Schedule by day

Working Sessions

Working Sessions

whenMondayTuesdayWednesdayThursdayFriday
Automation of MASVS with BDD
Automation of MASVS with BDD
Create .Net Security Questions
Create .Net Security Questions
Create Owasp Top 10 Security Questions
Create Owasp Top 10 Security Questions
Create Wardley Maps for multiple security scenarios
Create Wardley Maps for multiple security scenarios
Creating a Steady-State Hypothesis
Creating a Steady-State Hypothesis
Customising the Chaos Toolkit
Customising the Chaos Toolkit
GDPR Compliance what does it mean?
GDPR Compliance what does it mean?
Hands-on JIRA Schema refactoring
Hands-on JIRA Schema refactoring
Hands-on JIRA Schema refactoring (DS)
Hands-on JIRA Schema refactoring (DS)
Lessons learned from public bug bounties programmes
Lessons learned from public bug bounties programmes
Owasp Cloud Security Workshop (BETA)
Owasp Cloud Security Workshop (BETA)
Real world Chaos Engineering
Real world Chaos Engineering
SAMM DevSecOps Version
SAMM DevSecOps Version
Security Questions workshop
Security Questions workshop
Threat model track opening session
Threat model track opening session
Threat Modeling Website Structure
Threat Modeling Website Structure
Adding security to VSTS pipeline
Adding security to VSTS pipeline
Agile Practices for Security Teams
Agile Practices for Security Teams
API Threat Modeling Cheat Sheet
API Threat Modeling Cheat Sheet
Attack chains as TM technique
Attack chains as TM technique
Automation of MASVS with BDD
Automation of MASVS with BDD
Back to the future with Threat Modeling
Back to the future with Threat Modeling
Create AWS Security Questions
Create AWS Security Questions
Create Java Security Questions
Create Java Security Questions
Creating a standard for GDPR patterns
Creating a standard for GDPR patterns
Creation of Security Buttons
Creation of Security Buttons
Cyber Insurance
Cyber Insurance
Cyber Risk Modeling
Cyber Risk Modeling
Define an Open Risk Pattern format
Define an Open Risk Pattern format
DevSecOps Maturity Model (DSOMM)
DevSecOps Maturity Model (DSOMM)
European GDPR variations
European GDPR variations
MSc Appication Security
MSc Appication Security
OWASP Collective Defence Cluster (CDC) - One year on
OWASP Collective Defence Cluster (CDC) - One year on
OWASP Defect Dojo
OWASP Defect Dojo
Review quiz answers from Mon
Review quiz answers from Mon
SAMMv2 working session - Design
SAMMv2 working session - Design
SAMMv2 working session - Governance
SAMMv2 working session - Governance
SAMMv2 working session - Implementation
SAMMv2 working session - Implementation
Security Buttons Extended
Security Buttons Extended
Security Crowdsourcing
Security Crowdsourcing
Security Ethics Checklist
Security Ethics Checklist
Share your playbooks and release them under Creative Commons
Share your playbooks and release them under Creative Commons
Share your security polices and release them under Creative Commons
Share your security polices and release them under Creative Commons
Threat model cheat sheets
Threat model cheat sheets
Update MSTG with changes in Android 8 (Oreo)
Update MSTG with changes in Android 8 (Oreo)
Using JIRA-NeoVis to graph GDPR Data Journeys
Using JIRA-NeoVis to graph GDPR Data Journeys
Using maps to define how to capture, detect and prevent 6 real-world security incidents
Using maps to define how to capture, detect and prevent 6 real-world security incidents
Application Security Verification Standard
Application Security Verification Standard
Automation of MASVS with BDD
Automation of MASVS with BDD
Create Docker Security Questions
Create Docker Security Questions
Create NodeJS Security Questions
Create NodeJS Security Questions
Create Perl Security Questions
Create Perl Security Questions
Create PHP Security Questions
Create PHP Security Questions
Describe different ways of implementing TM in agile organisations
Describe different ways of implementing TM in agile organisations
Docker and Kubernetes Threat Modeling Cheat Sheet
Docker and Kubernetes Threat Modeling Cheat Sheet
DPO how to become one
DPO how to become one
DPO what to expect
DPO what to expect
Federated Login with Social Platforms Threat Modeling Cheat Sheet
Federated Login with Social Platforms Threat Modeling Cheat Sheet
Gamification of GDPR compliance
Gamification of GDPR compliance
GDPR Appropriate Security Controls
GDPR Appropriate Security Controls
How to Threat Model Features with Questionnaires
How to Threat Model Features with Questionnaires
Integrating Security into an Spotify Model (and using Squads for Security teams)
Integrating Security into an Spotify Model (and using Squads for Security teams)
Job Fair
Job Fair
Juice Shop Brainstorming
Juice Shop Brainstorming
OWASP DevSecOps Studio
OWASP DevSecOps Studio
Reboot Owasp Books Project
Reboot Owasp Books Project
Review quiz answers from Tue
Review quiz answers from Tue
SAMMv2 Establish the Document Model
SAMMv2 Establish the Document Model
SAMMv2 Measurement Model
SAMMv2 Measurement Model
SAMMv2 working session - Operations
SAMMv2 working session - Operations
SAMMv2 working session - Verification
SAMMv2 working session - Verification
SOC Monitoring Visualisation
SOC Monitoring Visualisation
Update MSTG with changes in iOS 11
Update MSTG with changes in iOS 11
Using JIRA-NeoVis to graph Threat Models
Using JIRA-NeoVis to graph Threat Models
Using press-releases as improved project's briefs
Using press-releases as improved project's briefs
Using User Story Mapping for effective communication
Using User Story Mapping for effective communication
Automation of MASVS with BDD
Automation of MASVS with BDD
Cell based Structures for Security
Cell based Structures for Security
CISO Ask Me Anything (AMA)
CISO Ask Me Anything (AMA)
Create Owasp AWS Security Questions
Create Owasp AWS Security Questions
Create Security Economics Quiz
Create Security Economics Quiz
Creating an open 3rd Party Supplier Questionnaire and maturity model
Creating an open 3rd Party Supplier Questionnaire and maturity model
From Threat Modeling to DevSecOps metrics
From Threat Modeling to DevSecOps metrics
How to scale Threat Modeling.
How to scale Threat Modeling.
Integrating Security Tools in the SDL
Integrating Security Tools in the SDL
IoT Threat Modeling Cheat Sheet
IoT Threat Modeling Cheat Sheet
JIRA Risk Workflow
JIRA Risk Workflow
Juice Shop Coding Day
Juice Shop Coding Day
Meet the ICO
Meet the ICO
Owasp Testing Guide v5
Owasp Testing Guide v5
Prepare Thursday Quiz session
Prepare Thursday Quiz session
Recruiting AppSec Talent
Recruiting AppSec Talent
Review quiz answers from Wed
Review quiz answers from Wed
SAMM benchmarking
SAMM benchmarking
SAMM Project Meeting
SAMM Project Meeting
Securing the CI Pipeline
Securing the CI Pipeline
Squad Modelling and Cross Functional Teams
Squad Modelling and Cross Functional Teams
Threat model guide
Threat model guide
Threat Model training through Gamification
Threat Model training through Gamification
Using Data Science for log analysis
Using Data Science for log analysis
Vulnerability Intelligence Working Group
Vulnerability Intelligence Working Group
Web Application Honeypot
Web Application Honeypot
Women in Cyber-security: improving the gender balance
Women in Cyber-security: improving the gender balance
Automation of MASVS with BDD
Automation of MASVS with BDD
Consolidate and process all Security Quiz data
Consolidate and process all Security Quiz data
Create a Tech Radar for Security teams
Create a Tech Radar for Security teams
Create generic TM for CMS
Create generic TM for CMS
Create generic TM for CMS
Create generic TM for CMS
Group Discussion on Learning from Digital Incidents
Group Discussion on Learning from Digital Incidents
Owasp Top 5 Machine Learning risks
Owasp Top 5 Machine Learning risks
Present Security Quiz Data
Present Security Quiz Data
Review quiz answers from Thu
Review quiz answers from Thu
Share your Threat Models diagrams and create a Book
Share your Threat Models diagrams and create a Book
Threat model closing session
Threat model closing session
Using AI and ML for incident response
Using AI and ML for incident response
Using Jira to handle Incident Response - simulations
Using Jira to handle Incident Response - simulations
Using JIRA-NeoVis to create graphical representations of JIRA data
Using JIRA-NeoVis to create graphical representations of JIRA data
WebAuthn - Getting started workshop
WebAuthn - Getting started workshop
Sessions not mapped to an day and time
  • Creating diagrams with DOT language
    Creating diagrams with DOT language
  • Defining a Security Champion
    Defining a Security Champion
  • How do you define and measure the value of Threat Modeling?
    How do you define and measure the value of Threat Modeling?
  • Methodology / technique showcase
    Methodology / technique showcase
  • Policies for the InfoSec industry
    Policies for the InfoSec industry
  • Policies for the security industry
    Policies for the security industry
  • SABSA and threat modeling
    SABSA and threat modeling
  • SAMM2 Kickoff
    SAMM2 Kickoff
  • Securing GitHub Integrations
    Securing GitHub Integrations
  • Transform OWASP Exam into Security Questions
    Transform OWASP Exam into Security Questions
  • Want to become a CISO?
    Want to become a CISO?

    User Sessions

    MondayTuesdayWednesdayThursdayFriday
    A seat at the table
    A seat at the table
    Create a Slack bot in Python
    Create a Slack bot in Python
    Hands on Chaos Experiments
    Hands on Chaos Experiments
    Integrating Security Tools in the SDL using OWASP DevSecOps Studio
    Integrating Security Tools in the SDL using OWASP DevSecOps Studio
    OS Summit Website - how to use it
    OS Summit Website - how to use it
    SAMM - Best Practices
    SAMM - Best Practices
    SAMM Introduction
    SAMM Introduction
    SAMM Round Table
    SAMM Round Table
    Security Quiz Night (Mon)
    Security Quiz Night (Mon)
    Summit Onboarding
    Summit Onboarding
    Track Introductions
    Track Introductions
    Update Treat Modeling website 1
    Update Treat Modeling website 1
    Update Treat Modeling website 2
    Update Treat Modeling website 2
    A long successful career in IT (women in tech)
    A long successful career in IT (women in tech)
    Ask me anything (AMA) on GDPR
    Ask me anything (AMA) on GDPR
    Creating ELK Dashboards
    Creating ELK Dashboards
    Creating Open Source Avatao exercises
    Creating Open Source Avatao exercises
    Gamifying Security Dashboards
    Gamifying Security Dashboards
    Publishing apps in a VSTS security pipeline
    Publishing apps in a VSTS security pipeline
    Security Quiz Night (Tue)
    Security Quiz Night (Tue)
    Update Treat Modeling website 3
    Update Treat Modeling website 3
    Using JIRA to create and execute Security Playbooks
    Using JIRA to create and execute Security Playbooks
    Using Threat Models for GDPR
    Using Threat Models for GDPR
    Zap - How to use it
    Zap - How to use it
    Adding CRS3 and Pixi to CircleCI pipeline
    Adding CRS3 and Pixi to CircleCI pipeline
    Ask me anything (AMA) - Meet the Experts
    Ask me anything (AMA) - Meet the Experts
    Creating Appsec metrics and visualisation
    Creating Appsec metrics and visualisation
    Diving into mobile cryptography using dynamic instrumentation with Frida
    Diving into mobile cryptography using dynamic instrumentation with Frida
    Implementing the OWASP responsible disclosure Maturity Model
    Implementing the OWASP responsible disclosure Maturity Model
    Informational Awareness
    Informational Awareness
    secureCodeBox - How to improve your CI/CD pipeline with automated security tests
    secureCodeBox - How to improve your CI/CD pipeline with automated security tests
    Security Quiz Night (Wed)
    Security Quiz Night (Wed)
    Testing iOS Apps without Jailbreak
    Testing iOS Apps without Jailbreak
    Thinking in Graphs
    Thinking in Graphs
    Update Treat Modeling website 4
    Update Treat Modeling website 4
    Creating Security exams (How to)
    Creating Security exams (How to)
    Crossing the river by feeling the stones
    Crossing the river by feeling the stones
    Hands-on GDPR Patterns
    Hands-on GDPR Patterns
    InSecurity
    InSecurity
    Running CTF Games with OWASP Juice Shop
    Running CTF Games with OWASP Juice Shop
    Security Quiz Night (Thu)
    Security Quiz Night (Thu)
    SOC Value Chain using Wardley maps
    SOC Value Chain using Wardley maps
    Update Treat Modeling website 5
    Update Treat Modeling website 5
    Using graphs for GDPR mappings and visualisations
    Using graphs for GDPR mappings and visualisations
    Using the OWASP Maturity Model tool
    Using the OWASP Maturity Model tool
    Wardley Mapping – a practical session on how to use value chain mapping
    Wardley Mapping – a practical session on how to use value chain mapping
    Writing a Security Budget
    Writing a Security Budget
    Writing security tests to confirm vulnerabilities and fixes
    Writing security tests to confirm vulnerabilities and fixes
    A shared understanding of Success
    A shared understanding of Success
    Adding Privacy by Design in Secure Application Development
    Adding Privacy by Design in Secure Application Development