Skip to main content

AppSec Community

Brought to you by: l4wk and wht_camel

Ready to level up your code security skills? AppSec community is the place to sharpen your skills whether you’re just getting started, or you’ve hacked hundreds of apps.

Community Details and Information

You know how to find vulnerabilities—but can you fix them? Whether you’re a seasoned security engineer or a developer diving deeper into secure coding, the AppSec Community event gives you the hands-on experience to sharpen both offensive and defensive skills.

This community focuses on real-world, code-first security with practical exposure to some of the popular open-source tools:

🔍 Static Application Security Testing (SAST)

Learn to analyze source code for both common and custom security patterns using tools like Semgrep or Opengrep. Gain hands-on experience writing and tuning detection rules, and leverage SAST tools to implement scalable, shift-left security in the development lifecycle.

📦 Software Composition Analysis (SCA)

Scan projects for vulnerable third-party libraries, explore how dependency resolution works under the hood, and understand how to triage and prioritize findings in real-world pipelines using the open source Dependency-Check project.

🌐 Dynamic Application Security Testing (DAST)

Actively probe running applications for security flaws utilizing the open source Zed Attack Proxy (ZAP). See how dynamic analysis complements code scanning, and how to map discovered issues back to the underlying code.

What you’ll do:

  • Walk through known exploits and dissect how they work in source code
  • Identify and remediate vulnerabilities in real application code
  • Triage tool findings and learn to distinguish noise from real risk
  • Collaborate on edge-case fixes and discuss secure design trade-offs

Whether you’re hunting bugs or hardening builds, you’ll leave this community better equipped to find, fix, and prevent vulnerabilities across the stack.

Minibadge Detail

We will have a MiniBadge available at our Community.

Details are still being worked out, but to collect our MiniBadge, come visit our booth for more details on how get this cool MiniBadge.