Javascript Web Security

Recap OWASP AppSecUSA 2016

October 26th, 2016 | By Pedro Fortuna | 3 min read

OWASP’s 13th Annual AppSecUSA Security Conference (held at the Renaissance Washington, DC Downtown Hotel in Washington DC, USA) was an amazing opportunity to discuss security with developers and security experts from across the U.S. and around the world.

If you were unable to attend AppSec USA 2016, don’t worry, OWASP recorded all of the sessions, which were posted on the OWASP YouTube channel. In the meantime, take a look at the major highlights we picked from the event:

1. Fascinating talks

At the conference, we had the chance to watch some compelling talks which followed the 2-days training session. We highlight the talk by James Wickett from Signal SciencesServerless Security: Doing Security in 100 milliseconds”. Very interesting indeed!

Kunal Anand from Prevoty also gave a great talk about Language-theoretic Security (LANGSEC) and how it can be used to protect against threats. Namely, by walking us through the creation of ksql, a minimalistic query language protected by LANGSEC.


2. Jscrambler Booth and Demos

Jscrambler was at Booth #S27 discussing security and demoing our technology to an audience of developers, security and tech professionals. We had the opportunity to speak with over 200 people about topics such as client-side RASP (Runtime Application Self-Protection), JavaScript Application Security, MiTB and DOM-tampering attacks. We had two Demos running at the same time that surely impressed our visitors! If you would like to know more about what we’ve shown there, do contact us here.


3. Ninja Challenge

We were also thrilled to have the opportunity to launch the second OWASP AppSec edition of our Ninja Challenge, an online hacking competition aimed at finding a supreme breed of JavaScript Ninjas. The participants were challenged to show their JavaScript abilities in cracking challenges related with browser security and code protection. They got to try our first level – Shroud of Concealment – adapted especially for this edition of AppSec USA.

Lots of participants showed their skills in reverse-engineering, obfuscation and minification by solving our exercises but the top 3 submissions proved to be the elite Ninjas. At the end of the conference, the grand prize winners of Ninja Challenge were revealed. Congratulations to the winners, who received an awesome drone each from Jscrambler’s CEO, Rui Ribeiro (on the left).


  1. Li-Wey Lu from Illinois, USA

  2. Alex Campos from Buenos Aires, Argentina

  3. Kim Seong from California, USA

4. Space Invaders Giveaway

We had plenty of giveaways to offer at booth S27 during OWASP AppSecUSA 2016. We offered our visitors a chance to be the master of one of our Space Invaders!


5. Top 10 Tweets from AppSecUSA

To recap the event, Signal Sciences have captured what they think are the Top 10 tweets of the event. Check them out here:

Huge thanks to the local OWASP AppSecUSA 2016 organizing team and OWASP staff for delivering such a stimulating conference! It was a pleasure to again sponsor the premier application security conference for developers and security experts and be inspired to continue tackling security challenges in more and more innovative ways.


The leader in client-side Web security. With Jscrambler, JavaScript applications become self-defensive and capable of detecting and blocking client-side attacks like Magecart.

View All Articles

Subscribe to Our Newsletter