Conference Rooms
Kings Threat Model | Portland Misc | Larch Maps and Graphs | Montague Security Questions | Maulden DevSecOps | Pedley Misc | |
|---|---|---|---|---|---|---|
| AM-1 10:30 - 12:30 | Describe different ways of implementing TM in agile organisations | AWS WAF for DDoS Mitigation | OWASP DevSecOps Studio DevSecOps OWASP DevSecOps Studio | |||
| PM-1 13:30 - 15:00 | Docker and Kubernetes Threat Modeling Cheat Sheet | AWS Lambda Security | Using User Story Mapping for effective communication Maps and Graphs Using User Story Mapping for effective communication | Creating Appsec metrics and visualisation | ||
| PM-2 15:30 - 16:30 | How to Threat Model Features with Questionnaires Threat Model How to Threat Model Features with Questionnaires | Securing AWS S3 Buckets | Create NodeJS Security Questions Security Questions Create NodeJS Security Questions | SOC Monitoring Visualisation DevSecOps SOC Monitoring Visualisation | secureCodeBox - How to improve your CI/CD pipeline with automated security tests | |
| PM-3 16:30 - 17:30 | Federated Login with Social Platforms Threat Modeling Cheat Sheet | GDPR Appropriate Security Controls | Create Perl Security Questions Security Questions Create Perl Security Questions | Integrating Security into an Spotify Model (and using Squads for Security teams) | Adding CRS3 and Pixi to CircleCI pipeline |
Main conference Hall
Main Stage | Table 1 | Table 2 | Table 3 | Table 4 | Table 5 | Table 6 | |
|---|---|---|---|---|---|---|---|
| KN-1 9:20 - 9:35 | |||||||
| KN-2 9:40 - 9:55 | Thinking in Graphs Keynotes Thinking in Graphs | ||||||
| DS-1 10:00 - 10:30 | GS AppSec Daily Scrum (Wed) | GS Detect Daily Scrum (Wed) | GS Risk Daily Scrum (Wed) | GS Summit Daily Scrum (Wed) | SAMM Core Daily Scrum (Wed) | Review quiz answers from Tue Security Questions Review quiz answers from Tue | |
| DS-2 12:30 - 13:30 | Informational Awareness Keynotes Informational Awareness | DPO how to become one | Implementing the OWASP responsible disclosure Maturity Model | ||||
| DS-3 18:00 - 19:00 | DPO what to expect | Gamification of GDPR compliance | Job Fair Misc Job Fair |
Villas
OWASP SAMM | DevSecCon | Owasp Projects | CertDev | Photobox | Threat Modeling | Women in Tech | |
|---|---|---|---|---|---|---|---|
| AM-1 10:30 - 12:30 | SAMMv2 working session - Operations OWASP SAMM SAMMv2 working session - Operations | Application Security Verification Standard Owasp Projects Application Security Verification Standard | |||||
| PM-1 13:30 - 15:00 | SAMMv2 working session - Verification OWASP SAMM SAMMv2 working session - Verification | Testing iOS Apps without Jailbreak Owasp Projects Testing iOS Apps without Jailbreak | |||||
| PM-2 15:30 - 16:30 | SAMMv2 Measurement Model OWASP SAMM SAMMv2 Measurement Model | Update MSTG with changes in iOS 11 Owasp Projects Update MSTG with changes in iOS 11 | |||||
| PM-3 16:30 - 17:30 | SAMMv2 Establish the Document Model OWASP SAMM SAMMv2 Establish the Document Model | Juice Shop Brainstorming Owasp Projects Juice Shop Brainstorming | |||||
| Eve-1 19:30 - 21:00 | Reboot Owasp Books Project Owasp Projects Reboot Owasp Books Project | Security Quiz Night (Wed) Security Questions Security Quiz Night (Wed) | Darktrace Tuning Session DevSecOps Darktrace Tuning Session | Update Treat Modeling website 4 Threat Model Update Treat Modeling website 4 | |||
| Eve-2 21:00 - 23:00 | Writing Checkmarx SAST rules DevSecOps Writing Checkmarx SAST rules | Incident handling with DarkTrace DevSecOps Incident handling with DarkTrace |
Sessions with no room booked for Wed
- Ask me anything (AMA) - Meet the Experts
- Create Docker Security Questions
- Create PHP Security Questions
- PBX-GS Offsite session 3 - Room cancelled please go to ROOM 5
- Using activity-oriented metrics for Security
- Using AWS Neptune GraphDB
- Using Elastic Stack services
- Using JIRA-NeoVis to graph Threat Models
- Using Neo4J Enterprise
- Using press-releases as improved project's briefs