| Title | Track | Year | Month |
|---|
| Containers | Cloud Security | | |
| GCP Security | Cloud Security | | |
| SOCIAL - Cards Against Humanity game | Social | | |
| Threat Modeling Introduction (Wed) | Threat Modeling | | |
| Vulnerabilities review of an Covid Application | Covid | | |
| Wardley Maps First Aid | Wardley Maps | | |
| “Shift Left” Isn’t What You Expected | Risk and Governance | 2023 | Apr |
| A call for Metrics | DevSecOps | 2024 | Jan |
| A Cyber Security Roadmap: How To? | Governance | 2022 | May |
| A perspective on automating 3rd party risk assessment. How to free up your staff, and improve speed by automaton with guardrails. | Governance | 2021 | Apr |
| A workshop on DAST and how to put it into your pipeline | DevSecOps | 2022 | May |
| Abuse Tests for Developers | DevSecOps | 2022 | Jan |
| Addressing the cyber unemployment crisis; a positive outlook | Governance | 2024 | Jun |
| Advanced Persistent Threat (APT) Mapping and Mitigation | Wardley Maps | 2024 | Sep |
| Adversary Simulation: Close the Gaps in Your Security Posture | Governance | 2022 | May |
| Agile Threat Modeling with Open-Source Tools | Threat Modeling | 2021 | Jun |
| Agile Threat Modeling with Open-Source Tools | Threat Modeling | 2021 | Nov |
| AI Agents for Cyber Threat Intelligence | Threat Modeling | 2024 | Jun |
| AI and AppSec: are we finally on the verge of the big breakthrough? | DevSecOps | 2024 | Dec |
| AI ML European regulation | | 2021 | May |
| AI-Driven Threat Modelling with STRIDE GPT | Threat Modeling | 2024 | Jan |
| Alert Readiness Framework | Governance | 2024 | Jan |
| AMA with Adam Shostack | Threat Modeling | 2022 | Jul |
| AMA with Alyssa Miller | Education | 2022 | Dec |
| AMA with Brook Schoenfield | Governance | 2022 | Mar |
| AMA with Gary McGraw | Governance | 2022 | Sep |
| AMA with Jeremiah Grossman | DevSecOps | 2021 | Jan |
| AMA with Jim Manico | DevSecOps | 2021 | Jan |
| AMA with Mark Curphey | Governance | 2022 | Sep |
| AMA with OWASP Board | | 2021 | Jan |
| AMA with Simon Wardley | Wardley Maps | 2020 | Dec |
| An AppSec guide to practical cryptography | DevSecOps | 2023 | Feb |
| An Interactive Session on Teamwork and Collaboration Tools | Governance | 2023 | Feb |
| Anticipating the Future: Strengthening App Security through Developer-Centric Foresight | DevSecOps | 2023 | Oct |
| API Security by Design | DevSecOps | 2024 | Jan |
| Application Security vulnerabilities - measurements, maturity magic - Vulnerability Framework Project | DevSecOps | 2023 | Apr |
| Applying Zero Trust Principles to OT/ICS (Operational Technology & Industrial Control Systems) | DevSecOps | 2022 | Jul |
| AppSec Threats Deserve Their Own Incident Response Plan | DevSecOps | 2023 | Oct |
| AppSec Trending & recommendations:Fixing Security in Cloud & Appsec | DevSecOps | 2022 | May |
| Are our users always smarter than AI? | Risk and Governance | 2023 | Jun |
| ASVS User Stories creation | Owasp | 2021 | |
| ASVS User Stories creation | Owasp | 2021 | May |
| ASVS User Stories creation | Owasp | 2021 | May |
| ASVS User Stories creation - Part 6 | Owasp | 2021 | Jun |
| ASVS User Stories creation - Part 7 | Owasp | 2021 | Sep |
| ASVS User Stories creation - Part 8 | OWASP | 2021 | Nov |
| ASVS User Stories creation - Part 9 | OWASP | 2022 | Jan |
| ASVS User Stories creation (part 1) | | 2021 | Apr |
| ASVS User Stories creation (part 2) | | 2021 | Apr |
| Attack Surface Mapping | Governance | 2024 | Jun |
| AttackGen: Harnessing Language Models for Cybersecurity Simulations | DevSecOps | 2023 | Oct |
| Automating Architectural Risk Analysis with the Open Threat Model format | Threat Modeling | 2022 | Mar |
| Automating SOC2 using Jira | Governance | 2021 | Jan |
| Automation and scale with OWASP ZAP | DevSecOps | 2022 | Dec |
| Awards and Networking / drinks time | Social | 2022 | Jul |
| AWS Security Hub (Panel) | DevSecOps | 2023 | Feb |
| Bakeoff - Anti-virus vs CDR vs Sandboxing | Content Disarm & Reconstruction | 2020 | Jun |
| Battling the coming wave, Understanding cybersecurity in 2024 | Governance | 2024 | Jan |
| Beat Alert Fatigue with Cyber Asset Relationship Graphs | DevSecOps | 2022 | May |
| Beginners Threat Modeling | Threat Modeling | 2021 | Jun |
| Behaviour Change and Awareness | Risk and Governance | 2023 | Apr |
| Blockchain and its Security | Misc | 2022 | Sep |
| Bridging the skill gap and hiring challenges in cyber | Governance | 2022 | Jul |
| Build state of the art SOC with Mitre Attack | Governance | 2022 | Mar |
| Building Security Champions | Governance | 2022 | Mar |
| Can we trust AI with our Cyber defences? | Governance | 2024 | Dec |
| CDC - Collective Defence Clusters | Governance | 2022 | May |
| CDR API Standard | CDR | 2021 | May |
| CDR Engine Standard (Part 1) | CDR | 2020 | Dec |
| CDR Engine Standard (Part 2) | CDR | 2021 | Jan |
| Challenges in IoT security: from infinite recommendations to a plethora of implementations | Governance | 2021 | Jun |
| Championing Security: Scaling Security At Every Level | Governance | 2024 | March |
| ChatGPT and GenAI Privacy - Massive Uncertainty and Massive Opportunity | DevSecOps | 2023 | Oct |
| ChatGPT for Security Teams - What & How | ChatGPT | 2023 | Jun |
| ChatGPT impact on Cyber and Application Security (Panel) | | 2023 | Apr |
| ChatGPT: Cyber Risks & How to Harden Against Them | ChatGPT | 2023 | Apr |
| Check out their (lateral) moves! The importance of blast radius in DevSecOps | DevSecOps | 2021 | Nov |
| CISO Role in 2023 (Panel) | Governance | 2023 | Feb |
| CISO Roundtable - Mar 2022 | Governance | 2022 | Mar |
| Cloud PenTesting Concepts , CloudGoat Walkthrough , Securing Cloud Endpoints | Cloud-Security | 2022 | Mar |
| Cloud Security Best Practices: Navigating the Evolving Landscape (Panel) | Cloud Security | 2024 | Feb |
| Cloud-Native Security Tools: Enhancing Cloud Protection Capabilities(Panel) | DevSecOps | 2023 | Oct |
| Combatting Adversarial AI: The Role of CISOs, CTOs and the Top Management in Defending Against AI-Powered Cyberattacks(Panel) | Governance | 2024 | Dec |
| Compliant Kubernetes - Case Study | DevSecOps | 2021 | Apr |
| Conducting effective Table Top Exercises for Cyber Incident Response Practise (Panel) | Governance | 2023 | Apr |
| Content Delivery & Security Association | Governance | 2021 | Sep |
| Context is king; Prioritization is queen, and CVSS is dead | DevSecOps | 2022 | Dec |
| Continuous Access Control with OPAL and Cedar | DevSecOps | 2023 | Jun |
| Cooking the perfect docker container for a react app | Kubernetes | 2021 | Nov |
| Cooking the perfect docker container for a react app Part 2 | DevSecOps | 2022 | Jan |
| Creating 1 million kubernetes pods - Lessons learned | DevSecOps | 2021 | Apr |
| Creating a Scalable API Test Framework using AWS and Elastic | DevSecOps | 2021 | Nov |
| Creating Secure Builds of Containers | DevSecOps | 2020 | Dec |
| Creating the GenAI Athena Bot from the theCyberboardroom.com | DevSecOps | 2023 | Oct |
| Crowdsourcing Security Talent | Governance | 2022 | Dec |
| CVE CWE CVSS CWSS where do I look first? | Governance | 2021 | Nov |
| CVSS, CVE, Vulnerabilities and the land of broken dreams | DevSecOps | 2022 | Sep |
| Cyber Insurance | Governance | 2022 | Sep |
| Cyber Insurance - a deeper approach | Governance | 2022 | Dec |
| Cybersecurity assessments: finding the way forward | Risk and Governance | 2023 | Apr |
| Data Culture | Wardley Maps | 2022 | Sep |
| DATA Driven approach on vulnerabilities Appsec vs Infra (Panel) | Governance | 2023 | Oct |
| Data Integrity and Information Integrity-they are enterprise not just CISO issues | Governance | 2022 | Dec |
| Defense in Depth Layers: Practical Security for LLMs on Google Cloud | Governance | 2024 | Sep |
| Demystifying Risk and the Future of Vulnerability Management | Governance | 2022 | Dec |
| Dependency Management and Supply Chain Security | Governance | 2022 | May |
| Deterministic GenAI Outputs with Provenance | GenAI | 2024 | Sep |
| Developer Driven Security in high-growth environments | Governance | 2023 | Feb |
| Developing Secure Multi-Cloud Kubernetes Applications | Kubernetes | 2021 | Nov |
| DevSecOps beyond CI/CD pipelines | DevSecOps | 2022 | Sep |
| DevSecOps for Modern Identity and Access Management | DevSecOps | 2022 | Sep |
| DevSecOps Maturity Model Updates | DevSecOps | 2023 | Oct |
| Distroless Containers | Owasp | 2021 | May |
| Docker For Security Professionals | DevSecOps | 2022 | May |
| Doing Compliance Differently: Policies as Code, Evidence-based compliance through automation | DevSecOps | 2022 | Mar |
| DSOMM News and Belts-Workshop | DevSecOps | 2021 | Sep |
| Embrace Secure Defaults, Block Anti-patterns, and Kill Bug Classes with Semgrep | DevSecOps | 2020 | Dec |
| Emerging Roles in Cybersecurity: Adapting Recruitment Strategies(Panel) | Governance | 2023 | Dec |
| Encrypted Calendars - the need and consequences | Governance | 2020 | Dec |
| Ethical Hacking Challenges: Evaluating Practical Skills in Selection Processes (Panel | Governance | 2024 | Feb |
| Finding and Hiring Security Talent (Panel) | | 2023 | Feb |
| For bugs start with a passing test (and 99% code coverage) | Owasp | 2021 | May |
| From Kubernetes to a Portable Secure and Compliant Platform: Databases, Message Queues and Caches | Kubernetes | 2022 | Jan |
| Fundamentals of Cloud Security, Threat Identification, AWS Services | DevSecOps | 2022 | Jan |
| GitHub Security Tools (Panel) | | 2023 | Feb |
| GitLab Security Tools (Panel) | | 2023 | Dec |
| Going Multicloud: Securing Human and Service Identities in AWS vs Azure | DevSecOps | 2021 | Nov |
| Graph Based Vulnerability Management | Governance | 2021 | Apr |
| Hack your own app! | DevSecOps | 2022 | May |
| Hacking OAuth: An Attacker's View of Your OAuth Flows | DevSecOps | 2024 | Dec |
| Hacking threat modeling | Threat Modeling | 2021 | Sep |
| Hands-on Workshop: Utilize OWASP DSOMM App to Define and Deliver Your Own Program | Governance | 2024 | Sep |
| Hiring manager insights to secure your next security role/team member | Governance | 2022 | Sep |
| How can we make Grafana a great open source security tool? | DevSecOps | 2022 | May |
| How do male and female voices project authority in Cyber | Governance | 2022 | Jul |
| How GenAI Agents will Dramatically Change our Industry | DevSecOps | 2023 | Oct |
| How Owasp can help Security Teams - DevSecOps | Owasp | 2020 | Dec |
| How Owasp can help Security Teams - DevSecOps | | 2021 | Jan |
| How Owasp can help Security Teams - Guides and Testing Tools | Owasp | 2020 | Dec |
| How Owasp can help Security Teams - Guides and Testing Tools | | 2021 | Jan |
| How to become a cyber security professional? (i.e. where to start?) | Education and Training | 2022 | Sep |
| How to Operate a Secure Kubernetes platform | DevSecOps | 2023 | Feb |
| How to overcome DNS security threats | Governance | 2022 | May |
| How to perform threat assessments, the right way! | Threat Modeling | 2024 | Jan |
| How Variant Analysis and CodeQL helped secure the fight against COVID-19 | DevSecOps | 2021 | Jan |
| How we build a security automation software utilizing open-source components (Betterscan.io) | DevSecOps | 2023 | Feb |
| Ideas for Graph DBs like Neo4j | Governance | 2022 | Mar |
| Improving DevOps using GenAI: Understanding, Visualizing, and Optimizing | Governance | 2024 | Dec |
| Improving Mental Health & Security Outcomes Through Flow States | Governance | 2024 | Sep |
| In the moment nudges – What? How? Applying nudge theory to awareness | Risk and Governance | 2023 | Jun |
| Incident Response Playbooks (Panel) | | 2023 | Feb |
| Introduction into OWASP DSOMM | | 2021 | Apr |
| IoT and Cyber Threat Intelligence: Staying Ahead of the Curve (Panel) | DevSecOps | 2024 | Feb |
| IoT: pervasive vulnerability, threat landscape and end-users | Threat Modeling | 2022 | Jan |
| Jim and Dinis Talk Appsec | DevSecOps | 2022 | May |
| Jira Schemas and Workflows for AppSec and Risk Management | Governance | 2022 | Jan |
| Keynote - Open Security Summit 2020 | Keynotes | 2020 | Jun |
| Kubernetes Clusters Network Security | | 2023 | Oct |
| Kubernetes Security | DevSecOps | 2022 | May |
| Learn Threat Modeling using the amazing OSS resources | Threat Modeling | 2021 | Nov |
| Lessons learned from trying to create Architecture Diagrams As Code | DevSecOps | 2022 | Mar |
| Let’s go on a DATA with vulnerabilities | Governance | 2023 | Oct |
| Leveraging Artificial Intelligence and Machine Learning in Recruitment(Panel) | Governance | 2024 | Feb |
| Linux (kernel) containerization without Docker/runc/OCI | DevSecOps | 2023 | April |
| Live threat modeling of an "online food ordering" system | Threat Modeling | 2023 | Feb |
| Living off the Land & Fileless Attacks - Move Beyond the "Known Bad" | DevSecOps | 2022 | Dec |
| Low-code access control: Making the complex world of permissions approachable to everyone | DevSecOps | 2022 | Dec |
| Machine Learning in SemGrep: Leveraging AI for Enhanced Static Analysis(Panel) | SemGrep | 2023 | Dec |
| Making ASVS truly yours | OWASP | 2022 | Jan |
| Managing projects using Github Issues and ZenHub | Owasp | 2021 | May |
| Mapping Threat Intelligence: Enhancing Situational Awareness (Panel) | Governance | 2023 | Oct |
| Maturity Mapping: Contextualise change and learning | Wardley Maps | 2021 | Jan |
| Mental Health in Cyber Security | Governance | 2024 | Jun |
| Mentoring and it's challenges in Cyber Security | Governance | 2022 | Jul |
| Micro, Mid-Range, Macro - How Gen AI Risk Breaks Us | Governance | 2024 | Jun |
| Mitigating Risks Through Open-Source Bitcoin Tracing | DevSecOps | 2021 | Apr |
| Modern Office Spaces | Governance | 2021 | Apr |
| Moldable development with Glamorous Toolkit Part 1 | | 2021 | Mar |
| Moldable development with Glamorous Toolkit Part 2 | | 2021 | Mar |
| Moldable development with Glamorous Toolkit Part 3 | | 2021 | Mar |
| New OSS Projects | Misc | 2021 | Sep |
| OISRU - Open Information Security Risk Universe (Panel) | Governance | 2023 | Feb |
| Open Policy Agent | DevSecOps | 2022 | Dec |
| Open Security Control Testing at Scale | DevSecOps | 2022 | Mar |
| Open Security Summit Awards and plans for 2023 | | 2023 | Dec |
| Open Security Summit Membership Awards | | 2022 | Jan |
| Open source modern access control | DevSecOps | 2022 | May |
| OSS - Celebrating the Community and plans for 2022 | | 2021 | Nov |
| OSS DevSecOps projet | DevSecOps | 2021 | Sep |
| OSS OWASP Project | OWASP | 2021 | Sep |
| OSS Semgrep project | Semgrep | 2021 | Sep |
| OSS Threat Modeling and Moldable Development Projects | Threat Modeling | 2021 | Sep |
| Overview of the new DSOMM Application | DevSecOps | 2022 | Sep |
| OWASP DSOMM Enhancement Workshop | DevSecOps | 2021 | Apr |
| Owasp O2 Platform tools you can use today | | 2021 | Apr |
| OWASP Security Bot - Hypercharge your Cloud Automation | OWASP | 2022 | Jan |
| OWASP Top Ten Part 2 | DevSecOps | 2022 | Mar |
| OWASP Wrong Secrets: project goals, under the hood, and where do we go from here? | OWASP | 2022 | Jan |
| OWASP WrongSecrets: a journey into secret management failures | Governance | 2024 | Jan |
| OWASP WrongSecrets: define the future challenges together | Governance | 2024 | Jan |
| Panel - Prioritizing Risks and Vulnerabilities based on Context | Risk and Governance | 2021 | Nov |
| Panel - Wardley Maps in Cyber Security | | 2023 | Feb |
| Parsec-Hardware security at your fingertips | DevSecOps | 2022 | Mar |
| Permission Models As Code - Securing the Entire Stack | DevSecOps | 2022 | Sep |
| Playing at Security: Designing, building, and running tabletop scenarios for fail-safe incident handling and incident response training | Secure by Scenario | 2020 | Nov |
| Positive Security models and Rebuilding into a "Known Good" state | CDR | 2021 | May |
| Practical approach/considerations to developing a cybersecurity program | Governance | 2022 | Dec |
| Predicting the rise and fall of an open source project | Governance | 2022 | Jan |
| Privacy As Code: Open-Source Developer Tools For Data Privacy | DevSecOps | 2022 | Jan |
| Privacy-The Challenges in Post Tornado Cash World | DevSecOps | 2022 | Dec |
| Product Permissions - Common Pitfalls and How Not to Fall For Them | Governance | 2022 | Jul |
| Protect Your Application, Not Just the Network. Add Zero Trust Superpowers to Your Critical Applications and Systems | DevSecOps | 2023 | Oct |
| Protecting Critical Data, through the implementation of Information Security Management System to meet compliance | Governance | 2022 | Jul |
| Purple Teaming with OWASP PurpleTeam | DevSecOps | 2022 | Mar |
| Pyroscope internals and Using Pyroscope for real-time view of Cloud/Serverless Applications | DevSecops | 2021 | Mar |
| Quantifying Usability In Security Designs and Risk Assessments | Governance | 2022 | Dec |
| Ransomware Resilience: Strategies for Prevention and Recovery (Panel) | DevSecOps | 2024 | Feb |
| Reciprocity: Tales of an Anthropologist in Cybersecurity | Governance | 2021 | Jun |
| Refresher on Security Labels | Security Labels | 2020 | Nov |
| Regulatory Developments in Cybersecurity(Panel) | Governance | 2024 | Dec |
| Remote Threat Modeling | Threat Modeling | 2021 | Jan |
| Resilience Engineering, Safety Science and Systems thinking - new tools for the complex world | Governance | 2022 | Jul |
| Rise of Automotive Attacks (Panel Discussion) | Governance | 2023 | Jun |
| Risk Acceptance and OISRU (Panel) | Risk and Governance | 2023 | Dec |
| Risk Communication: Bridging the Gap between Risk Professionals and Executives (Panel) | Governance | 2023 | Oct |
| Risk treatment planning in modern tech space (Panel) | Governance | 2023 | Apr |
| Rules & Recommendations: Are we pushing our new IoT device out correctly? | Governance | 2021 | Jun |
| Scaling CyberSecurity teams using GenAIs and FMs | Governance | 2024 | Jun |
| Scaling Incident Response using Jira, Jupyter and GSuite | DevSecOps | 2021 | Jan |
| Scaling Kubernetes - One Pod per file | DevSecOps | 2021 | Jun |
| Scaling Threat Models visualisations using PlantUML and VisJS | DevSecOps | 2020 | Dec |
| Scaling Your Security Program with Semgrep | DevSecOps | 2021 | Jun |
| Schrems II - Finding workable solutions | Schrems II | 2020 | Dec |
| Schrems II - Finding workable solutions | Schrems II | 2021 | Jan |
| Schrems II - Transfer risk triage and other adventures in scoping | Schrems II | 2021 | Mar |
| SDA SE Cluster Scanner is going Open Source | DevSecOps | 2021 | Mar |
| Secure by Scenario | Secure by Scenario | 2020 | Oct |
| Secure By Scenario | Secure by Scenario | 2021 | Apr |
| Secure By Scenario | Secure by Scenario | 2021 | Jan |
| Secure By Scenario | Secure By Scenario | 2021 | Jun |
| Secure By Scenario | Secure by Scenario | 2021 | Mar |
| Secure By Scenario | Secure by Scenario | 2021 | May |
| Secure by Scenario - Data breach at the North Pole | Secure by Scenario | 2020 | Dec |
| Secured Digital Workspace | DevSecOps | 2022 | May |
| Securing CI/CD runners through eBPF agent | DevSecOps | 2024 | Jan |
| Security as Code: A DevSecOps Approach | DevSecOps | 2022 | Mar |
| Security business enabler: How to align your security program to business goals | Governance | 2022 | Dec |
| Security Champions - Sharing Experiences | Governance | 2022 | May |
| Security Design & Guidance at scale | Governance | 2023 | Feb |
| Security Labels & Schrems II | Security Labels | 2020 | Nov |
| Security on autonomous systems - a long way to go | Governance | 2022 | Mar |
| Security Vendors - Operating Model | | 2023 | Apr |
| Security-Scan your production images | DevSecOps | 2021 | Sep |
| SemGrep in the CI/CD Pipeline: Automating Code Quality and Security Checks (Panel) | Semgrep | 2023 | Dec |
| Shift Smart - risk based approach on appsec | DevSecOps | 2023 | Jun |
| Shift-Right Security: Emphasizing Post-Deployment Monitoring and Response (Panel) | DevSecOps | 2023 | Oct |
| Shodan OSINT Automation to Mass Exploitation of Vulnerabilities | DevSecOps | 2022 | Jan |
| SOAR - Security Orchestration, Automation, and Response (Panel) | DevSecOps | 2023 | Feb |
| SOC2 Certification for SaaS companies | Governance | 2020 | Dec |
| Social Engineering Attacks: Strengthening Human Firewall(Panel) | Secure by Scenario | 2023 | Dec |
| Software Security and Threat Modelling | Threat Modeling | 2022 | Jan |
| Sonar Cube Integrations with GitHub | DevSecOps | 2020 | Dec |
| Spreading security across the SDLC (with semgrep and other tools) | DevSecOps | 2021 | Mar |
| Starbase - Graph-based security analysis for everyone | DevSecOps | 2022 | Mar |
| Stop Committing Your Secrets - Git Hooks To The Rescue | DevSecOps | 2024 | Jan |
| Stories of Female empowerment in Cyber Security | Governance | 2024 | Sep |
| Successes and Failures at Security Training | Governance | 2022 | Sep |
| Supply Chain Security: Strengthening Resilience Against Third-Party Risks(panel) | Governance | 2024 | Jun |
| Taking responsibility for your software - How to simply monitor your solutions for known vulnerabiities and keep your customers informed | Governance | 2024 | Dec |
| Taking Your DevOps Tooling To The Dark Side | DevSecOps | 2023 | Jun |
| Technical Leadership and Influence | Governance | 2022 | Jan |
| Technics to limit hallucinations when using a LLM solution like ChatGPT | Governance | 2024 | Jan |
| Testing Ephemeral Kubernetes Applications | DevSecOps | 2021 | Jun |
| The Business case for Security Champions | Governance | 2022 | Mar |
| The challenge of auditing smart contract audit, especially ones with more advanced cryptographic primitives such as ZKP or MPC | Governance | 2022 | Jul |
| The Challenges With DNS Security | Governance | 2022 | Feb |
| The Cloud Security Architects aka the knights of the cloud kingdom - Panel Discussion | Cloud-Security | 2022 | Mar |
| The Cybersecurity Talent Gap: Addressing the Growing Skills Shortage(Panel) | Governance | 2023 | Oct |
| The Human Firewall | Governance | 2022 | May |
| The Modern Data Broker Landscape | Governance | 2021 | Apr |
| The next Insider Threat isn't your staff! | Governance | 2022 | May |
| The OWASP Top Ten 2021 Release | OWASP | 2021 | Nov |
| The RATs and CATs of Risk - Graph based Risk Framework | Governance | 2021 | Apr |
| The Rise of AI Security Engineers | DevSecOps | 2024 | Jun |
| The Survival Guide to implementing Threat Modeling | Threat Modeling | 2022 | Dec |
| The Truth about suffering a cyber-attack | Risk and Governance | 2023 | Apr |
| The value of CTO/CISOs and how to make it work | Governance | 2022 | Jul |
| Threat Hunting and Detection Strategies: Proactive Defense in Action (panel) | Threat Modeling | 2024 | Jun |
| Threat mapping - A workshop discussion | Threat Modeling | 2021 | Nov |
| Threat Model for an Autonomous System | Threat Modeling | 2022 | May |
| Threat Modeling Failure Modes | Threat Modeling | 2022 | Sep |
| Threat Modeling for Schrems II | Threat Modeling | 2020 | Nov |
| Threat Modeling for Serverless Architectures: Identifying Risks in a Serverless World (Panel) | Threat Modeling | 2023 | Oct |
| Threat Modeling Glasswall Cloud SDK | Threat Modeling | 2021 | May |
| Threat Modeling Glasswall Desktop | Threat Modeling | 2020 | Dec |
| Threat Modeling Glasswall Folder-to-Folder Plugin | Threat Modeling | 2021 | May |
| Threat Modeling Kata | Threat Modeling | 2023 | Apr |
| Threat Modeling Kata IV | Threat Modeling | 2024 | Jan |
| Threat Modeling Kata Part 2 | Threat Modeling | 2023 | Jun |
| Threat Modeling Kata Part 3 | Threat Modeling | 2023 | Oct |
| Threat Modeling Kata VI | DevSecOps | 2024 | Dec |
| Threat Modeling Manifesto | Threat Modeling | 2020 | Dec |
| Threat Modeling Playbook | Threat Modeling | 2020 | Oct |
| Threat Modeling the LLM Pipeline | Threat Modeling | 2024 | Sep |
| Threat Modeling Using Glamorous Toolkit | Threat Modeling | 2021 | May |
| Threat Modeling V | DevSecOps | 2024 | Jun |
| Threat Modelling Adoption in Disciplines Other Than Development | Threat Modeling | 2022 | Sep |
| Threat Modelling as Code and Threat Modelling Challenges | Threat Modeling | 2022 | Jan |
| Threat Modelling as Code v2 | Threat Modeling | 2022 | Dec |
| Threat Models and Wardley Maps | Threat Modeling | 2022 | Mar |
| Threats categorization, pitfalls, different ways of applying it in practise | Threat Modeling | 2021 | Jan |
| Tune your Toolbox for Velocity and Value (SCA) | DevSecOps | 2022 | Mar |
| Turning the Tide : How to convince Senior Management and Ownership to invest in Cybersecurity | Governance | 2024 | Jan |
| Use GenAI to Understand and Transform Content, Not to Create It | GenAI | 2024 | Sep |
| Using AppMap runtime code visualizations to scout for security flaws | DevSecOps | 2022 | Mar |
| Using DataDog for Incident Response (Panel) | | 2023 | Feb |
| Using Domain Specific Languages (DSL) for testing | DevSecOps | 2021 | Jan |
| Using Elastic and Kibana for Scale and Security Visualisation | DevSecOps | 2021 | Nov |
| Using Elastic for Incident Response (Panel) | | 2023 | Feb |
| Using GenAI to Create Personalized Cybersecurity News Feeds | Governance | 2024 | Dec |
| Using GenAI to scale CISO's reporting workflows | Governance | 2024 | Sep |
| Using JIRA to manage and accept Risks (Panel) | | 2023 | Feb |
| Using Jira to Map and Visualise Risks | Risk and Governance | 2021 | Nov |
| Using Kubernetes to create a scalable Security Proxy solution | DevSecOps | 2020 | Oct |
| Using Open Source AppMap for Runtime Security Analysis | DevSecOps | 2022 | Dec |
| Using OWASP Nettacker for Recon and Vulnerability Scanning | DevSecOps | 2022 | Jul |
| Using Presentations instead of CVs and Creating Diverse Security Teams | Governance | 2022 | Mar |
| Using Splunk for Incident Response (Panel) | DevSecOps | 2023 | Dec |
| Using Teleport to Secure SSH and Kubernetes Access | DevSecOps | 2021 | Nov |
| Using VPC Flows to monitor EC2 Traffic | DevSecOps | 2021 | Apr |
| Utilising Security Champions Product Teams | Governance | 2024 | Jan |
| Vendor Security Management using Jira | Governance | 2021 | Jun |
| Virtual Pub | Miscellenous | 2020 | Oct |
| Wardley Maps and services model at Glasswall | Wardley Maps | 2020 | Dec |
| We need second-order thinking in security | Governance | 2022 | Dec |
| Web application's language negotiation in 2023 | Governance | 2023 | Jun |
| What to do in preparation for a Threat Model | Governance | 2021 | May |
| When C4s meet Threat Models | Threat Modeling | 2022 | Mar |
| Who Goes There? Actively Detecting Intruders With Cyber Deception Tools | Governance | 2024 | Jan |
| Why Wardley Maps changed how I think | Wardley Maps | 2022 | Jul |
| Why you don't need to be technical to get into security | Misc | 2022 | Sep |
| Women in Cyber Security: Personal experiences and how to be an Ally | Governance | 2022 | Dec |
| Women kick off in Cybersecurity | Governance | 2023 | Apr |
| WordPress: Hacking and Securing | DevSecOps | 2022 | Dec |
| Workshop on creating C# Tools using the Owasp O2 Platform | | 2021 | May |
| Yor:Automated IaC tag and trace | DevSecOps | 2021 | Jun |
| Zero Trust Architecture: Strengthening Cloud Security Posture (Panel) | Governance | 2023 | Oct |
| Zero Trust Database Access Using OpenZiti and JDBC | DevSecOps | 2023 | Apr |
| Zero trust in distributed media workflows for Hollywood | Governance | 2024 | Jun |
| Zero Trust Network Access Framework | DevSecOps | 2022 | Jul |
