| |
|
Bay Area OWASP Meetup
|
| With Ankit Agrawal (Security Engg, Webflow), Swapnil Deshmukh (Cybersecurity Exec), Shelley Wu (Product, Semgrep), Daghan Atlas (Head of Product, Semgrep). |
|
Jun 24 (Wed) @ 05:00 PM
FREE
| | Semgrep, 799 Market St, Ste 500, SF
|
|
|
|
|
| |
| Register |
|
|
| |
Join us for the June Bay Area OWASP Meetup, proudly sponsored by Semgrep.
Spend the evening connecting with fellow security professionals, learning from insightful presentations, & engaging in meaningful discussions on the latest security topics. Enjoy great networking opportunities along with food & refreshments, generously provided by Semgrep.
5:00 PM : Doors open, Networking, food & drinks
5.30 PM :- Chapter introduction
5.45-6.30 PM :- A Strategy for Evaluating LLM + SAST
6.30-7.15 PM :- Frontier Labs Said It Was Build, Fixed & Implemented! What can go wrong.
7.15-8.00 PM :- The Security Tab You're Running Up: What AI-Generated Code Costs in the Long Run
Talk#1: A Strategy for Evaluating LLM + SAST
Abstract: LLMs can reason about security bugs, but when pointed straight at a codebase they're inconsistent, expensive, & noisy. The biggest gains come from what wraps the model. We show how the right harness can drive recall, precision, & run-to-run consistency. We benchmark this with models like Claude Opus 4.8, GPT 5.5, etc. to determine how best to drive down the price per true positive vulnerability.
Speakers:- Shelley Wu, Senior Product Manager & Daghan Atlas, Head of Product
Talk#2: Frontier Labs Said It Was Build, Fixed & Implemented! What can go wrong.
Abstract: As AI becomes part of software delivery, teams increasingly rely on vibe coding for security recommendations. This talk examines why confidence is not evidence & presents approaches for independently validating AI-driven security decisions.
AI trust boundaries
Verification of AI outputs
Security agent governance
Evidence-backed automation
Speaker Bio: Swapnil Deshmukh is a cybersecurity executive, entrepreneur, & security practitioner with more than 15 years of experience leading security, application security, cloud security, & product security initiatives across financial services, payments, & technology organizations. He has held security leadership roles at a few Fortune 500 companies & has worked on securing large-scale platforms, software delivery systems, & enterprise infrastructure.
Swapnil is a co-founder of Certus Cybersecurity & has advised organizations ranging from startups to Fortune 500 companies on application security, cloud security, identity, & secure software delivery. His interests include modern software engineering, AI-assisted development, security governance, & building scalable approaches to security decision-making.
Talk #3 "The Security Tab You're Running Up: What AI-Generated Code Costs in the Long Run"
Abstract: AI coding tools have made it easier than ever to ship fast, but the security bill arrives later & lands far from where the velocity wins were celebrated. In this talk,
Speaker: Ankit Agrawal, Sr. Security Engineering Manager at Webflow, draws from real-world experience to map out where the hidden costs actually concentrate across engineering organizations, independent developers, & marketplace ecosystems.
The session covers the growing asymmetry between how fast code is being generated & how slowly security practices are keeping up, what defender burnout looks like at scale, & the second-order risks that are easy to miss until something breaks. It closes with a prioritized, practical framework for reducing the cleanup cost based on patterns that are actually working in production environments.
|
|
|
|
|
|
|
|
