{"id":1008,"date":"2025-07-25T22:48:56","date_gmt":"2025-07-25T22:48:56","guid":{"rendered":"https:\/\/www.saintcon.org\/?page_id=1008"},"modified":"2025-08-22T21:57:13","modified_gmt":"2025-08-22T21:57:13","slug":"com-app-sec","status":"publish","type":"page","link":"https:\/\/www.saintcon.org\/com-app-sec\/","title":{"rendered":"Community &#8211; AppSec"},"content":{"rendered":"<p><img decoding=\"async\" src=\"http:\/\/www.saintcon.org\/wp-content\/uploads\/2025\/07\/Appsec.svg\" alt=\"\"><\/p>\n<h1>AppSec Community<\/h1>\n<h1>Brought to you by: l4wke and <span>whtcamL<\/span><\/h1>\n<div>\n<p>Ready to level up your code security skills? AppSec community is the place to sharpen your skills whether you&#8217;re just getting started, or you&#8217;ve hacked hundreds of apps.<\/p>\n<\/div>\n<h2>Community Details and Information<\/h2>\n<div>\n<p>You know how to find vulnerabilities\u2014but can you fix them? Whether you\u2019re a seasoned security engineer or a developer diving deeper into secure coding, the AppSec Community event gives you the hands-on experience to sharpen both offensive and defensive skills.<\/p>\n<p>This community focuses on real-world, code-first security with practical exposure to some of the popular open-source tools:<\/p>\n<\/div>\n<ul>\n<li>\n<h3>\ud83d\udd0d Static Application Security Testing (SAST)<\/h3>\n<div>\n<p>Learn to analyze source code for both common and custom security patterns using tools like Semgrep or Opengrep. Gain hands-on experience writing and tuning detection rules, and leverage SAST tools to implement scalable, shift-left security in the development lifecycle.<\/p>\n<\/div>\n<\/li>\n<li>\n<h3>\ud83d\udce6 Software Composition Analysis (SCA)<\/h3>\n<div>\n<p>Scan projects for vulnerable third-party libraries, explore how dependency resolution works under the hood, and understand how to triage and prioritize findings in real-world pipelines using the open source Dependency-Check project.<\/p>\n<\/div>\n<\/li>\n<\/ul>\n<p><img decoding=\"async\" src=\"\/wp-content\/uploads\/2025\/02\/SC25-Logo-Image.svg\" alt=\"\"><\/p>\n<ul>\n<li>\n<h3>\ud83c\udf10 Dynamic Application Security Testing (DAST)<\/h3>\n<div>\n<p>Actively probe running applications for security flaws utilizing the open source Zed Attack Proxy (ZAP). See how dynamic analysis complements code scanning, and how to map discovered issues back to the underlying code.<\/p>\n<\/div>\n<\/li>\n<li>\n<h3>What you&#8217;ll do:<\/h3>\n<div>\n<ul>\n<li style=\"text-align: left;\">Walk through known exploits and dissect how they work in source code<\/li>\n<li style=\"text-align: left;\">Identify and remediate vulnerabilities in real application code<\/li>\n<li style=\"text-align: left;\">Triage tool findings and learn to distinguish noise from real risk<\/li>\n<li style=\"text-align: left;\">Collaborate on edge-case fixes and discuss secure design trade-offs<\/li>\n<\/ul>\n<\/div>\n<\/li>\n<\/ul>\n<div>\n<p>Whether you&#8217;re hunting bugs or hardening builds, you&#8217;ll leave this community better equipped to find, fix, and prevent vulnerabilities across the stack.<\/p>\n<\/div>\n<h2>Minibadge Detail<\/h2>\n<div>\n<p>We will have a MiniBadge available at our Community.<\/p>\n<p>Details are still being worked out, but to collect our MiniBadge, come visit our booth for more details on how get this cool MiniBadge.<\/p>\n<\/div>\n<p><img decoding=\"async\" src=\"\/wp-content\/uploads\/2025\/02\/FAVICON-25.svg\" alt=\"\"><\/p>\n<p><!--more--><br \/>\n<!-- {\"type\":\"layout\",\"children\":[{\"type\":\"section\",\"props\":{\"animation\":\"slide-bottom-medium\",\"animation_delay\":\"100\",\"header_transparent\":true,\"header_transparent_noplaceholder\":false,\"header_transparent_text_color\":\"light\",\"height\":\"viewport\",\"image\":\"wp-content\\\/uploads\\\/2025\\\/02\\\/SC25-BG-Contest.svg\",\"image_position\":\"center-center\",\"image_size\":\"cover\",\"overlap\":true,\"padding\":\"small\",\"padding_remove_bottom\":false,\"style\":\"muted\",\"title_breakpoint\":\"xl\",\"title_position\":\"top-left\",\"title_rotation\":\"left\",\"vertical_align\":\"\",\"width\":\"small\"},\"children\":[{\"type\":\"row\",\"children\":[{\"type\":\"column\",\"props\":{\"image_position\":\"center-center\",\"position_sticky_breakpoint\":\"m\"},\"children\":[{\"type\":\"image\",\"props\":{\"animation\":\"parallax\",\"block_align\":\"center\",\"image\":\"http:\\\/\\\/www.saintcon.org\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/Appsec.svg\",\"image_svg_color\":\"emphasis\",\"margin\":\"default\",\"margin_remove_top\":true,\"maxwidth\":\"xlarge\",\"parallax_scale\":\"0.6\",\"text_align\":\"center\"},\"name\":\"MAIN LOGO\"},{\"type\":\"headline\",\"props\":{\"content\":\"AppSec Community\",\"margin\":\"remove-vertical\",\"text_align\":\"center\",\"title_element\":\"h1\",\"title_style\":\"heading-small\"},\"name\":\"COMMUNITY NAME\"},{\"type\":\"headline\",\"props\":{\"content\":\"Brought to you by: l4wke and <span>whtcamL<\\\/span>\",\"margin\":\"remove-vertical\",\"text_align\":\"center\",\"title_element\":\"h1\",\"title_style\":\"heading-small\"},\"name\":\"COMMUNITY NAME\"},{\"type\":\"text\",\"props\":{\"block_align\":\"center\",\"column_breakpoint\":\"m\",\"content\":\"\n\n<p>Ready to level up your code security skills? AppSec community is the place to sharpen your skills whether you're just getting started, or you've hacked hundreds of apps.<\\\/p>\",\"margin\":\"default\",\"maxwidth\":\"xlarge\",\"text_align\":\"center\",\"text_style\":\"lead\"},\"name\":\"COMMUNITY TAGLINE\"}]}],\"props\":{\"margin\":\"large\"}}],\"name\":\"COMMUNITY HEADER\"},{\"type\":\"section\",\"props\":{\"animation\":\"fade\",\"animation_delay\":\"200\",\"id\":\"powerful-api\",\"image_position\":\"center-center\",\"padding\":\"large\",\"padding_remove_bottom\":true,\"style\":\"default\",\"title_breakpoint\":\"xl\",\"title_position\":\"top-left\",\"title_rotation\":\"left\",\"vertical_align\":\"\",\"width\":\"large\"},\"children\":[{\"type\":\"row\",\"children\":[{\"type\":\"column\",\"props\":{\"image_position\":\"center-center\",\"position_sticky_breakpoint\":\"m\"},\"children\":[{\"type\":\"headline\",\"props\":{\"animation\":\"none\",\"content\":\"Community Details and Information\",\"text_align\":\"center\",\"title_element\":\"h2\",\"title_style\":\"h1\"},\"name\":\"DETAILS AND INFORMATION\"},{\"type\":\"text\",\"props\":{\"animation\":\"none\",\"block_align\":\"center\",\"column_breakpoint\":\"m\",\"content\":\"\n\n<p>You know how to find vulnerabilities\\u2014but can you fix them? Whether you\\u2019re a seasoned security engineer or a developer diving deeper into secure coding, the AppSec Community event gives you the hands-on experience to sharpen both offensive and defensive skills.<\\\/p>\\n\n\n<p>This community focuses on real-world, code-first security with practical exposure to some of the popular open-source tools:<\\\/p>\",\"margin\":\"default\",\"maxwidth\":\"xlarge\",\"text_align\":\"center\",\"text_style\":\"lead\"},\"name\":\"Details and Information\"}]}],\"props\":{\"margin\":\"large\",\"margin_remove_bottom\":false}},{\"type\":\"row\",\"props\":{\"column_gap\":\"small\",\"layout\":\"1-3,1-3,1-3\",\"margin\":\"xlarge\",\"margin_remove_top\":true,\"row_gap\":\"large\"},\"children\":[{\"type\":\"column\",\"props\":{\"image_position\":\"center-center\",\"order_first\":\"m\",\"position_sticky_breakpoint\":\"m\",\"vertical_align\":\"middle\",\"width_large\":\"expand\",\"width_medium\":\"1-3\",\"width_small\":\"1-2\"},\"children\":[{\"type\":\"grid\",\"props\":{\"animation\":\"none\",\"block_align\":\"center\",\"content_column_breakpoint\":\"m\",\"filter_align\":\"left\",\"filter_all\":true,\"filter_grid_breakpoint\":\"m\",\"filter_grid_width\":\"auto\",\"filter_position\":\"top\",\"filter_style\":\"tab\",\"grid_default\":\"1\",\"grid_medium\":\"\",\"grid_row_gap\":\"large\",\"icon_width\":80,\"image_align\":\"top\",\"image_grid_breakpoint\":\"m\",\"image_grid_width\":\"1-2\",\"image_svg_color\":\"emphasis\",\"item_animation\":true,\"lightbox_bg_close\":true,\"link_style\":\"default\",\"link_text\":\"Read more\",\"margin\":\"default\",\"maxwidth\":\"medium\",\"meta_align\":\"below-title\",\"meta_element\":\"div\",\"meta_style\":\"text-meta\",\"parallax_easing\":\"1\",\"show_content\":true,\"show_hover_image\":true,\"show_hover_video\":true,\"show_image\":true,\"show_link\":true,\"show_meta\":true,\"show_title\":true,\"show_video\":true,\"text_align\":\"center\",\"title_align\":\"top\",\"title_element\":\"h3\",\"title_grid_breakpoint\":\"m\",\"title_grid_width\":\"1-2\",\"title_hover_style\":\"reset\",\"title_style\":\"h4\"},\"children\":[{\"type\":\"grid_item\",\"props\":{\"content\":\"\n\n<p>Learn to analyze source code for both common and custom security patterns using tools like Semgrep or Opengrep. Gain hands-on experience writing and tuning detection rules, and leverage SAST tools to implement scalable, shift-left security in the development lifecycle.<\\\/p>\",\"title\":\"\\ud83d\\udd0d Static Application Security Testing (SAST)\"}},{\"type\":\"grid_item\",\"props\":{\"content\":\"\n\n<p>Scan projects for vulnerable third-party libraries, explore how dependency resolution works under the hood, and understand how to triage and prioritize findings in real-world pipelines using the open source Dependency-Check project.<\\\/p>\",\"title\":\"\\ud83d\\udce6 Software Composition Analysis (SCA)\"}}]}]},{\"type\":\"column\",\"props\":{\"image_position\":\"center-center\",\"order_first\":\"xs\",\"position_sticky_breakpoint\":\"m\",\"width_large\":\"auto\",\"width_medium\":\"1-3\"},\"children\":[{\"type\":\"image\",\"props\":{\"image\":\"wp-content\\\/uploads\\\/2025\\\/02\\\/SC25-Logo-Image.svg\",\"image_border\":\"rounded\",\"image_svg_animate\":false,\"image_svg_color\":\"emphasis\",\"image_svg_inline\":false,\"image_width\":\"370\",\"margin\":\"default\",\"text_align\":\"center\"},\"name\":\"ALT LOGO\"}]},{\"type\":\"column\",\"props\":{\"image_position\":\"center-center\",\"position_sticky_breakpoint\":\"m\",\"vertical_align\":\"middle\",\"width_large\":\"expand\",\"width_medium\":\"1-3\",\"width_small\":\"1-2\"},\"children\":[{\"type\":\"grid\",\"props\":{\"animation\":\"none\",\"block_align\":\"center\",\"content_column_breakpoint\":\"m\",\"filter_align\":\"left\",\"filter_all\":true,\"filter_grid_breakpoint\":\"m\",\"filter_grid_width\":\"auto\",\"filter_position\":\"top\",\"filter_style\":\"tab\",\"grid_default\":\"1\",\"grid_medium\":\"\",\"grid_row_gap\":\"large\",\"icon_width\":80,\"image_align\":\"top\",\"image_grid_breakpoint\":\"m\",\"image_grid_width\":\"1-2\",\"image_svg_color\":\"emphasis\",\"item_animation\":true,\"lightbox_bg_close\":true,\"link_style\":\"default\",\"link_text\":\"Read more\",\"margin\":\"default\",\"maxwidth\":\"medium\",\"meta_align\":\"below-title\",\"meta_element\":\"div\",\"meta_style\":\"text-meta\",\"parallax_easing\":\"1\",\"show_content\":true,\"show_hover_image\":true,\"show_hover_video\":true,\"show_image\":true,\"show_link\":true,\"show_meta\":true,\"show_title\":true,\"show_video\":true,\"text_align\":\"center\",\"title_align\":\"top\",\"title_element\":\"h3\",\"title_grid_breakpoint\":\"m\",\"title_grid_width\":\"1-2\",\"title_hover_style\":\"reset\",\"title_style\":\"h4\"},\"children\":[{\"type\":\"grid_item\",\"props\":{\"content\":\"\n\n<p>Actively probe running applications for security flaws utilizing the open source Zed Attack Proxy (ZAP). See how dynamic analysis complements code scanning, and how to map discovered issues back to the underlying code.<\\\/p>\",\"title\":\"\\ud83c\\udf10 Dynamic Application Security Testing (DAST)\"}},{\"type\":\"grid_item\",\"props\":{\"content\":\"\n\n<ul>\\n\n\n<li style=\\\"text-align: left;\\\">Walk through known exploits and dissect how they work in source code<\\\/li>\\n\n\n<li style=\\\"text-align: left;\\\">Identify and remediate vulnerabilities in real application code<\\\/li>\\n\n\n<li style=\\\"text-align: left;\\\">Triage tool findings and learn to distinguish noise from real risk<\\\/li>\\n\n\n<li style=\\\"text-align: left;\\\">Collaborate on edge-case fixes and discuss secure design trade-offs<\\\/li>\\n<\\\/ul>\",\"meta\":\"\",\"title\":\"What you'll do:\"}}]}]}]}],\"name\":\"COMMUNITY DETAILS\"},{\"type\":\"section\",\"props\":{\"image_position\":\"center-center\",\"style\":\"default\",\"title_breakpoint\":\"xl\",\"title_position\":\"top-left\",\"title_rotation\":\"left\",\"vertical_align\":\"middle\",\"width\":\"default\"},\"children\":[{\"type\":\"row\",\"children\":[{\"type\":\"column\",\"props\":{\"image_position\":\"center-center\",\"position_sticky_breakpoint\":\"m\"},\"children\":[{\"type\":\"text\",\"props\":{\"animation\":\"none\",\"block_align\":\"center\",\"column_breakpoint\":\"m\",\"content\":\"\n\n<p>Whether you're hunting bugs or hardening builds, you'll leave this community better equipped to find, fix, and prevent vulnerabilities across the stack.<\\\/p>\",\"margin\":\"default\",\"maxwidth\":\"xlarge\",\"text_align\":\"center\",\"text_style\":\"lead\"},\"name\":\"Details and Information\"}]}]}]},{\"type\":\"section\",\"props\":{\"animation\":\"fade\",\"animation_delay\":\"200\",\"id\":\"efficient-workflow\",\"image_position\":\"center-center\",\"padding\":\"large\",\"padding_remove_bottom\":true,\"style\":\"default\",\"title_breakpoint\":\"xl\",\"title_position\":\"top-left\",\"title_rotation\":\"left\",\"vertical_align\":\"\",\"width\":\"default\"},\"children\":[{\"type\":\"row\",\"children\":[{\"type\":\"column\",\"props\":{\"image_position\":\"center-center\",\"position_sticky_breakpoint\":\"m\",\"vertical_align\":\"middle\",\"width_medium\":\"1-3\"},\"children\":[{\"type\":\"headline\",\"props\":{\"animation\":\"none\",\"block_align_breakpoint\":\"m\",\"block_align_fallback\":\"center\",\"content\":\"Minibadge Detail\",\"maxwidth\":\"large\",\"text_align\":\"left\",\"text_align_breakpoint\":\"m\",\"text_align_fallback\":\"center\",\"title_element\":\"h2\",\"title_style\":\"h1\"}},{\"type\":\"text\",\"props\":{\"animation\":\"none\",\"block_align_breakpoint\":\"m\",\"block_align_fallback\":\"center\",\"column_breakpoint\":\"m\",\"content\":\"\n\n<p>We will have a MiniBadge available at our Community.<\\\/p>\\n\n\n<p>Details are still being worked out, but to collect our MiniBadge, come visit our booth for more details on how get this cool MiniBadge.<\\\/p>\",\"margin\":\"default\",\"maxwidth\":\"large\",\"text_align\":\"left\",\"text_align_breakpoint\":\"m\",\"text_align_fallback\":\"center\",\"text_style\":\"lead\"}}]},{\"type\":\"column\",\"props\":{\"image_position\":\"center-center\",\"position_sticky_breakpoint\":\"m\",\"width_medium\":\"2-3\"},\"children\":[{\"type\":\"image\",\"props\":{\"image\":\"wp-content\\\/uploads\\\/2025\\\/02\\\/FAVICON-25.svg\",\"image_svg_animate\":false,\"image_svg_color\":\"emphasis\",\"image_svg_inline\":false,\"image_width\":512,\"margin\":\"default\",\"position\":\"relative\",\"text_align\":\"center\"},\"name\":\"Feature Logo or Image\"}]}],\"props\":{\"layout\":\"1-3,2-3\",\"margin\":\"medium\"}}],\"name\":\"MAJOR FEATURE SPOTLIGHT\"}],\"version\":\"4.5.24\"} --><\/p>\n","protected":false},"excerpt":{"rendered":"<p>AppSec Community Brought to you by: l4wke and whtcamL Ready to level up your code security skills? AppSec community is the place to sharpen your skills whether you&#8217;re just getting started, or you&#8217;ve hacked hundreds of apps. Community Details and Information You know how to find vulnerabilities\u2014but can you fix them? Whether you\u2019re a seasoned [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-1008","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.saintcon.org\/wp-json\/wp\/v2\/pages\/1008","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.saintcon.org\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.saintcon.org\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.saintcon.org\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.saintcon.org\/wp-json\/wp\/v2\/comments?post=1008"}],"version-history":[{"count":15,"href":"https:\/\/www.saintcon.org\/wp-json\/wp\/v2\/pages\/1008\/revisions"}],"predecessor-version":[{"id":1167,"href":"https:\/\/www.saintcon.org\/wp-json\/wp\/v2\/pages\/1008\/revisions\/1167"}],"wp:attachment":[{"href":"https:\/\/www.saintcon.org\/wp-json\/wp\/v2\/media?parent=1008"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}