Black Hat OWASP® Foundation In the first post I explain a little more about the rationale behind the series and the sorts of topics I will be covering. Feel free to reach out to me if you have questions on specific topics or other ideas 😀 bouncesecurity.com/blog/2025/01/2… 🧵3/x

Black Hat OWASP® Foundation In the second post, I talk about my motivation behind getting to this stage. This wasn't an any easy process and it took a lot of work to get to the required level. If this is something you are considering doing, you need to be ready to commit. bouncesecurity.com/blog/2025/02/2… 🧵4/x

#BHUSA Trainings "Accurate and Scalable: Web Application Bug Hunting" teaches you how to use customizable scanning tools in order to discover those sneaky vulnerabilities, at scale. 🔎 Learn more: bit.ly/4clqxl8

Black Hat You can sign up today! Session 1 (2-3 August): blackhat.com/us-25/training… Session 2 (4-5 August): blackhat.com/us-25/training…

Black Hat More info here: bouncesecurity.com/training/bughu…

IMHO, ProjectDiscovery's killer feature is the ability to easily write dynamic tests via all sorts of protocols. Generic scanners will catch the low hanging fruit but only custom tests will catch the things that are most interesting/relevant to your environment.

@Semgrep provides something similar for static testing which I've used to great effect at our clients! At Bounce Security, we like this approach so much we designed a whole training course around building accurate and scalable custom tests.

Semgrep Bounce Security You can check out details of our course at Black Hat #BHUSA here: blackhat.com/us-25/training…

You can still sign-up for my confirmed training course "Accelerated AppSec" exclusively at Black Hat #BHUSA August 4-5. With the oncoming wave of AI coding, #appsec is going to get left behind if it doesn't accelerate! Register today: blackhat.com/us-25/training…

You still have time to sign up for my training course, "Accelerated AppSec - Hacking your Product Security Programme for Velocity and Value", in person at Black Hat #BHUSA 2025 in Las Vegas, 4-5 August. Don't delay!

You still have time to sign up for our Black Hat 2025 training course, "Breaking Bad Privacy – Practical Skills for the Security Team", with Kim Wuyts on 4-5 August - **ONLINE** from anywhere in the world with internet! blackhat.com/us-25/training…

In this expanded edition with Kim Wuyts, exclusive to Blackhat #BHUSA 2025, expect high impact sessions, real-world examples, and collaborative exercises designed to give you actionable takeaways to apply immediately - whether you’re in AppSec, software architecture, or privacy.

Because if you care about protecting your users, you should care about building a privacy-respecting system. No legalese. No checklists. Just the skills you need to build systems that handle personal data with care - even in a world where #AI doesn’t wait.

You don't want to miss this valuable opportunity, sign up now! blackhat.com/us-25/training…

Join Kim Wyuts and Avi Douglen on November 5 at OWASP Global AppSec USA 2025 for a powerful 1-day, hands-on training that goes beyond policies and into real privacy engineering. Register now! owasp.glueup.com/event/131624/r… You'll learn how to: 🔍 Map and analyze data flows ⚙️ Spot and

Look what we will be doing this fall: A fast track one-day training to get you started with (technical) privacy in this AI-heavy world. It will be interesting, it will be actionable, it will be fun. See you there? Cc Avi Douglen

OWASP® Foundation This is going to be interesting, actionable, and fun! Hope to see many of you there.