Luis Saiz

Head of Innovation in Security, BBVA

Participant's team(s):

Luis Saiz Daily Schedule

Monday Tuesday Wednesday Thursday Friday
KN-2
9:40 - 9:55
Gamifying Security Dashboards
main-stage
Thinking in Graphs
main-stage
Crossing the river by feeling the stones
main-stage
Adding Privacy by Design in Secure Application Development
main-stage
AM-1
10:30 - 12:30
Threat model cheat sheets
Kings room
Time slot over-subscribed
OWASP DevSecOps Studio
Maulden room
Describe different ways of implementing TM in agile organisations
Kings room
Time slot over-subscribed
Integrating Security Tools in the SDL
Maulden room
Wardley Mapping – a practical session on how to use value chain mapping
Larch room
Time slot over-subscribed
Owasp Top 5 Machine Learning risks
Portland room
WebAuthn - Getting started workshop
Maulden room
DS-2
12:30 - 13:30
A seat at the table
main-stage
PM-1
13:30 - 15:00
Integrating Security Tools in the SDL using OWASP DevSecOps Studio
Maulden room
Time slot over-subscribed
API Threat Modeling Cheat Sheet
Kings room
Agile Practices for Security Teams
Larch room
Time slot over-subscribed
Using User Story Mapping for effective communication
Larch room
Docker and Kubernetes Threat Modeling Cheat Sheet
Kings room
Time slot over-subscribed
Cell based Structures for Security
Larch room
Writing security tests to confirm vulnerabilities and fixes
Pedley room
Time slot over-subscribed
Share your Threat Models diagrams and create a Book
Kings room
Using AI and ML for incident response
Larch room
PM-2
15:30 - 16:30
Owasp Cloud Security Workshop (BETA)
Maulden room
Attack chains as TM technique
Kings room
How to Threat Model Features with Questionnaires
Kings room
Time slot over-subscribed
Squad Modelling and Cross Functional Teams
Pedley room
Securing the CI Pipeline
Maulden room
PM-3
16:30 - 17:30
Time slot over-subscribed
Back to the future with Threat Modeling
Kings room
Publishing apps in a VSTS security pipeline
Using JIRA to create and execute Security Playbooks
Larch room
Integrating Security into an Spotify Model (and using Squads for Security teams)
Maulden room
Time slot over-subscribed
Threat Model training through Gamification
Kings room
DS-3
18:00 - 19:00
Share your playbooks and release them under Creative Commons
Table 4
Eve-1
19:30 - 21:00
Using a Rules Engine and Risk Patterns with IriusRisk
320 - Threat Modeling villa
Eve-2
21:00 - 23:00
Update Treat Modeling website 2
320 - Threat Modeling villa
Using Threat Models for GDPR
317 - Photobox villa
Writing Checkmarx SAST rules
313 - DevSecCon villa

Participating sessions details

Title Description type When Time Acting as
OWASP DevSecOps Studio Working Sessions for Owasp DevSecOps Studio working-session Wed AM-1 participant
Integrating Security Tools in the SDL using OWASP DevSecOps Studio Using DevSecOps studio to learn and teach Integrating security tools in the SDL user-session Mon PM-1 participant
Owasp Cloud Security Workshop (BETA) A beta session of the OWASP Cloud Security Workshop (not to be scheduled on the Tuesday) working-session Mon PM-2,PM-3 participant
A seat at the table Keynote by Adam user-session Mon DS-2 participant
Using a Rules Engine and Risk Patterns with IriusRisk During this session we’ll drive the attendants through the IriusRisk approach and the main core features of the solution. product-session Mon Eve-1 participant
Update Treat Modeling website 2 user-session Mon Eve-2 participant
Threat model cheat sheets Threat Modeling Working Session working-session Tue AM-1 participant
API Threat Modeling Cheat Sheet API Threat Modeling Cheat Sheet working-session Tue PM-1 participant
Agile Practices for Security Teams Agile Practices for Security Teams working-session Tue PM-1 participant
Attack chains as TM technique Threat Modeling Working Session working-session Tue PM-2 participant
Back to the future with Threat Modeling Back to the future with Threat Modeling working-session Tue PM-3 participant
Publishing apps in a VSTS security pipeline Beginner level session on DevSecOps and publishing to the Cloud user-session Tue PM-3 participant
Gamifying Security Dashboards Keynote by Ante Gulam user-session Tue KN-2 participant
Share your playbooks and release them under Creative Commons Session to consolidate and publish anonymised real-word playbooks working-session Tue DS-3 participant
Using JIRA to create and execute Security Playbooks Hands on session on how to use JIRA for incident response user-session Tue PM-3 participant
Using Threat Models for GDPR Hands on user session on how to use Threat Models in GDPR mappings user-session Tue Eve-2 participant
Thinking in Graphs Keynote by Dinis Cruz user-session Wed KN-2 participant
Describe different ways of implementing TM in agile organisations working-session Wed AM-1 participant
Using User Story Mapping for effective communication working-session Wed PM-1 participant
Docker and Kubernetes Threat Modeling Cheat Sheet Docker and Kubernetes Threat Modeling Cheat Sheet working-session Wed PM-1 participant
How to Threat Model Features with Questionnaires How to Threat Model Features with Questionnaires working-session Wed PM-2 participant
Integrating Security into an Spotify Model (and using Squads for Security teams) Best practice cheat sheet for integrating Agile Security into the Spotify model working-session Wed PM-3 participant
Writing Checkmarx SAST rules Hands on session on how to write custom rules for the Checkmarx SAST engine product-session Wed Eve-2 participant
Crossing the river by feeling the stones Keynote by Simon Wardley user-session Thu KN-2 participant
Cell based Structures for Security Spotify compliant organizational model in security domain working-session Thu PM-1 participant
Integrating Security Tools in the SDL Integrate security tools as part of CI/CD pipeline to find/fix issues early in SDL working-session Thu AM-1, PM-1 participant
Writing security tests to confirm vulnerabilities and fixes Hands on session writing security tests user-session Thu PM-1 participant
Wardley Mapping – a practical session on how to use value chain mapping Practical session on how to use value chain mapping. user-session Thu AM-1 participant
How to scale Threat Modeling
Squad Modelling and Cross Functional Teams How to use AI and ML for incident response working-session Thu PM-2 participant
Threat Model training through Gamification Threat Model training through Gamification working-session Thu PM-3 participant
Securing the CI Pipeline Secure the CI/CD pipeline working-session Thu PM-2,PM-3 participant
Adding Privacy by Design in Secure Application Development Keynote by Sebastien Deleersnyder user-session Fri KN-2 participant
Owasp Top 5 Machine Learning risks working-session Fri AM-1 participant
Share your Threat Models diagrams and create a Book working-session Fri PM-1 participant
Using AI and ML for incident response How to use AI and ML for incident response working-session Fri PM-1 participant
WebAuthn - Getting started workshop working-session Fri AM-1 participant

Register as organizer

To register as an organizer of an session or track:

  • add your name to the organizers metadata field (in this case Luis Saiz)


Back to list of all Participants