User Sessions

In addition to Working Sessions this year we are also introducing the concept of User Sessions, which will be very learning-based hands-on practically-driven sessions, so you leave with the knowledge, skills and tools you need to make immediate changes in your workplace.

We wanted to introduce User Sessions to this year’s event, as we believe that only by keeping your learning up to date and taking opportunities to try these new skills out for yourself in a safe environment, where it’s ok to fail - and fail fast - will you really be able to go back and implement the new knowledge you have acquired.

The Summit now includes these User Sessions, from working through Chaos Experiments to getting to grips with GDPR Patterns, from understanding how to use OWASP SAMM to using Pixi, we want to cover all the bases.

See also the planned Working Sessions.

Current User Sessions

TitleTrackDescription
A long successful career in IT (women in tech)KeynotesKeynote by Ante Gulam
A seat at the tableKeynotesKeynote by Adam
A shared understanding of SuccessKeynotesKeynote by Sara Davis
Adding CRS3 and Pixi to CircleCI pipelineDecSecOpsAdding OWASP ModSecurity Core Rule Set 3 and Pixi to CircleCI pipeline
Adding Privacy by Design in Secure Application DevelopmentKeynotesKeynote by Sebastien Deleersnyder
Ask me anything (AMA) - Meet the ExpertsMiscAsk all the burning questions you have to those in industry
Ask me anything (AMA) on GDPRGDPRAsk all the burning questions you have on GDPR
Create a Slack bot in PythonDevSecOpsHands on session to show participants how to create a Slack bot in Python
Creating Appsec metrics and visualisationDevSecOpsAppSec Metrics and Visualisation
Creating ELK DashboardsMaps and GraphsPractical session on creating ELK Dashboards
Creating Open Source Avatao exercisesMisc
Creating Security exams (How to)Security Questions
Crossing the river by feeling the stonesKeynotesKeynote by Simon Wardley
Diving into mobile cryptography using dynamic instrumentation with FridaMiscHands-on session by Carlos Holguera
Gamifying Security DashboardsKeynotesKeynote by Ante Gulam
Hands on Chaos ExperimentsChaos Engineering
Hands-on GDPR PatternsGDPRUsing GDPR Patterns
Implementing the OWASP responsible disclosure Maturity ModelOWASP ProjectsHand-on session on creating the OWASP responsible disclosure Maturity Model
Informational AwarenessKeynotesKeynote by Jonathan Hawes
InSecurityKeynotesKeynote by Jane Frankland
Integrating Security Tools in the SDL using OWASP DevSecOps StudioDevSecOpsUsing DevSecOps studio to learn and teach Integrating security tools in the SDL
JIRA - how to use itMiscHow to use Jira for risk management, incident response and managing a team
OS Summit Website - how to use itMiscHow to update the Open Security website
Publishing apps in a VSTS security pipelineDecSecOpsBeginner level session on DevSecOps and publishing to the Cloud
Running CTF Games with OWASP Juice ShopOwasp ProjectsRunning / hosting CTF games with OWASP JuiceShop
SAMM - Best PracticesOWASP SAMMUser session on how to use Owasp SAMM
SAMM IntroductionOWASP SAMMIntroduction session on SAMM for people who want to know more about the project
SAMM Round TableOWASP SAMMRound table session with SAMM users
secureCodeBox - How to improve your CI/CD pipeline with automated security testsDevSecOpsHands on session to introduce the new project secureCodeBox.io and how you could use it to improve your CI/CD pipeline with automated security tests easily.
Security Quiz Night (Mon)Security Questions
Security Quiz Night (Thu)Security Questions
Security Quiz Night (Tue)Security Questions
Security Quiz Night (Wed)Security Questions
SOC Value Chain using Wardley mapsMaps and Graphs
Summit OnboardingMiscHow to update the Open Security website
Testing iOS Apps without JailbreakOwasp ProjectsMobile Security Working Session
Thinking in GraphsKeynotesKeynote by Dinis Cruz
Track IntroductionsMisc
Update Treat Modeling website 1Threat Model
Update Treat Modeling website 2Threat Model
Update Treat Modeling website 3Threat ModelThreat Modeling User Session
Update Treat Modeling website 4Threat ModelThreat Modeling User Session
Update Treat Modeling website 5Threat Model
Using graphs for GDPR mappings and visualisationsGDPRHands on sessions of mapping GDPR data to graphs
Using JIRA to create and execute Security PlaybooksDevSecOpsHands on session on how to use JIRA for incident response
Using Neo4J to filter and review SAST findingsMaps and Graphs
Using the OWASP Maturity Model toolOWASP SAMMPractical session on using the OWASP Maturity Model tool
Using Threat Models for GDPRGDPRHands on user session on how to use Threat Models in GDPR mappings
Wardley Mapping – a practical session on how to use value chain mappingMaps and GraphsPractical session on how to use value chain mapping.
Writing a Security Budget
Writing security tests to confirm vulnerabilities and fixesDevSecOpsHands on session writing security tests
Zap - How to use itOwasp ProjectsUser session to help ZAP users