Security Labels

Sessions focused on exploring the concept of Security Labels

TitleTrackYearMonth
ContainersCloud Security
GCP SecurityCloud Security
SOCIAL - Cards Against Humanity gameSocial
Threat Modeling Introduction (Wed)Threat Modeling
Vulnerabilities review of an Covid ApplicationCovid
Wardley Maps First AidWardley Maps
“Shift Left” Isn’t What You ExpectedRisk and Governance2023Apr
A call for MetricsDevSecOps2024Jan
A Cyber Security Roadmap: How To?Governance2022May
A perspective on automating 3rd party risk assessment. How to free up your staff, and improve speed by automaton with guardrails.Governance2021Apr
A workshop on DAST and how to put it into your pipelineDevSecOps2022May
Abuse Tests for DevelopersDevSecOps2022Jan
Addressing the cyber unemployment crisis; a positive outlookGovernance2024Jun
Adversary Simulation: Close the Gaps in Your Security PostureGovernance2022May
Agile Threat Modeling with Open-Source ToolsThreat Modeling2021Jun
Agile Threat Modeling with Open-Source ToolsThreat Modeling2021Nov
AI ML European regulation2021May
AI-Driven Threat Modelling with STRIDE GPTThreat Modeling2024Jan
Alert Readiness FrameworkGovernance2024Jan
AMA with Adam ShostackThreat Modeling2022Jul
AMA with Alyssa MillerEducation2022Dec
AMA with Brook SchoenfieldGovernance2022Mar
AMA with Gary McGrawGovernance2022Sep
AMA with Jeremiah GrossmanDevSecOps2021Jan
AMA with Jim ManicoDevSecOps2021Jan
AMA with Mark CurpheyGovernance2022Sep
AMA with OWASP Board2021Jan
AMA with Simon WardleyWardley Maps2020Dec
An AppSec guide to practical cryptographyDevSecOps2023Feb
An Interactive Session on Teamwork and Collaboration ToolsGovernance2023Feb
Anticipating the Future: Strengthening App Security through Developer-Centric ForesightDevSecOps2023Oct
API Security by DesignDevSecOps2024Jan
Application Security vulnerabilities - measurements, maturity magic - Vulnerability Framework ProjectDevSecOps2023Apr
Applying Zero Trust Principles to OT/ICS (Operational Technology & Industrial Control Systems)DevSecOps2022Jul
AppSec Threats Deserve Their Own Incident Response PlanDevSecOps2023Oct
AppSec Trending & recommendations:Fixing Security in Cloud & AppsecDevSecOps2022May
Are our users always smarter than AI?Risk and Governance2023Jun
ASVS User Stories creationOwasp2021
ASVS User Stories creationOwasp2021May
ASVS User Stories creationOwasp2021May
ASVS User Stories creation - Part 6Owasp2021Jun
ASVS User Stories creation - Part 7Owasp2021Sep
ASVS User Stories creation - Part 8OWASP2021Nov
ASVS User Stories creation - Part 9OWASP2022Jan
ASVS User Stories creation (part 1)2021Apr
ASVS User Stories creation (part 2)2021Apr
Attack Surface MappingGovernance2024Jun
AttackGen: Harnessing Language Models for Cybersecurity SimulationsDevSecOps2023Oct
Automating Architectural Risk Analysis with the Open Threat Model formatThreat Modeling2022Mar
Automating SOC2 using JiraGovernance2021Jan
Automation and scale with OWASP ZAPDevSecOps2022Dec
Awards and Networking / drinks timeSocial2022Jul
AWS Security Hub (Panel)DevSecOps2023Feb
Bakeoff - Anti-virus vs CDR vs SandboxingContent Disarm & Reconstruction2020Jun
Baseline Threat Modeling for Gen AI and Large Language ModelsThreat Modeling2024Jun
Battling the coming wave, Understanding cybersecurity in 2024Governance2024Jan
Beat Alert Fatigue with Cyber Asset Relationship GraphsDevSecOps2022May
Beginners Threat ModelingThreat Modeling2021Jun
Behaviour Change and AwarenessRisk and Governance2023Apr
Blockchain and its SecurityMisc2022Sep
Bridging the skill gap and hiring challenges in cyberGovernance2022Jul
Build state of the art SOC with Mitre AttackGovernance2022Mar
Building Security ChampionsGovernance2022Mar
CDC - Collective Defence ClustersGovernance2022May
CDR API StandardCDR2021May
CDR Engine Standard (Part 1)CDR2020Dec
CDR Engine Standard (Part 2)CDR2021Jan
Challenges in IoT security: from infinite recommendations to a plethora of implementationsGovernance2021Jun
Championing Security: Scaling Security At Every LevelGovernance2024March
ChatGPT and GenAI Privacy - Massive Uncertainty and Massive OpportunityDevSecOps2023Oct
ChatGPT for Security Teams - What & HowChatGPT2023Jun
ChatGPT impact on Cyber and Application Security (Panel)2023Apr
ChatGPT: Cyber Risks & How to Harden Against ThemChatGPT2023Apr
Check out their (lateral) moves! The importance of blast radius in DevSecOpsDevSecOps2021Nov
CISO Role in 2023 (Panel)Governance2023Feb
CISO Roundtable - Mar 2022Governance2022Mar
Cloud PenTesting Concepts , CloudGoat Walkthrough , Securing Cloud EndpointsCloud-Security2022Mar
Cloud Security Best Practices: Navigating the Evolving Landscape (Panel)Cloud Security2024Feb
Cloud-Native Security Tools: Enhancing Cloud Protection Capabilities(Panel)DevSecOps2023Oct
Compliant Kubernetes - Case StudyDevSecOps2021Apr
Conducting effective Table Top Exercises for Cyber Incident Response Practise (Panel)Governance2023Apr
Content Delivery & Security AssociationGovernance2021Sep
Context is king; Prioritization is queen, and CVSS is deadDevSecOps2022Dec
Continuous Access Control with OPAL and CedarDevSecOps2023Jun
Cooking the perfect docker container for a react appKubernetes2021Nov
Cooking the perfect docker container for a react app Part 2DevSecOps2022Jan
Creating 1 million kubernetes pods - Lessons learnedDevSecOps2021Apr
Creating a Scalable API Test Framework using AWS and ElasticDevSecOps2021Nov
Creating Secure Builds of ContainersDevSecOps2020Dec
Creating the GenAI Athena Bot from the theCyberboardroom.comDevSecOps2023Oct
Crowdsourcing Security TalentGovernance2022Dec
CVE CWE CVSS CWSS where do I look first?Governance2021Nov
CVSS, CVE, Vulnerabilities and the land of broken dreamsDevSecOps2022Sep
Cyber InsuranceGovernance2022Sep
Cyber Insurance - a deeper approachGovernance2022Dec
Cyber Security Vendor Procurement Model(Panel)Governance2024Jun
Cybersecurity assessments: finding the way forwardRisk and Governance2023Apr
Data CultureWardley Maps2022Sep
DATA Driven approach on vulnerabilities Appsec vs Infra (Panel)Governance2023Oct
Data Integrity and Information Integrity-they are enterprise not just CISO issuesGovernance2022Dec
Demystifying Risk and the Future of Vulnerability ManagementGovernance2022Dec
Dependency Management and Supply Chain SecurityGovernance2022May
Developer Driven Security in high-growth environmentsGovernance2023Feb
Developing Secure Multi-Cloud Kubernetes ApplicationsKubernetes2021Nov
DevSecOps beyond CI/CD pipelinesDevSecOps2022Sep
DevSecOps for Modern Identity and Access ManagementDevSecOps2022Sep
DevSecOps Maturity Model UpdatesDevSecOps2023Oct
Distroless ContainersOwasp2021May
Docker For Security ProfessionalsDevSecOps2022May
Doing Compliance Differently: Policies as Code, Evidence-based compliance through automationDevSecOps2022Mar
DSOMM News and Belts-WorkshopDevSecOps2021Sep
Embrace Secure Defaults, Block Anti-patterns, and Kill Bug Classes with SemgrepDevSecOps2020Dec
Emerging Roles in Cybersecurity: Adapting Recruitment Strategies(Panel)Governance2023Dec
Encrypted Calendars - the need and consequencesGovernance2020Dec
Ethical Hacking Challenges: Evaluating Practical Skills in Selection Processes (PanelGovernance2024Feb
Exploring A Risk Approach to Software Supply Chain SecurityDevSecOps2024Jun
Finding and Hiring Security Talent (Panel)2023Feb
For bugs start with a passing test (and 99% code coverage)Owasp2021May
From Kubernetes to a Portable Secure and Compliant Platform: Databases, Message Queues and CachesKubernetes2022Jan
Fundamentals of Cloud Security, Threat Identification, AWS ServicesDevSecOps2022Jan
GitHub Security Tools (Panel)2023Feb
GitLab Security Tools (Panel)2023Dec
Going Multicloud: Securing Human and Service Identities in AWS vs AzureDevSecOps2021Nov
Graph Based Vulnerability ManagementGovernance2021Apr
Hack your own app!DevSecOps2022May
Hacking threat modelingThreat Modeling2021Sep
Hiring manager insights to secure your next security role/team memberGovernance2022Sep
How can we make Grafana a great open source security tool?DevSecOps2022May
How do male and female voices project authority in CyberGovernance2022Jul
How GenAI Agents will Dramatically Change our IndustryDevSecOps2023Oct
How Owasp can help Security Teams - DevSecOpsOwasp2020Dec
How Owasp can help Security Teams - DevSecOps2021Jan
How Owasp can help Security Teams - Guides and Testing ToolsOwasp2020Dec
How Owasp can help Security Teams - Guides and Testing Tools2021Jan
How to become a cyber security professional? (i.e. where to start?)Education and Training2022Sep
How to Operate a Secure Kubernetes platformDevSecOps2023Feb
How to overcome DNS security threatsGovernance2022May
How to perform threat assessments, the right way!Threat Modeling2024Jan
How Variant Analysis and CodeQL helped secure the fight against COVID-19DevSecOps2021Jan
How we build a security automation software utilizing open-source components (Betterscan.io)DevSecOps2023Feb
Ideas for Graph DBs like Neo4jGovernance2022Mar
In the moment nudges – What? How? Applying nudge theory to awarenessRisk and Governance2023Jun
Incident Response Playbooks (Panel)2023Feb
Introduction into OWASP DSOMM2021Apr
IoT and Cyber Threat Intelligence: Staying Ahead of the Curve (Panel)DevSecOps2024Feb
IoT Security: Safeguarding the Internet of Things Ecosystem (panel)Governance2024Jun
IoT: pervasive vulnerability, threat landscape and end-usersThreat Modeling2022Jan
Jim and Dinis Talk AppsecDevSecOps2022May
Jira Schemas and Workflows for AppSec and Risk ManagementGovernance2022Jan
Keynote - Open Security Summit 2020Keynotes2020Jun
Kubernetes Clusters Network Security2023Oct
Kubernetes SecurityDevSecOps2022May
Learn Threat Modeling using the amazing OSS resourcesThreat Modeling2021Nov
Lessons learned from trying to create Architecture Diagrams As CodeDevSecOps2022Mar
Let’s go on a DATA with vulnerabilitiesGovernance2023Oct
Leveraging Artificial Intelligence and Machine Learning in Recruitment(Panel)Governance2024Feb
Linux (kernel) containerization without Docker/runc/OCIDevSecOps2023April
Live threat modeling of an "online food ordering" systemThreat Modeling2023Feb
Living off the Land & Fileless Attacks - Move Beyond the "Known Bad"DevSecOps2022Dec
Low-code access control: Making the complex world of permissions approachable to everyoneDevSecOps2022Dec
Machine Learning in SemGrep: Leveraging AI for Enhanced Static Analysis(Panel)SemGrep2023Dec
Making ASVS truly yoursOWASP2022Jan
Managing projects using Github Issues and ZenHubOwasp2021May
Mapping Threat Intelligence: Enhancing Situational Awareness (Panel)Governance2023Oct
Maturity Mapping: Contextualise change and learningWardley Maps2021Jan
Mental Health in Cyber SecurityGovernance2024Jun
Mentoring and it's challenges in Cyber SecurityGovernance2022Jul
Mitigating Risks Through Open-Source Bitcoin TracingDevSecOps2021Apr
Modern Office SpacesGovernance2021Apr
Moldable development with Glamorous Toolkit Part 12021Mar
Moldable development with Glamorous Toolkit Part 22021Mar
Moldable development with Glamorous Toolkit Part 32021Mar
New OSS ProjectsMisc2021Sep
OISRU - Open Information Security Risk Universe (Panel)Governance2023Feb
Open Policy AgentDevSecOps2022Dec
Open Security Control Testing at ScaleDevSecOps2022Mar
Open Security Summit Awards and plans for 20232023Dec
Open Security Summit Membership Awards2022Jan
Open source modern access controlDevSecOps2022May
OSS - Celebrating the Community and plans for 20222021Nov
OSS DevSecOps projetDevSecOps2021Sep
OSS OWASP ProjectOWASP2021Sep
OSS Semgrep projectSemgrep2021Sep
OSS Threat Modeling and Moldable Development ProjectsThreat Modeling2021Sep
Overview of the new DSOMM ApplicationDevSecOps2022Sep
OWASP DSOMM Enhancement WorkshopDevSecOps2021Apr
Owasp O2 Platform tools you can use today2021Apr
OWASP Security Bot - Hypercharge your Cloud AutomationOWASP2022Jan
OWASP Top Ten Part 2DevSecOps2022Mar
OWASP Wrong Secrets: project goals, under the hood, and where do we go from here?OWASP2022Jan
OWASP WrongSecrets: a journey into secret management failuresGovernance2024Jan
OWASP WrongSecrets: define the future challenges togetherGovernance2024Jan
Panel - Prioritizing Risks and Vulnerabilities based on ContextRisk and Governance2021Nov
Panel - Wardley Maps in Cyber Security2023Feb
Parsec-Hardware security at your fingertipsDevSecOps2022Mar
Permission Models As Code - Securing the Entire StackDevSecOps2022Sep
Playing at Security: Designing, building, and running tabletop scenarios for fail-safe incident handling and incident response trainingSecure by Scenario2020Nov
Positive Security models and Rebuilding into a "Known Good" stateCDR2021May
Practical approach/considerations to developing a cybersecurity programGovernance2022Dec
Predicting the rise and fall of an open source projectGovernance2022Jan
Privacy As Code: Open-Source Developer Tools For Data PrivacyDevSecOps2022Jan
Privacy-The Challenges in Post Tornado Cash WorldDevSecOps2022Dec
Product Permissions - Common Pitfalls and How Not to Fall For ThemGovernance2022Jul
Protect Your Application, Not Just the Network. Add Zero Trust Superpowers to Your Critical Applications and SystemsDevSecOps2023Oct
Protecting Critical Data, through the implementation of Information Security Management System to meet complianceGovernance2022Jul
Purple Teaming with OWASP PurpleTeamDevSecOps2022Mar
Pyroscope internals and Using Pyroscope for real-time view of Cloud/Serverless ApplicationsDevSecops2021Mar
Quantifying Usability In Security Designs and Risk AssessmentsGovernance2022Dec
Ransomware Resilience: Strategies for Prevention and Recovery (Panel)DevSecOps2024Feb
Ransomware Resilience: Strategies for Prevention and Recovery(panel)Governance2024Jun
Reciprocity: Tales of an Anthropologist in CybersecurityGovernance2021Jun
Refresher on Security LabelsSecurity Labels2020Nov
Remote Threat ModelingThreat Modeling2021Jan
Reporting responsibilities for CISOsGovernance2024Jun
Resilience Engineering, Safety Science and Systems thinking - new tools for the complex worldGovernance2022Jul
Rise of Automotive Attacks (Panel Discussion)Governance2023Jun
Risk Acceptance and OISRU (Panel)Risk and Governance2023Dec
Risk Communication: Bridging the Gap between Risk Professionals and Executives (Panel)Governance2023Oct
Risk treatment planning in modern tech space (Panel)Governance2023Apr
Rules & Recommendations: Are we pushing our new IoT device out correctly?Governance2021Jun
Scaling CyberSecurity teams using GenAIs and FMsGovernance2024Jun
Scaling Incident Response using Jira, Jupyter and GSuiteDevSecOps2021Jan
Scaling Kubernetes - One Pod per fileDevSecOps2021Jun
Scaling Threat Models visualisations using PlantUML and VisJSDevSecOps2020Dec
Scaling Your Security Program with SemgrepDevSecOps2021Jun
Schrems II - Finding workable solutionsSchrems II2020Dec
Schrems II - Finding workable solutionsSchrems II2021Jan
Schrems II - Transfer risk triage and other adventures in scopingSchrems II2021Mar
SDA SE Cluster Scanner is going Open SourceDevSecOps2021Mar
Secure by ScenarioSecure by Scenario2020Oct
Secure By ScenarioSecure by Scenario2021Apr
Secure By ScenarioSecure by Scenario2021Jan
Secure By ScenarioSecure By Scenario2021Jun
Secure By ScenarioSecure by Scenario2021Mar
Secure By ScenarioSecure by Scenario2021May
Secure by Scenario - Data breach at the North PoleSecure by Scenario2020Dec
Secured Digital WorkspaceDevSecOps2022May
Securing CI/CD runners through eBPF agentDevSecOps2024Jan
Securing Remote Work Environments: Challenges and Solutions (panel)Governance2024Jun
Security as Code: A DevSecOps ApproachDevSecOps2022Mar
Security business enabler: How to align your security program to business goalsGovernance2022Dec
Security Champions - Sharing ExperiencesGovernance2022May
Security Design & Guidance at scaleGovernance2023Feb
Security Labels & Schrems IISecurity Labels2020Nov
Security on autonomous systems - a long way to goGovernance2022Mar
Security Vendors - Operating Model2023Apr
Security-Scan your production imagesDevSecOps2021Sep
SemGrep in the CI/CD Pipeline: Automating Code Quality and Security Checks (Panel)Semgrep2023Dec
Shift Smart - risk based approach on appsecDevSecOps2023Jun
Shift-Right Security: Emphasizing Post-Deployment Monitoring and Response (Panel)DevSecOps2023Oct
Shodan OSINT Automation to Mass Exploitation of VulnerabilitiesDevSecOps2022Jan
SOAR - Security Orchestration, Automation, and Response (Panel)DevSecOps2023Feb
SOC2 Certification for SaaS companiesGovernance2020Dec
Social Engineering Attacks: Strengthening Human Firewall(Panel)Secure by Scenario2023Dec
Software Security and Threat ModellingThreat Modeling2022Jan
Sonar Cube Integrations with GitHubDevSecOps2020Dec
Spreading security across the SDLC (with semgrep and other tools)DevSecOps2021Mar
Starbase - Graph-based security analysis for everyoneDevSecOps2022Mar
Stop Committing Your Secrets - Git Hooks To The RescueDevSecOps2024Jan
Successes and Failures at Security TrainingGovernance2022Sep
Supply Chain Security: Strengthening Resilience Against Third-Party Risks(panel)Governance2024Jun
Taking Your DevOps Tooling To The Dark SideDevSecOps2023Jun
Technical Leadership and InfluenceGovernance2022Jan
Technics to limit hallucinations when using a LLM solution like ChatGPTGovernance2024Jan
Testing Ephemeral Kubernetes ApplicationsDevSecOps2021Jun
The Business case for Security ChampionsGovernance2022Mar
The challenge of auditing smart contract audit, especially ones with more advanced cryptographic primitives such as ZKP or MPCGovernance2022Jul
The Challenges With DNS SecurityGovernance2022Feb
The Cloud Security Architects aka the knights of the cloud kingdom - Panel DiscussionCloud-Security2022Mar
The Cybersecurity Talent Gap: Addressing the Growing Skills Shortage(Panel)Governance2023Oct
The Human FirewallGovernance2022May
The Modern Data Broker LandscapeGovernance2021Apr
The next Insider Threat isn't your staff!Governance2022May
The OWASP Top Ten 2021 ReleaseOWASP2021Nov
The RATs and CATs of Risk - Graph based Risk FrameworkGovernance2021Apr
The Rise of AI Security EngineersDevSecOps2024Jun
The Survival Guide to implementing Threat ModelingThreat Modeling2022Dec
The Truth about suffering a cyber-attackRisk and Governance2023Apr
The value of CTO/CISOs and how to make it workGovernance2022Jul
Threat Hunting and Detection Strategies: Proactive Defense in Action (panel)Threat Modeling2024Jun
Threat mapping - A workshop discussionThreat Modeling2021Nov
Threat Model for an Autonomous SystemThreat Modeling2022May
Threat Modeling Failure ModesThreat Modeling2022Sep
Threat Modeling for Schrems IIThreat Modeling2020Nov
Threat Modeling for Serverless Architectures: Identifying Risks in a Serverless World (Panel)Threat Modeling2023Oct
Threat Modeling Glasswall Cloud SDKThreat Modeling2021May
Threat Modeling Glasswall DesktopThreat Modeling2020Dec
Threat Modeling Glasswall Folder-to-Folder PluginThreat Modeling2021May
Threat Modeling KataThreat Modeling2023Apr
Threat Modeling Kata IVThreat Modeling2024Jan
Threat Modeling Kata Part 2Threat Modeling2023Jun
Threat Modeling Kata Part 3Threat Modeling2023Oct
Threat Modeling ManifestoThreat Modeling2020Dec
Threat Modeling PlaybookThreat Modeling2020Oct
Threat Modeling using GenAI and Bots (panel)Threat Modeling2024Jun
Threat Modeling Using Glamorous ToolkitThreat Modeling2021May
Threat Modeling VDevSecOps2024Jun
Threat Modelling Adoption in Disciplines Other Than DevelopmentThreat Modeling2022Sep
Threat Modelling as Code and Threat Modelling ChallengesThreat Modeling2022Jan
Threat Modelling as Code v2Threat Modeling2022Dec
Threat Models and Wardley MapsThreat Modeling2022Mar
Threats categorization, pitfalls, different ways of applying it in practiseThreat Modeling2021Jan
Tune your Toolbox for Velocity and Value (SCA)DevSecOps2022Mar
Turning the Tide : How to convince Senior Management and Ownership to invest in CybersecurityGovernance2024Jan
Using AI to identify SPAM mailsGovernance2024Sep
Using AppMap runtime code visualizations to scout for security flawsDevSecOps2022Mar
Using DataDog for Incident Response (Panel)2023Feb
Using Domain Specific Languages (DSL) for testingDevSecOps2021Jan
Using Elastic and Kibana for Scale and Security VisualisationDevSecOps2021Nov
Using Elastic for Incident Response (Panel)2023Feb
Using JIRA to manage and accept Risks (Panel)2023Feb
Using Jira to Map and Visualise RisksRisk and Governance2021Nov
Using Kubernetes to create a scalable Security Proxy solutionDevSecOps2020Oct
Using Open Source AppMap for Runtime Security AnalysisDevSecOps2022Dec
Using OWASP Nettacker for Recon and Vulnerability ScanningDevSecOps2022Jul
Using Presentations instead of CVs and Creating Diverse Security TeamsGovernance2022Mar
Using Splunk for Incident Response (Panel)DevSecOps2023Dec
Using Teleport to Secure SSH and Kubernetes AccessDevSecOps2021Nov
Using VPC Flows to monitor EC2 TrafficDevSecOps2021Apr
Utilising Security Champions Product TeamsGovernance2024Jan
Vendor Security Management using JiraGovernance2021Jun
Virtual PubMiscellenous2020Oct
Wardley Maps and services model at GlasswallWardley Maps2020Dec
We need second-order thinking in securityGovernance2022Dec
Web application's language negotiation in 2023Governance2023Jun
What to do in preparation for a Threat ModelGovernance2021May
When C4s meet Threat ModelsThreat Modeling2022Mar
Who Goes There? Actively Detecting Intruders With Cyber Deception ToolsGovernance2024Jan
Why Wardley Maps changed how I thinkWardley Maps2022Jul
Why you don't need to be technical to get into securityMisc2022Sep
Women in Cyber Security: Personal experiences and how to be an AllyGovernance2022Dec
Women kick off in CybersecurityGovernance2023Apr
WordPress: Hacking and SecuringDevSecOps2022Dec
Workshop on creating C# Tools using the Owasp O2 Platform2021May
Yor:Automated IaC tag and traceDevSecOps2021Jun
Zero Trust Architecture: Redefining Security Perimeters(panel)DevSecOps2024Jun
Zero Trust Architecture: Strengthening Cloud Security Posture (Panel)Governance2023Oct
Zero Trust Database Access Using OpenZiti and JDBCDevSecOps2023Apr
Zero trust in distributed media workflows for HollywoodGovernance2024Jun
Zero Trust Network Access FrameworkDevSecOps2022Jul