Topics

Here the topics current mapped to User, Working and Trainign sessions:

AGILE

Title	Session Type	Day	When	Delivered By	Track	Register
Agile in Cybersecurity (9pm)	working-session	Tue		Leila Rao Leila Rao	DevSecOps	Book now
How to get Agile in Security	working-session			Leila Rao Leila Rao	DevSecOps
Security Automation with Python Boto3 for AWS and Pulumi	working-session	Fri		Petra Vukmirovic Petra Vukmirovic , Tomas Pilvelis	DevSecOps	Book now

ASVS REQUIREMENTS

Title	Session Type	Day	When	Delivered By	Track	Register
What OWASP tools/projects we already have and what are we missing to deliver secure devops pipelines	working-session	Fri		Daniel Cuthbert Daniel Cuthbert , Andrew van der Stock Andrew van der Stock	OWASP ASVS	Book now

AUTOMATION

Title	Session Type	Day	When	Delivered By	Track	Register
What can be leveraged from what we already have to move from devops to devsecops + What is missing + What will be priority	working-session				DevSecOps

AWS

Title	Session Type	Day	When	Delivered By	Track	Register
AWS Security	training-session				Cloud Security
How to provision cloud platforms securely	working-session	Wednesday			Cloud Security
How to provision cloud platforms securely- AWS, CloudFormation, templates	working-session				Cloud Security

CDR

Title	Session Type	Day	When	Delivered By	Track	Register
Bakeoff - Anti-virus vs CDR vs Sandboxing	working-session	Thu		Paul Burke Paul Burke	Content Disarm & Reconstruction	Book now
CDR Roundtable How to collaborate and increase adoption	working-session	Thu		Dinis Cruz Dinis Cruz	Content Disarm & Reconstruction	Book now
Create common sets of files for CDR Testing and QA	working-session	Thu		Matt Green Matt Green , Greg Mann Greg Mann	Content Disarm & Reconstruction	Book now
How to create specific test cases for ISGs requirements	training-session			Greg Mann Greg Mann , Elvin White Elvin White , Vinh Tram Vinh Tram	ISG
How to measure and visualise ISG standards	training-session	10th - Wednesday		Elvin White Elvin White , Vinh Tram Vinh Tram , Greg Mann Greg Mann	ISG	Book now
Progress on common test data	training-session	30th - Thursday		Elvin White Elvin White , Greg Mann Greg Mann	ISG	Book now
Progress on validating the ISGs	training-session	28th - Tuesday		Elvin White Elvin White , Greg Mann Greg Mann	ISG	Book now
Securely Handling Fonts in PDFs - Part 1	working-session	Wed		Elvin White Elvin White	Content Disarm & Reconstruction	Book now
What are ISGs and how to convert ISGs into checklists?	training-session	9th - Tuesday		Elvin White Elvin White , Dinis Cruz Dinis Cruz	ISG	Book now
What security exploits are prevented by implementing ISGs	training-session	11th - Thursday		Elvin White Elvin White , Greg Mann Greg Mann , Vinh Tram Vinh Tram	ISG	Book now

CLOUD

Title	Session Type	Day	When	Delivered By	Track	Register
Migration to Cloud	working-session	Thu		David Prince David Prince	Cloud Security	Book now
Threat Modeling - Cloud Functions as Detonation Chambers	training-session			Dinis Cruz Dinis Cruz	Threat Modeling

CLOUDFORMATION

Title	Session Type	Day	When	Delivered By	Track	Register
How to provision cloud platforms securely	working-session	Wednesday			Cloud Security
How to provision cloud platforms securely- AWS, CloudFormation, templates	working-session				Cloud Security

COVID SAFE PATHS

Title	Session Type	Day	When	Delivered By	Track	Register
Covid Safe Paths - Threat Modeling Part 1	training-session	4th - Thursday		Dinis Cruz Dinis Cruz , Mark Carney Mark Carney , Jay Harris Jay Harris , Adam Leon Smith Adam Leon Smith	Covid	Book now
Covid Safe Paths - Threat Modeling Part 2	training-session	5th - Friday		Dinis Cruz Dinis Cruz , Adam Leon Smith Adam Leon Smith	Covid	Book now

DOCUMENTATION

Title	Session Type	Day	When	Delivered By	Track	Register
Open control frameworks in Media and Entertainment	working-session	Thu		Ben Schofield Ben Schofield	Cloud Security	Book now

GLASSWALL

Title	Session Type	Day	When	Delivered By	Track	Register
Hacking Glasswall SDk & Cloud - Part 2	training-session	5th - Friday		Dinis Cruz Dinis Cruz	Hacking and Defending	Book now
NCSC - Safe File Import Pattern	training-session	11th - Thursday		Paul Burke Paul Burke , Tim Lunn Tim Lunn		Book now
Office Documents ISG - How to automate Inspection and Sanitization Guidance testing	training-session	11th - Thursday		Greg Mann Greg Mann , Vinh Tram Vinh Tram , Elvin White Elvin White	ISG	Book now
PDF ISG - Inspection and Sanitization Guidance for Portable Document Format and JPG ISG - How to automate Inspection and Sanitization Guidance testing	training-session	12th - Friday		Vinh Tram Vinh Tram , Greg Mann Greg Mann , Elvin White Elvin White	ISG	Book now
Threat Modeling - Cloud Functions as Detonation Chambers - Part 1	training-session	4th - Thursday		Dinis Cruz Dinis Cruz	Hacking and Defending	Book now

HACKING DEFENDING

Title	Session Type	Day	When	Delivered By	Track	Register
Covid Apps Analysis	training-session	1st - Monday		Mark Carney Mark Carney , Jay Harris Jay Harris	Covid	Book now
Vulnerabilities review of an Covid Application	user-session	3rd - Wednesday		Mike Minchinton Mike Minchinton	Covid	Book now

HOW DO WE GET CHAMPS

Title	Session Type	Day	When	Delivered By	Track	Register
Security Champions - Collaboration between Security team and Security champions- It goes both ways	working-session			Michael Man Michael Man , James Bore James Bore , Abbas Haidar Abbas Haidar	DevSecOps

ICAP

Title	Session Type	Day	When	Delivered By	Track	Register
Threat Modeling - ICAP	training-session	12th - Friday		Dinis Cruz Dinis Cruz , Paul Gerard Paul Gerard	Threat Modeling	Book now
Threat Modeling - ICAP Post-Summit Session	training-session	2nd - Thursday		Dinis Cruz Dinis Cruz , Paul Gerard Paul Gerard , Petra Vukmirovic Petra Vukmirovic , Abbas Haidar Abbas Haidar	Threat Modeling	Book now

IDENTITY MANAGEMENT

Title	Session Type	Day	When	Delivered By	Track	Register
Multi-cloud security patterns	working-session				Cloud Security

NCSC

Title	Session Type	Day	When	Delivered By	Track	Register
NCSC - Exercise in a box	working-session	Thu		Steve O , Peter G , Joshua H	CISO and Risk Management	Book now

O365 SECURITY ANTI PHISHING BEST PRACTISE

Title	Session Type	Day	When	Delivered By	Track	Register
O365 Security - Anti-Phishing best practises and Demo	training-session	11th - Thursday		Abbas Haidar Abbas Haidar	Hacking and Defending	Book now

OWASP

Title	Session Type	Day	When	Delivered By	Track	Register
Applying OWASP Web Security Testing Guide (Vandana V)	training-session	12th - Friday		Vandana Verma Vandana Verma	OWASP Projects	Book now
Lightning Demo - Threatmodel tool demos	user-session	Tue		Steven Wierckx Steven Wierckx , Mike Goodwin Mike Goodwin	Threat Modeling	Book now
MultiJuicer Introduction	training-session	2nd - Tuesday		Jannik Hollenbach Jannik Hollenbach , Robert Seedorff Robert Seedorff	OWASP Juice Shop	Book now
OSS user stories for all ASVS requirements that people can download and use	working-session	Fri		Mario Platt Mario Platt	OWASP ASVS	Book now
OWASP Juice Shop Cocktail Party - Ask us anything ( AUA )	user-session	Mon		Bjoern Kimminich Bjoern Kimminich , Jannik Hollenbach Jannik Hollenbach , Timo Pagel Timo Pagel	OWASP Juice Shop	Book now
OWASP Juice Shop Deep Dive - Integration	user-session	Mon		Bjoern Kimminich Bjoern Kimminich	OWASP Juice Shop	Book now
OWASP Juice Shop Deep Dive - MultiJuicer	user-session	Mon		Jannik Hollenbach Jannik Hollenbach , Robert Seedorff Robert Seedorff	OWASP Juice Shop	Book now
OWASP Juice Shop Deep Dive - Theming	user-session	Mon		Bjoern Kimminich Bjoern Kimminich	OWASP Juice Shop	Book now
OWASP Juice Shop Introduction	training-session	11th - Thursday		Bjoern Kimminich Bjoern Kimminich	OWASP Juice Shop	Book now
OWASP Juice Shop introduction	training-session	2nd - Tuesday		Bjoern Kimminich Bjoern Kimminich	OWASP Juice Shop	Book now
OWASP Projects	track
What OWASP tools/projects we already have and what are we missing to deliver secure devops pipelines	working-session	Fri		Daniel Cuthbert Daniel Cuthbert , Andrew van der Stock Andrew van der Stock	OWASP ASVS	Book now

OWASPPLAYBOOKS

Title	Session Type	Day	When	Delivered By	Track	Register
What OWASP projects we already have and what are we missing to deliver secure devops pipeline	working-session			Andrew van der Stock Andrew van der Stock	DevSecOps

PROXY

Title	Session Type	Day	When	Delivered By	Track	Register
Threat Modeling - ICAP	training-session	12th - Friday		Dinis Cruz Dinis Cruz , Paul Gerard Paul Gerard	Threat Modeling	Book now
Threat Modeling - ICAP Post-Summit Session	training-session	2nd - Thursday		Dinis Cruz Dinis Cruz , Paul Gerard Paul Gerard , Petra Vukmirovic Petra Vukmirovic , Abbas Haidar Abbas Haidar	Threat Modeling	Book now

REQUIREMENTS

Title	Session Type	Day	When	Delivered By	Track	Register
Making the business case for DevSecOps (8PM)	working-session	Tue		David Prince David Prince , Leila Rao Leila Rao	DevSecOps	Book now

RISK

Title	Session Type	Day	When	Delivered By	Track	Register
Risk Mapping - Applying Risk overlay with maps and security decision making	working-session	Tue		Alan Jenkins Alan Jenkins , Avi Douglen Avi Douglen , Ben Schofield Ben Schofield , Simon Wardley Simon Wardley	Wardley Maps	Book now

SAFE AS A RESOURCE

Title	Session Type	Day	When	Delivered By	Track	Register
OSS user stories for all ASVS requirements that people can download and use	working-session	Fri		Mario Platt Mario Platt	OWASP ASVS	Book now

SECURITY PIPELINE

Title	Session Type	Day	When	Delivered By	Track	Register
Chef InSpec (Compliance as Code)	training-session	2nd - Tuesday		Joshua Jebaraj Joshua Jebaraj	Cloud Security	Book now

STACKPOLICY

Title	Session Type	Day	When	Delivered By	Track	Register
Open control frameworks in Media and Entertainment	working-session	Thu		Ben Schofield Ben Schofield	Cloud Security	Book now

TRACEABILITY

Title	Session Type	Day	When	Delivered By	Track	Register
Making the business case for DevSecOps (8PM)	working-session	Tue		David Prince David Prince , Leila Rao Leila Rao	DevSecOps	Book now
Multi-cloud Compliance as code	working-session	Thu		David Prince David Prince	Cloud Security	Book now

USER SESSION

Title	Session Type	Day	When	Delivered By	Track	Register
COVID Apps Threat Modeling	working-session	Thu		Jakub Kaluzny Jakub Kaluzny	Covid	Book now