Suggestions for Working Sessions

By Harrie Bickle | January 1, 0001

What should we work on?

The OSS philosophy is one of participant-driven focus. So it is up to you to shape your conference to target your greatest needs. There is a whole world of ideas, let’s start sharing them, prioritising them and turning them into working sessions with clear objectives.

Working Session ideas

Agile AppSec

  • Agile Practices for Security Teams
  • Define Agile Security Practices
  • Integrating Security into a Portfolio Kanban
  • Integrating Security into a Sales Channel
  • Integrating Security into an Spotify Model
  • Security Champions
  • Security Guild vs Security Champions
  • Using Security Risks to Measure Agile Practices
  • InfoSec Warranties and Guarantees
  • Mobilising Business Lines for Security
  • SAMM Metrics for Enterprise
  • The future of privacy
  • Women in Cyber

CISO

  • Application Security Guide for CISO
  • AppSec Article 5 Collective Defence Agreement
  • AppSec for CISOs
  • CISO Round Table
  • CISO Survey
  • Cyber Insurance
  • GDRP DPO and AppSec
  • Growing the AppSec Industry

DevSecOps

  • AppSec SoC Monitoring Visualisation
  • BDD for Cloud Security
  • Docker Security
  • ELK Security Dashboards
  • Integrating Security Tools in SDL
  • JIRA Risk Workflow
  • Netflix Security Automation
  • Node Security Round Table
  • Real Time SAST Engine Architecture
  • Review Docker Security Workshop
  • Securing GitHub Integrations
  • Securing Legacy Applications
  • Securing the CI Pipeline
  • Security Guidance and Feedback in IDE
  • SRE Security Activities
  • Threat Vulnerability Management
  • WAF best practices
  • Writing Security Tests

Education

  • AppSec BSc Masters Curriculum Design
  • Creating AppSec Talent
  • Creating AppSec Teams
  • CTFs
  • Cyber Security Economics
  • Hackathon Beyond OWASP Top Ten
  • Recruiting AppSec Talent
  • Security Book Club
  • Software Defined Everything (SDx)
  • Teaching Attacker Perspective to Developers

IOT

  • GSMA IoT Security Guidelines
  • Internet of Things Project
  • Security Architecture Recommendations for IoT
  • TLS for Local IoT

Juice Shop

  • Juice Shop Brainstorming
  • Juice Shop Coding Day
  • Juice Shop Coding Night
  • Juice Shop Release

Mobile Sec

  • MSTG
  • MSTG 01
  • MSTG 02
  • MSTG 03
  • MSTG 04
  • MSTG 05

Research

  • BeyondCorp for internal Web Applications
  • Future of .Net Containers
  • GraphQL Security Review
  • LANGSEC Language theoretic Security
  • Protobuf for Data Validation Between Services
  • Security Labels
  • Using ML and AI to detect attacks

Playbook Sec

  • AppSec Review and Pentest Playbook
  • Bug Bounty Playbook
  • Create Jira Workflows for Security Playbooks
  • DoS Playbook
  • Due Diligence Playbook
  • Incident Response Playbook
  • Media Handling Playbook
  • Playbooks Common Format
  • Playbooks vs Handbooks
  • Ransomware Playbook
  • Security Monitoring Playbooks
  • Security Playbooks Diagrams

Other Ideas

  • AppSec Job Fair
  • Cross Company Hackathons
  • Crowdsourcing Security Knowledge
  • Hackathon Daily Sessions
  • Internal Bug Bounties Programmes
  • Lessons learned from public bug bounties programmes
  • OWASP Bug Bounty
  • OWASP Top Ten
  • Responsible disclosure
  • GDPR
  • Java
  • Node
  • SAST
  • SOC
  • TLS

Search