Cover Image for Exploit, Detect, Block: A Live Workshop on Application Attack Defense

Presented by

OWASP LA is part of The Open Worldwide Application Security Project (OWASP) a nonprofit improving software security. Free and open to all. owasp.org/membership

Hosted By

Tech

Exploit, Detect, Block: A Live Workshop on Application Attack Defense

Name: Exploit, Detect, Block: A Live Workshop on Application Attack Defense
Start: 2026-06-16T17:30:00.000-07:00
End: 2026-06-16T20:30:00.000-07:00
Location: HiveWatch HQ

OWASP Los Angeles

HiveWatch HQ

El Segundo, CA

Welcome! To join the event, please register below.

You will be asked to verify token ownership with your wallet.

About Event

Topic
Exploit, Detect, Block: A Live Workshop on Application Attack Defense

Abstract
Most application attacks succeed not because defenders lacked a tool, but because the tools they have are watching the wrong layer. Code scanners catch what gets written. Network controls catch what crosses the wire. Endpoint tools catch what the OS does. The application itself, the layer where exploits actually execute, often runs without any meaningful observation at all. This workshop closes that gap in the most direct way possible: by running real attacks and watching what a runtime detection and response layer sees as the code executes.

Participants will work through a series of live exploits against vulnerable applications, like server-side template injection, unsafe deserialization, OGNL injection, and SQL injection patterns drawn from real CVEs like MOVEit. The workshop will showcase both detection and blocking scenarios, enabling observation of a full attack path as well as seeing how the lsm (Linux Security Module) can be leveraged to prevent attacks. The goal is to build practitioner-level intuition for what application-layer telemetry looks like, what attacks reveal about themselves at runtime, and where in the kill chain a runtime control can act. Attendees leave with a clearer mental model of the application attack surface and a sharper framework for evaluating any runtime defense, regardless of vendor.

Thanks to our SPONSOR Oligo

Speaker Bio

Jeff Bayntun is a Senior Solutions Engineer at Oligo Security whose career started in the glamorous world of ODBC/JDBC and somehow evolved into runtime and supply chain security. Previously at Snyk and Chainguard, he's spent years turning "we think we're secure" into something more defensible. Based in Vancouver, BC, he can usually be found on a pickleball court when he's not dissecting your application's runtime behavior. Paddle board season is also non-negotiable.

CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy

SPONSORSHIP Opportunities Available
*Vendors interested in sponsoring please send an email to [email protected]*

Location