Session List

Session List2019-10-02T20:07:53+00:00

Hands On Threat Modeling Workshop

Presented by: Robert Hurlbut

Threat modeling is a way of thinking about what could go wrong and how to prevent it. Instinctively, we all think this way in regards to our own personal security and safety. When it comes to building software, some software shops either skip the important step of threat modeling in secure software...

Tags: Security, Soft Skills/BusinessFormat: PreCompilerLevel: Intermediate

iOS Application Security Testing

Presented by: Hans Weisheimer

This hands-on session is aimed at mobile app developers, QA testers, aspiring security testers, and other suspicious persons. ...

Tags: Mobile, Security, TestingFormat: PreCompilerLevel: Intermediate

Application Security, Basic, Intermediate, Advanced

Presented by: Bill Sempf

Bill will be joining us to teach a dynamic course to help us think like an attacker and give us all the coding tips we need to stop them cold in their tracks. Even the most experienced developers are sure to pick up some new tips and tricks. This hands-on half-day workshop will have something for...

Tags: Security, TestingFormat: PreCompilerLevel: Intermediate

Building a DevSecOps Pipeline

Presented by: Gene Gotimer

The release date is a week away. Development is complete. The code works, and everything looks good. Marketing is ready with the media blitz. Our customers are waiting to get their hands on the new features and are sure to give us good feedback. The only step left is to get the security group to...

Tags: Other, SecurityFormat: PreCompilerLevel: Intermediate

Securing Your API Endpoints - A Practical Authentication Guide

Presented by: Seth Petry-Johnson

It's never been easier to expose services over HTTP. It's also never been easier to inadvertently expose security holes via those same services. ...

Tags: .NET, Javascript, SecurityFormat: General SessionLevel: Intermediate

A Series of Unfortunate Events - What Happens When Your App is Hacked.

Presented by: Joe Kuemerle

Many of us know about the various security checklists and how we should write more secure code. In this session we will move beyond top 10 lists and dive into the world of how attackers compromise systems and how they use those compromises to exploit both individuals and companies. ...

Tags: SecurityFormat: General SessionLevel: Intermediate

App Deco - Applied Design Thinking for Secure Development

Presented by: Wolfgang Goerlich

Usability versus security is stupid. It forces us to choose one or the other. It excuses security breaches under the guise of usability. It automatically pits us against them, builders against breakers, developers against defenders. A better approach is to view security like usability: they happen...

Tags: Design (UI/UX/CSS), SecurityFormat: General SessionLevel: Intermediate

DDoS Attacks: Threat Landscape & Defensive Countermeasures

Presented by: Chris Holland

October 2016’s attack on Dyn's DNS infrastructure was a gloomy wake-up call to the online community at-large, depriving us access to some of the online destinations and applications we use every day, thereby confronting us with the stark reality of an old and ever-growing threat with which the...

Tags: Other, SecurityFormat: General SessionLevel: Intermediate

Understanding the identity business, and how to get out of it

Presented by: Jeff Putz

Knowing who is using your software is super fundamental. It's less important than ever to have to manage those identities yourself, but you can't escape understanding the protocols and players. Let's talk about how things like OAuth2 actually work, and then decide if you can get out of the business...

Tags: Cloud, Other, SecurityFormat: General SessionLevel: Intermediate