboa chapter is a perfect opportunity to give back with my fellow co-founders.
Carlos Serrão was the chapter leader for OWASP Portugal when this vibrant chapter hosted the OWASP Summit in 2011. We couldn’t be happier to start building the local chapter in Lisboa now and we know there’s a lot to be done.
The first step is OWASP Lisboa’s first meetup, which will take place in Lisbon on November 9th. OWASP meetups are free but if you are interested in attending, we recommend you RSVP as soon as possible as tickets are limited. If you can’t attend the first meetup, consider subscribing to the chapter’s mailing list to learn about future events and announcements.
You never know what can happen when you’re in a room with like-minded, dedicated professionals. I will always be grateful for my first event 12 years ago as it influenced my professional journey. I hope you can make it and get acquainted with this incredible AppSec community.