Head of Innovation in Security, BBVA
Participant's team(s):
Luis Saiz Daily Schedule
| Monday | Tuesday | Wednesday | Thursday | Friday | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
|
|
| ||||||||||||||||
|
|
|
|
| ||||||||||||||||
|
| |||||||||||||||||||
|
|
|
|
|
| |||||||||||||||
|
|
|
|
| ||||||||||||||||
|
|
|
| |||||||||||||||||
|
| |||||||||||||||||||
|
| |||||||||||||||||||
|
|
|
|
Participating sessions details
| Title | Description | type | When | Time | Acting as |
|---|---|---|---|---|---|
| OWASP DevSecOps Studio | Working Sessions for Owasp DevSecOps Studio | working-session | Wed | AM-1 | participant |
| Integrating Security Tools in the SDL using OWASP DevSecOps Studio | Using DevSecOps studio to learn and teach Integrating security tools in the SDL | user-session | Mon | PM-1 | participant |
| Owasp Cloud Security Workshop (BETA) | A beta session of the OWASP Cloud Security Workshop (not to be scheduled on the Tuesday) | working-session | Mon | PM-2,PM-3 | participant |
| A seat at the table | Keynote by Adam | user-session | Mon | DS-2 | participant |
| Using a Rules Engine and Risk Patterns with IriusRisk | During this session we’ll drive the attendants through the IriusRisk approach and the main core features of the solution. | product-session | Mon | Eve-1 | participant |
| Update Treat Modeling website 2 | user-session | Mon | Eve-2 | participant | |
| Threat model cheat sheets | Threat Modeling Working Session | working-session | Tue | AM-1 | participant |
| API Threat Modeling Cheat Sheet | API Threat Modeling Cheat Sheet | working-session | Tue | PM-1 | participant |
| Agile Practices for Security Teams | Agile Practices for Security Teams | working-session | Tue | PM-1 | participant |
| Attack chains as TM technique | Threat Modeling Working Session | working-session | Tue | PM-2 | participant |
| Back to the future with Threat Modeling | Back to the future with Threat Modeling | working-session | Tue | PM-3 | participant |
| Publishing apps in a VSTS security pipeline | Beginner level session on DevSecOps and publishing to the Cloud | user-session | Tue | PM-3 | participant |
| Gamifying Security Dashboards | Keynote by Ante Gulam | user-session | Tue | KN-2 | participant |
| Share your playbooks and release them under Creative Commons | Session to consolidate and publish anonymised real-word playbooks | working-session | Tue | DS-3 | participant |
| Using JIRA to create and execute Security Playbooks | Hands on session on how to use JIRA for incident response | user-session | Tue | PM-3 | participant |
| Using Threat Models for GDPR | Hands on user session on how to use Threat Models in GDPR mappings | user-session | Tue | Eve-2 | participant |
| Thinking in Graphs | Keynote by Dinis Cruz | user-session | Wed | KN-2 | participant |
| Describe different ways of implementing TM in agile organisations | working-session | Wed | AM-1 | participant | |
| Using User Story Mapping for effective communication | working-session | Wed | PM-1 | participant | |
| Docker and Kubernetes Threat Modeling Cheat Sheet | Docker and Kubernetes Threat Modeling Cheat Sheet | working-session | Wed | PM-1 | participant |
| How to Threat Model Features with Questionnaires | How to Threat Model Features with Questionnaires | working-session | Wed | PM-2 | participant |
| Integrating Security into an Spotify Model (and using Squads for Security teams) | Best practice cheat sheet for integrating Agile Security into the Spotify model | working-session | Wed | PM-3 | participant |
| Writing Checkmarx SAST rules | Hands on session on how to write custom rules for the Checkmarx SAST engine | product-session | Wed | Eve-2 | participant |
| Crossing the river by feeling the stones | Keynote by Simon Wardley | user-session | Thu | KN-2 | participant |
| Cell based Structures for Security | Spotify compliant organizational model in security domain | working-session | Thu | PM-1 | participant |
| Integrating Security Tools in the SDL | Integrate security tools as part of CI/CD pipeline to find/fix issues early in SDL | working-session | Thu | AM-1, PM-1 | participant |
| Writing security tests to confirm vulnerabilities and fixes | Hands on session writing security tests | user-session | Thu | PM-1 | participant |
| Wardley Mapping – a practical session on how to use value chain mapping | Practical session on how to use value chain mapping. | user-session | Thu | AM-1 | participant |
| How to scale Threat Modeling | |||||
| Squad Modelling and Cross Functional Teams | How to use AI and ML for incident response | working-session | Thu | PM-2 | participant |
| Threat Model training through Gamification | Threat Model training through Gamification | working-session | Thu | PM-3 | participant |
| Securing the CI Pipeline | Secure the CI/CD pipeline | working-session | Thu | PM-2,PM-3 | participant |
| Adding Privacy by Design in Secure Application Development | Keynote by Sebastien Deleersnyder | user-session | Fri | KN-2 | participant |
| Owasp Top 5 Machine Learning risks | working-session | Fri | AM-1 | participant | |
| Share your Threat Models diagrams and create a Book | working-session | Fri | PM-1 | participant | |
| Using AI and ML for incident response | How to use AI and ML for incident response | working-session | Fri | PM-1 | participant |
| WebAuthn - Getting started workshop | working-session | Fri | AM-1 | participant |
Register as organizer
To register as an organizer of an session or track:
- add your name to the
organizersmetadata field (in this caseLuis Saiz)
Back to list of all Participants