Uncle Joe
@sydseter.com
Co-leader OWASP Cornucopia. If you like what we do for open source, visit our code repository https://github.com/OWASP/cornucopia and give us a star ⭐
🌈 «Difference is of the essence of humanity» 🦄 – John Hume
#appsec #owasp #cornucopia #threatmodeling
🌈 «Difference is of the essence of humanity» 🦄 – John Hume
#appsec #owasp #cornucopia #threatmodeling
Pinned
Uncle Joe
@sydseter.com
· Nov 25
If you want others to do threat modeling for you, then please, for the love of god, at least, make it a bit fun!
copi.owasp.org
cornucopia.owasp.org
#owasp #cornucopia #appsec #threatmodeling #threat-modeling
copi.owasp.org
cornucopia.owasp.org
#owasp #cornucopia #appsec #threatmodeling #threat-modeling
Reposted by Uncle Joe
The next OWASP London Chapter in-person meetup will take place on February 26th, 2026 kindly hosted by @civo.com Tech Junction and kindly sponsored by @curity.io
Additional raffle prize is kindly sponsored by @fortbridge.bsky.social
Register to attend here:
👇
www.eventbrite.co.uk/e/owasp-lond...
Additional raffle prize is kindly sponsored by @fortbridge.bsky.social
Register to attend here:
👇
www.eventbrite.co.uk/e/owasp-lond...
OWASP London Chapter Meetup
Join us to learn from expert speakers, network with like-minded professionals and stay ahead in the ever-evolving world of Cyber Security
www.eventbrite.co.uk
February 11, 2026 at 9:13 PM
The next OWASP London Chapter in-person meetup will take place on February 26th, 2026 kindly hosted by @civo.com Tech Junction and kindly sponsored by @curity.io
Additional raffle prize is kindly sponsored by @fortbridge.bsky.social
Register to attend here:
👇
www.eventbrite.co.uk/e/owasp-lond...
Additional raffle prize is kindly sponsored by @fortbridge.bsky.social
Register to attend here:
👇
www.eventbrite.co.uk/e/owasp-lond...
Reposted by Uncle Joe
New, by @lorenzofb.bsky.social: Google sent personal and financial data about a student and journalist, who attended a pro-Palestine protest in 2024, to ICE agents in response to an "administrative subpoena," which had not been approved by a judge.
Google sent personal and financial information of student journalist to ICE | TechCrunch
The tech giant handed over the personal information of a journalist and student who attended a pro-Palestinian protest in 2024. This is the latest example of ICE using its controversial subpoena power...
techcrunch.com
February 10, 2026 at 8:48 PM
New, by @lorenzofb.bsky.social: Google sent personal and financial data about a student and journalist, who attended a pro-Palestine protest in 2024, to ICE agents in response to an "administrative subpoena," which had not been approved by a judge.
Reposted by Uncle Joe
I’ve been working toward this for years, and it finally happened.
Canada now has a parliamentary petition to require secure coding in federal software. If you care about cybersecurity, public safety, and better government tech, please sign:
👉 https://twp.ai/9PZrYb
1/2
Canada now has a parliamentary petition to require secure coding in federal software. If you care about cybersecurity, public safety, and better government tech, please sign:
👉 https://twp.ai/9PZrYb
1/2
February 11, 2026 at 3:41 AM
I’ve been working toward this for years, and it finally happened.
Canada now has a parliamentary petition to require secure coding in federal software. If you care about cybersecurity, public safety, and better government tech, please sign:
👉 https://twp.ai/9PZrYb
1/2
Canada now has a parliamentary petition to require secure coding in federal software. If you care about cybersecurity, public safety, and better government tech, please sign:
👉 https://twp.ai/9PZrYb
1/2
Reposted by Uncle Joe
Global AppSec Vienna sponsorships are going fast 🚀
Put your brand in front of 700+ security pros, celebrate OWASP’s 25th anniversary 🎂, and be part of an AppSec event packed with fresh ideas, all in Vienna 🇦🇹
Don’t miss out 👇
owasp.glueup.com/eve...
#AppSec #CyberSecurity #OWASP #Vienna
Put your brand in front of 700+ security pros, celebrate OWASP’s 25th anniversary 🎂, and be part of an AppSec event packed with fresh ideas, all in Vienna 🇦🇹
Don’t miss out 👇
owasp.glueup.com/eve...
#AppSec #CyberSecurity #OWASP #Vienna
February 11, 2026 at 12:04 PM
Global AppSec Vienna sponsorships are going fast 🚀
Put your brand in front of 700+ security pros, celebrate OWASP’s 25th anniversary 🎂, and be part of an AppSec event packed with fresh ideas, all in Vienna 🇦🇹
Don’t miss out 👇
owasp.glueup.com/eve...
#AppSec #CyberSecurity #OWASP #Vienna
Put your brand in front of 700+ security pros, celebrate OWASP’s 25th anniversary 🎂, and be part of an AppSec event packed with fresh ideas, all in Vienna 🇦🇹
Don’t miss out 👇
owasp.glueup.com/eve...
#AppSec #CyberSecurity #OWASP #Vienna
Reposted by Uncle Joe
@zaproxy.org Released add-ons today:
GraphQL ➡️ Fixes the optional integration with the Tech Detection add-on which had been failing.
OpenAPI ➡️ Re-enables Swagger Secret Detector Script Scan Rule, the JS Engine memory leak has been addressed.
#AppSec #DevSecOps #WebAppSec #BugBountyTips
GraphQL ➡️ Fixes the optional integration with the Tech Detection add-on which had been failing.
OpenAPI ➡️ Re-enables Swagger Secret Detector Script Scan Rule, the JS Engine memory leak has been addressed.
#AppSec #DevSecOps #WebAppSec #BugBountyTips
February 11, 2026 at 1:51 PM
@zaproxy.org Released add-ons today:
GraphQL ➡️ Fixes the optional integration with the Tech Detection add-on which had been failing.
OpenAPI ➡️ Re-enables Swagger Secret Detector Script Scan Rule, the JS Engine memory leak has been addressed.
#AppSec #DevSecOps #WebAppSec #BugBountyTips
GraphQL ➡️ Fixes the optional integration with the Tech Detection add-on which had been failing.
OpenAPI ➡️ Re-enables Swagger Secret Detector Script Scan Rule, the JS Engine memory leak has been addressed.
#AppSec #DevSecOps #WebAppSec #BugBountyTips
Reposted by Uncle Joe
OWASP Cornucopia just release v2.6.0
github.com/OWASP/cornuc...
The new release comes with support for continuing the game session even if players can not continue the game when playing on copi.owasp.org
#owasp #appsec #security #cornucopia
github.com/OWASP/cornuc...
The new release comes with support for continuing the game session even if players can not continue the game when playing on copi.owasp.org
#owasp #appsec #security #cornucopia
Release Release v2.6.0 · OWASP/cornucopia
What's Changed
Bump svelte from 5.49.2 to 5.50.0 in /cornucopia.owasp.org by @dependabot[bot] in #2188
Bump postgrex from 0.21.1 to 0.22.0 in /copi.owasp.org by @dependabot[bot] in #2186
Bump wait...
github.com
February 10, 2026 at 8:39 PM
OWASP Cornucopia just release v2.6.0
github.com/OWASP/cornuc...
The new release comes with support for continuing the game session even if players can not continue the game when playing on copi.owasp.org
#owasp #appsec #security #cornucopia
github.com/OWASP/cornuc...
The new release comes with support for continuing the game session even if players can not continue the game when playing on copi.owasp.org
#owasp #appsec #security #cornucopia
Reposted by Uncle Joe
Every signature matters. 🙏
2/2
2/2
February 11, 2026 at 3:41 AM
Every signature matters. 🙏
2/2
2/2
OWASP Cornucopia just release v2.6.0
github.com/OWASP/cornuc...
The new release comes with support for continuing the game session even if players can not continue the game when playing on copi.owasp.org
#owasp #appsec #security #cornucopia
github.com/OWASP/cornuc...
The new release comes with support for continuing the game session even if players can not continue the game when playing on copi.owasp.org
#owasp #appsec #security #cornucopia
Release Release v2.6.0 · OWASP/cornucopia
What's Changed
Bump svelte from 5.49.2 to 5.50.0 in /cornucopia.owasp.org by @dependabot[bot] in #2188
Bump postgrex from 0.21.1 to 0.22.0 in /copi.owasp.org by @dependabot[bot] in #2186
Bump wait...
github.com
February 10, 2026 at 8:39 PM
OWASP Cornucopia just release v2.6.0
github.com/OWASP/cornuc...
The new release comes with support for continuing the game session even if players can not continue the game when playing on copi.owasp.org
#owasp #appsec #security #cornucopia
github.com/OWASP/cornuc...
The new release comes with support for continuing the game session even if players can not continue the game when playing on copi.owasp.org
#owasp #appsec #security #cornucopia
Reposted by Uncle Joe
OWASP Cornucopia just released v2.5.23
github.com/OWASP/cornuc...
A Special thanks to prasunsrivastav123-lang, Abhijit Sahoo, Mradul Tiwari, Muhammad Awais Mohsin and Sachin Vishwakarma
cornucopia.owasp.org/about#Acknow...
#owasp #appsec #security #cybersec
github.com/OWASP/cornuc...
A Special thanks to prasunsrivastav123-lang, Abhijit Sahoo, Mradul Tiwari, Muhammad Awais Mohsin and Sachin Vishwakarma
cornucopia.owasp.org/about#Acknow...
#owasp #appsec #security #cybersec
Release Release v2.5.23 · OWASP/cornucopia
What's Changed
Bump github/codeql-action from 4.32.1 to 4.32.2 by @dependabot[bot] in #2158
feat: implement local smoke tests for cornucopia website by @abhijit9040 in #2162
Bump dotenv from 17.2....
github.com
February 8, 2026 at 3:19 PM
OWASP Cornucopia just released v2.5.23
github.com/OWASP/cornuc...
A Special thanks to prasunsrivastav123-lang, Abhijit Sahoo, Mradul Tiwari, Muhammad Awais Mohsin and Sachin Vishwakarma
cornucopia.owasp.org/about#Acknow...
#owasp #appsec #security #cybersec
github.com/OWASP/cornuc...
A Special thanks to prasunsrivastav123-lang, Abhijit Sahoo, Mradul Tiwari, Muhammad Awais Mohsin and Sachin Vishwakarma
cornucopia.owasp.org/about#Acknow...
#owasp #appsec #security #cybersec
OWASP Cornucopia just released v2.5.23
github.com/OWASP/cornuc...
A Special thanks to prasunsrivastav123-lang, Abhijit Sahoo, Mradul Tiwari, Muhammad Awais Mohsin and Sachin Vishwakarma
cornucopia.owasp.org/about#Acknow...
#owasp #appsec #security #cybersec
github.com/OWASP/cornuc...
A Special thanks to prasunsrivastav123-lang, Abhijit Sahoo, Mradul Tiwari, Muhammad Awais Mohsin and Sachin Vishwakarma
cornucopia.owasp.org/about#Acknow...
#owasp #appsec #security #cybersec
Release Release v2.5.23 · OWASP/cornucopia
What's Changed
Bump github/codeql-action from 4.32.1 to 4.32.2 by @dependabot[bot] in #2158
feat: implement local smoke tests for cornucopia website by @abhijit9040 in #2162
Bump dotenv from 17.2....
github.com
February 8, 2026 at 3:19 PM
OWASP Cornucopia just released v2.5.23
github.com/OWASP/cornuc...
A Special thanks to prasunsrivastav123-lang, Abhijit Sahoo, Mradul Tiwari, Muhammad Awais Mohsin and Sachin Vishwakarma
cornucopia.owasp.org/about#Acknow...
#owasp #appsec #security #cybersec
github.com/OWASP/cornuc...
A Special thanks to prasunsrivastav123-lang, Abhijit Sahoo, Mradul Tiwari, Muhammad Awais Mohsin and Sachin Vishwakarma
cornucopia.owasp.org/about#Acknow...
#owasp #appsec #security #cybersec
I am looking forward to be presenting at NDC Security the 4. of March. Come if you are interested in how to use games for scaling your application security program.
February 5, 2026 at 4:14 PM
I am looking forward to be presenting at NDC Security the 4. of March. Come if you are interested in how to use games for scaling your application security program.
Reposted by Uncle Joe
How can you not love this!
1. Pick a card
2. Ask yourself:
- What can go wrong?
- What can we do about it?
3. Create a joke and use it as an example (NB: Good jokes are always taken from the real world).
4. Write it down.
5. Get recognition for it! cornucopia.owasp.org/about#Acknow...
1. Pick a card
2. Ask yourself:
- What can go wrong?
- What can we do about it?
3. Create a joke and use it as an example (NB: Good jokes are always taken from the real world).
4. Write it down.
5. Get recognition for it! cornucopia.owasp.org/about#Acknow...
February 3, 2026 at 12:56 PM
How can you not love this!
1. Pick a card
2. Ask yourself:
- What can go wrong?
- What can we do about it?
3. Create a joke and use it as an example (NB: Good jokes are always taken from the real world).
4. Write it down.
5. Get recognition for it! cornucopia.owasp.org/about#Acknow...
1. Pick a card
2. Ask yourself:
- What can go wrong?
- What can we do about it?
3. Create a joke and use it as an example (NB: Good jokes are always taken from the real world).
4. Write it down.
5. Get recognition for it! cornucopia.owasp.org/about#Acknow...
How can you not love this!
1. Pick a card
2. Ask yourself:
- What can go wrong?
- What can we do about it?
3. Create a joke and use it as an example (NB: Good jokes are always taken from the real world).
4. Write it down.
5. Get recognition for it! cornucopia.owasp.org/about#Acknow...
1. Pick a card
2. Ask yourself:
- What can go wrong?
- What can we do about it?
3. Create a joke and use it as an example (NB: Good jokes are always taken from the real world).
4. Write it down.
5. Get recognition for it! cornucopia.owasp.org/about#Acknow...
February 3, 2026 at 12:56 PM
How can you not love this!
1. Pick a card
2. Ask yourself:
- What can go wrong?
- What can we do about it?
3. Create a joke and use it as an example (NB: Good jokes are always taken from the real world).
4. Write it down.
5. Get recognition for it! cornucopia.owasp.org/about#Acknow...
1. Pick a card
2. Ask yourself:
- What can go wrong?
- What can we do about it?
3. Create a joke and use it as an example (NB: Good jokes are always taken from the real world).
4. Write it down.
5. Get recognition for it! cornucopia.owasp.org/about#Acknow...
Reposted by Uncle Joe
This is an excellent opportunity for cybersecurity students building their resume! If you know anyone or are one yourself, get in touch!
#owasp #appsec #security #cybersecurity
#owasp #appsec #security #cybersecurity
Fill out descriptions for the OWASP Cornucopia mobile app edition cards on the website based on the MASVS, MASTG and physical card descriptions.
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
OWASP Cornucopia - Mobile App Edition - Authentication & Authorization (AA4)
Vandana can bypass biometric authentication because the authentication is misconfigured or not implemented correctly
cornucopia.owasp.org
February 2, 2026 at 8:58 PM
This is an excellent opportunity for cybersecurity students building their resume! If you know anyone or are one yourself, get in touch!
#owasp #appsec #security #cybersecurity
#owasp #appsec #security #cybersecurity
This is an excellent opportunity for cybersecurity students building their resume! If you know anyone or are one yourself, get in touch!
#owasp #appsec #security #cybersecurity
#owasp #appsec #security #cybersecurity
Fill out descriptions for the OWASP Cornucopia mobile app edition cards on the website based on the MASVS, MASTG and physical card descriptions.
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
OWASP Cornucopia - Mobile App Edition - Authentication & Authorization (AA4)
Vandana can bypass biometric authentication because the authentication is misconfigured or not implemented correctly
cornucopia.owasp.org
February 2, 2026 at 8:58 PM
This is an excellent opportunity for cybersecurity students building their resume! If you know anyone or are one yourself, get in touch!
#owasp #appsec #security #cybersecurity
#owasp #appsec #security #cybersecurity
This is an excellent opportunity for cybersecurity students building their resume! If you know anyone or are one yourself, get in touch!
Fill out descriptions for the OWASP Cornucopia mobile app edition cards on the website based on the MASVS, MASTG and physical card descriptions.
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
OWASP Cornucopia - Mobile App Edition - Authentication & Authorization (AA4)
Vandana can bypass biometric authentication because the authentication is misconfigured or not implemented correctly
cornucopia.owasp.org
February 2, 2026 at 7:32 PM
This is an excellent opportunity for cybersecurity students building their resume! If you know anyone or are one yourself, get in touch!
Reposted by Uncle Joe
Fill out descriptions for the OWASP Cornucopia mobile app edition cards on the website based on the MASVS, MASTG and physical card descriptions.
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
OWASP Cornucopia - Mobile App Edition - Authentication & Authorization (AA4)
Vandana can bypass biometric authentication because the authentication is misconfigured or not implemented correctly
cornucopia.owasp.org
January 31, 2026 at 1:07 PM
Fill out descriptions for the OWASP Cornucopia mobile app edition cards on the website based on the MASVS, MASTG and physical card descriptions.
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
If you just finished university and want to contribute to open source to build a resume. Read a book about TDD and clean code first. Even if 90% of our code is AI generated you still need to be able to recognize what is good code and what is bad code, otherwise, you are not going to get anywhere.
February 2, 2026 at 6:56 AM
If you just finished university and want to contribute to open source to build a resume. Read a book about TDD and clean code first. Even if 90% of our code is AI generated you still need to be able to recognize what is good code and what is bad code, otherwise, you are not going to get anywhere.
My IT-support job, working at home, is going well.
Too bad it’s unpaid.
Too bad it’s unpaid.
February 2, 2026 at 5:38 AM
My IT-support job, working at home, is going well.
Too bad it’s unpaid.
Too bad it’s unpaid.
If you just finished university and want to contribute to open source to build a resume. Read a book about TDD and clean code first. Even if 90% of our code is AI generated you still need to be able to recognize what is good code and what is bad could, otherwise, you are not going to get anywhere.
February 1, 2026 at 2:25 PM
If you just finished university and want to contribute to open source to build a resume. Read a book about TDD and clean code first. Even if 90% of our code is AI generated you still need to be able to recognize what is good code and what is bad could, otherwise, you are not going to get anywhere.
Fill out descriptions for the OWASP Cornucopia mobile app edition cards on the website based on the MASVS, MASTG and physical card descriptions.
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
OWASP Cornucopia - Mobile App Edition - Authentication & Authorization (AA4)
Vandana can bypass biometric authentication because the authentication is misconfigured or not implemented correctly
cornucopia.owasp.org
January 31, 2026 at 1:07 PM
Fill out descriptions for the OWASP Cornucopia mobile app edition cards on the website based on the MASVS, MASTG and physical card descriptions.
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
The mobile app edition lacks descriptions for each of the cards in the edition on the website. e.g: cornucopia.owasp.org/card/mobilea...
My on-the-side IT-support job, from home is going well. Too bad it’s unpaid.
January 31, 2026 at 11:39 AM
My on-the-side IT-support job, from home is going well. Too bad it’s unpaid.
I am really looking forward to come back to Lisbon and speak at "Hackers Behind the Code".
r19-hbc.eventbrite.pt
#appsec #security #threatmodeling #owasp
r19-hbc.eventbrite.pt
#appsec #security #threatmodeling #owasp
January 30, 2026 at 10:15 AM
I am really looking forward to come back to Lisbon and speak at "Hackers Behind the Code".
r19-hbc.eventbrite.pt
#appsec #security #threatmodeling #owasp
r19-hbc.eventbrite.pt
#appsec #security #threatmodeling #owasp
Reposted by Uncle Joe
OWASP 25th Anniversary Virtual Conference
I am very happy to share that I will be speaking at this year's OWASP 25th Anniversary Virtual Conference on the 24. of February. owasp25thanniversaryvirtual.sched.com/event/2DjqY/...
Please join, it's free! owasp.glueup.com/event/owasp-...
I am very happy to share that I will be speaking at this year's OWASP 25th Anniversary Virtual Conference on the 24. of February. owasp25thanniversaryvirtual.sched.com/event/2DjqY/...
Please join, it's free! owasp.glueup.com/event/owasp-...
OWASP 25th Anniversary Virtual Conference | The OWASP Foundation Inc.
Join us as we celebrate OWASP’s 25th Anniversary with a free virtual conference dedicated to the global community that makes our mission possible. This milestone event features a dynamic lineup of ins...
owasp.glueup.com
January 29, 2026 at 12:47 PM
OWASP 25th Anniversary Virtual Conference
I am very happy to share that I will be speaking at this year's OWASP 25th Anniversary Virtual Conference on the 24. of February. owasp25thanniversaryvirtual.sched.com/event/2DjqY/...
Please join, it's free! owasp.glueup.com/event/owasp-...
I am very happy to share that I will be speaking at this year's OWASP 25th Anniversary Virtual Conference on the 24. of February. owasp25thanniversaryvirtual.sched.com/event/2DjqY/...
Please join, it's free! owasp.glueup.com/event/owasp-...
OWASP 25th Anniversary Virtual Conference
I am very happy to share that I will be speaking at this year's OWASP 25th Anniversary Virtual Conference on the 24. of February. owasp25thanniversaryvirtual.sched.com/event/2DjqY/...
Please join, it's free! owasp.glueup.com/event/owasp-...
I am very happy to share that I will be speaking at this year's OWASP 25th Anniversary Virtual Conference on the 24. of February. owasp25thanniversaryvirtual.sched.com/event/2DjqY/...
Please join, it's free! owasp.glueup.com/event/owasp-...
OWASP 25th Anniversary Virtual Conference | The OWASP Foundation Inc.
Join us as we celebrate OWASP’s 25th Anniversary with a free virtual conference dedicated to the global community that makes our mission possible. This milestone event features a dynamic lineup of ins...
owasp.glueup.com
January 29, 2026 at 12:47 PM
OWASP 25th Anniversary Virtual Conference
I am very happy to share that I will be speaking at this year's OWASP 25th Anniversary Virtual Conference on the 24. of February. owasp25thanniversaryvirtual.sched.com/event/2DjqY/...
Please join, it's free! owasp.glueup.com/event/owasp-...
I am very happy to share that I will be speaking at this year's OWASP 25th Anniversary Virtual Conference on the 24. of February. owasp25thanniversaryvirtual.sched.com/event/2DjqY/...
Please join, it's free! owasp.glueup.com/event/owasp-...