Threat Modeling on the Family Road Trip and Other Strategies for Delivering Secure Applications
Presented by: Angela Pinney
Gene Spafford said: “The only truly secure system is one that is powered off...” ...
Format: General SessionLevel: Introductory and overviewCapture That Flag : How CTF Competitions Make You a Better Developer
Presented by: John Koerner
Have you ever been asked to "think like a hacker?" Do your eyes glaze over when you have to sit through a security audit of your application? Do you want to avoid having an incident like Target, Capital One, or Equifax? If any of these apply to you, consider participating in a Capture the Flag (CTF)...
Format: General SessionLevel: Introductory and overviewPractical Cryptography for Developers
Presented by: Anthony Eden
Understanding the building blocks for cryptography is important for every software developer, especially as the quantity and value of data stored and sent over networks continues to grow. In this talk I will introduce you to the fundamentals of cryptography, demonstrating concepts such as symmetric...
Format: General SessionLevel: Introductory and overviewTests Your Pipeline Might Be Missing
Presented by: Gene Gotimer
Developing a delivery pipeline means more than just adding automated deploys to the development cycle. It’s about gaining confidence that your builds are viable candidates for release or production. For development to be successful, tests of all types must be incorporated throughout the process to...
Format: General SessionLevel: Introductory and overviewAPI Gateways and Microservices: 2 peas in a pod
Presented by: Santosh Hari
Chances are you’ve already gone through the tedious process of decomposing your monolith into microservices, or at the very least, want to use microservices in the near future. Nowadays, microservices connect to various APIs. These APIs could differ in protocols (REST/SOAP), where they’re hosted...
Format: General SessionLevel: Introductory and overviewWhat's in Your Docker? Open Source Security Vulnerabilities in Containers
Presented by: Matt Williams
So you stay on top of operating system vulnerabilities and patch ...
Format: General SessionLevel: Introductory and overviewFrom idea to physical series: A basic overview of the world of CAD and 3D printing
This session will talk about the exciting world of 3D printing with a bit of the history of the technology. We will look at the lab’s printers as well as models made on them. We’ll then cover choosing a CAD app and will briefly cover using curated 3D printer object libraries and different CAD...
Format: General SessionLevel: Introductory and overviewBlockchain from the Firehose
Presented by: Jacob Coulter
Take an in-depth look at Bitcoin, the blockchain that started it all. This session will cover all the pieces required to build a trustless distributed ledger. Learn from the most fundamental building blocks like hashing algorithms, transactions, and blocks, to the more advanced concepts such as...
Format: General SessionLevel: Introductory and overviewHack Your App - Intro to Mobile Security Testing
Presented by: Hans Weisheimer
Your phone really doesn’t want you to see what’s going on under the hood - it’s a feature. Many of the introspection capabilities that exist for web development are absent by default on mobile platforms. This is particularly frustrating when you need to validate assumptions or security...
Format: General SessionLevel: Introductory and overviewSpeed, security and simplicity: Creating Container Images with Cloud Native Buildpacks
Presented by: Daniel Mikusa
Buildpacks are a pluggable, modular, language-agnostic tool that takes application source code and in turn give you an OCI (Open Container Initiative) image which you can run using Docker, Kubernetes or your OCI Runtime of choice. ...
Format: General SessionLevel: Introductory and overviewContinuous Security
Presented by: Craig Hills
A presentation on how to build security testing into your CI/CD pipeline. The primary goal is to think about what the appropriate level of testing is for your project, and determine how to make the most significant improvements to your security, while being cost effective.
Format: General SessionLevel: Introductory and overviewExplain it to me like I'm 5: Oauth2 & OpenID
Presented by: Daniel Mikusa
Oauth2 and OpenID are quickly becoming mainstays for application developers. Companies want integrated authentication to reduce security footprints and users expect the convenience of single sign-on. As an application developer, it's up to you to facilitate this in your applications. ...
Format: General SessionLevel: Introductory and overviewHacking on a home server for fun and profit
Presented by: Leo Guinan
Do you have a Raspberry Pi or similar just gathering dust at home? Or maybe various other computer components hanging around? If you do, come join Leo's journey down the road of system administration, beginning with an assortment of Raspberry Pis, and current in the form of a rack server. He will...
Format: General SessionLevel: Introductory and overview