Schedule by day

Working Sessions

Working Sessions

when Monday Tuesday Wednesday Thursday Friday
Automation of MASVS with BDD
Create .Net Security Questions
Create Owasp Top 10 Security Questions
Create Wardley Maps for multiple security scenarios
Creating a Steady-State Hypothesis
Customising the Chaos Toolkit
GDPR Compliance what does it mean?
Hands-on JIRA Schema refactoring
Hands-on JIRA Schema refactoring (DS)
Lessons learned from public bug bounties programmes
Owasp Cloud Security Workshop (BETA)
Real world Chaos Engineering
SAMM DevSecOps Version
Security Questions workshop
Threat Modeling Website Structure
Threat model track opening session
API Threat Modeling Cheat Sheet
Adding security to VSTS pipeline
Agile Practices for Security Teams
Attack chains as TM technique
Automation of MASVS with BDD
Back to the future with Threat Modeling
Create AWS Security Questions
Create Java Security Questions
Creating a standard for GDPR patterns
Creation of Security Buttons
Cyber Insurance
Cyber Risk Modeling
Define an Open Risk Pattern format
DevSecOps Maturity Model (DSOMM)
European GDPR variations
MSc Appication Security
OWASP Collective Defence Cluster (CDC) - One year on
OWASP Defect Dojo
Review quiz answers from Mon
SAMMv2 working session - Design
SAMMv2 working session - Governance
SAMMv2 working session - Implementation
Security Buttons Extended
Security Crowdsourcing
Security Ethics Checklist
Share your playbooks and release them under Creative Commons
Share your security polices and release them under Creative Commons
Threat model cheat sheets
Update MSTG with changes in Android 8 (Oreo)
Using JIRA-NeoVis to graph GDPR Data Journeys
Using maps to define how to capture, detect and prevent 6 real-world security incidents
Application Security Verification Standard
Automation of MASVS with BDD
Create Docker Security Questions
Create NodeJS Security Questions
Create PHP Security Questions
Create Perl Security Questions
DPO how to become one
DPO what to expect
Describe different ways of implementing TM in agile organisations
Docker and Kubernetes Threat Modeling Cheat Sheet
Federated Login with Social Platforms Threat Modeling Cheat Sheet
GDPR Appropriate Security Controls
Gamification of GDPR compliance
How to Threat Model Features with Questionnaires
Integrating Security into an Spotify Model (and using Squads for Security teams)
Job Fair
Juice Shop Brainstorming
OWASP DevSecOps Studio
Reboot Owasp Books Project
Review quiz answers from Tue
SAMMv2 Establish the Document Model
SAMMv2 Measurement Model
SAMMv2 working session - Operations
SAMMv2 working session - Verification
SOC Monitoring Visualisation
Update MSTG with changes in iOS 11
Using JIRA-NeoVis to graph Threat Models
Using User Story Mapping for effective communication
Using press-releases as improved project's briefs
Automation of MASVS with BDD
CISO Ask Me Anything (AMA)
Cell based Structures for Security
Create Owasp AWS Security Questions
Create Security Economics Quiz
Creating an open 3rd Party Supplier Questionnaire and maturity model
From Threat Modeling to DevSecOps metrics
How to scale Threat Modeling.
Integrating Security Tools in the SDL
IoT Threat Modeling Cheat Sheet
JIRA Risk Workflow
Juice Shop Coding Day
Meet the ICO
Owasp Testing Guide v5
Prepare Thursday Quiz session
Recruiting AppSec Talent
Review quiz answers from Wed
SAMM Project Meeting
SAMM benchmarking
Securing the CI Pipeline
Squad Modelling and Cross Functional Teams
Threat Model training through Gamification
Threat model guide
Using Data Science for log analysis
Vulnerability Intelligence Working Group
Web Application Honeypot
Women in Cyber-security: improving the gender balance
Automation of MASVS with BDD
Consolidate and process all Security Quiz data
Create a Tech Radar for Security teams
Create generic TM for CMS
Create generic TM for CMS
Group Discussion on Learning from Digital Incidents
Owasp Top 5 Machine Learning risks
Present Security Quiz Data
Review quiz answers from Thu
Share your Threat Models diagrams and create a Book
Threat model closing session
Using AI and ML for incident response
Using JIRA-NeoVis to create graphical representations of JIRA data
Using Jira to handle Incident Response - simulations
WebAuthn - Getting started workshop
Sessions not mapped to an day and time
  • Creating diagrams with DOT language
  • Defining a Security Champion
  • How do you define and measure the value of Threat Modeling?
  • Methodology / technique showcase
  • Policies for the InfoSec industry
  • Policies for the security industry
  • SABSA and threat modeling
  • SAMM2 Kickoff
  • Securing GitHub Integrations
  • Transform OWASP Exam into Security Questions
  • Want to become a CISO?

    User Sessions

    Monday Tuesday Wednesday Thursday Friday
    A seat at the table
    Create a Slack bot in Python
    Hands on Chaos Experiments
    Integrating Security Tools in the SDL using OWASP DevSecOps Studio
    OS Summit Website - how to use it
    SAMM - Best Practices
    SAMM Introduction
    SAMM Round Table
    Security Quiz Night (Mon)
    Summit Onboarding
    Track Introductions
    Update Treat Modeling website 1
    Update Treat Modeling website 2
    A long successful career in IT (women in tech)
    Ask me anything (AMA) on GDPR
    Creating ELK Dashboards
    Creating Open Source Avatao exercises
    Gamifying Security Dashboards
    Publishing apps in a VSTS security pipeline
    Security Quiz Night (Tue)
    Update Treat Modeling website 3
    Using JIRA to create and execute Security Playbooks
    Using Threat Models for GDPR
    Zap - How to use it
    Adding CRS3 and Pixi to CircleCI pipeline
    Ask me anything (AMA) - Meet the Experts
    Creating Appsec metrics and visualisation
    Diving into mobile cryptography using dynamic instrumentation with Frida
    Implementing the OWASP responsible disclosure Maturity Model
    Informational Awareness
    Security Quiz Night (Wed)
    Testing iOS Apps without Jailbreak
    Thinking in Graphs
    Update Treat Modeling website 4
    secureCodeBox - How to improve your CI/CD pipeline with automated security tests
    Creating Security exams (How to)
    Crossing the river by feeling the stones
    Hands-on GDPR Patterns
    InSecurity
    Running CTF Games with OWASP Juice Shop
    SOC Value Chain using Wardley maps
    Security Quiz Night (Thu)
    Update Treat Modeling website 5
    Using graphs for GDPR mappings and visualisations
    Using the OWASP Maturity Model tool
    Wardley Mapping – a practical session on how to use value chain mapping
    Writing a Security Budget
    Writing security tests to confirm vulnerabilities and fixes
    A shared understanding of Success
    Adding Privacy by Design in Secure Application Development