Thank you for joining us at our 20th Anniversary Event! All sessions were recorded and will be posted in the coming weeks on the OWASP YouTube channel.

We have been working hard to secure the world through challenges and discovery. And now, it’s time to celebrate! Many of you have played a crucial role in the Foundation’s enduring history, and we encourage you to participate in the celebration coming this September! Our theme, Securing the Next 20 Years, is encouraging and exciting as we look ahead to the next 20 years!

Join us for FREE at this live 24-hour global event as we honor the past, celebrate the present, and embrace the future of OWASP and cybersecurity. Hear from world-renowned keynotes and special speakers, and network with your peers. It is FREE to attend, however, registration IS required, to gain access to the session links.

Back To Schedule
Friday, September 24 • 10:00pm - 10:30pm
Purple Teaming with OWASP PurpleTeam

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
What is OWASP PurpleTeam?

PurpleTeam is a security regression testing CLI and SaaS targeting Web applications and APIs.
The CLI is specifically targeted at sitting within your build pipelines but can also be run manually.
The SaaS that does the security testing of your applications and/or APIs can be deployed anywhere.

Kim will briefly discuss the three-year journey that has brought PurpleTeam from a proof of concept (PoC) to where it is now.

An overview of the NodeJS micro-services with a pluggable tester architecture will be provided.

Why would I want it in my build pipelines?

In this section, Kim will discuss the problem that PurpleTeam solves,
along with the cost savings of finding and fixing your application security defects early (as you're introducing them) as opposed to late (weeks months later with external penetration testing) or not at all.

OK, I want it, how do we/I set it up?

Kim will walk you through all of the components and how to get them set-up and configured

Great, but what do the workflows look like?

Let's walk through the different ways PurpleTeam can be run and utilised, such as:

* Running purpleteam standalone (with UI)
* Running purpleteam from within your pipelines as a spawned sub process (headless: without UI)
* Running all of the PurpleTeam components, including debugging each and every one of them if and when the need arises

avatar for Kim Carter

Kim Carter

Purple Teaming with OWASP purpleteam
Technologist / Engineer, Information Security Professional, Entrepreneur and the founder of BinaryMist Ltd (https://binarymist.io/) and purpleteam-labs (https:purpleteam-labs.com). OWASP NZ Chapter Leader for Chch. Certified Scrum Master. Facilitator, mentor and motivator of cross... Read More →

Friday September 24, 2021 10:00pm - 10:30pm EDT