Summit Tracks
CISO
Working Sessions on topics related for CISOs and C-Level execs.
Chaos Engineering
Sessions focusing on Chaos Engineering
DevSecOps
Sessions focusing on the DevSecOps tools and techniques to embed security as part of CI/CD pipelines
- Creating Appsec metrics and visualisation
- DevSecOps Maturity Model (DSOMM)
- DevSecOps Maturity Model (DSOMM)
- Integrating Security Tools in the SDL using OWASP DevSecOps Studio
- Integrating Security into an Spotify Model (and using Squads for Security teams)
- OWASP Defect Dojo
- OWASP Defect Dojo
- OWASP DevSecOps Studio
- OWASP DevSecOps Studio
- Securing the CI Pipeline
- Securing the CI Pipeline
GDPR
From GDPR Appropriate Security Controls to Real world GDPR practices, this is where the real GDPR security experts will be
- Creating a standard for GDPR patterns
- Creating a standard for GDPR patterns
- DPO how to become one
- DPO how to become one
- DPO what to expect
- DPO what to expect
- European GDPR variations
- European GDPR variations
- GDPR Appropriate Security Controls
- GDPR Appropriate Security Controls
- GDPR Compliance what does it mean?
- GDPR Compliance what does it mean?
- Gamification of GDPR compliance
- Policies for the security industry
- Policies for the security industry
- Share your security polices and release them under Creative Commons
- Using Threat Models for GDPR
- Using graphs for GDPR mappings and visualisations
Keynotes
Keynote track featuring talks by security experts
Maps and Graphs
Working Sessions for CISOs
- Cell based Structures for Security
- Cell based Structures for Security
- Create Wardley Maps for Multiple Security Scenarios
- SOC Value Chain using Wardley maps
- Using User Story Mapping for effective communication
- Using User Story Mapping for effective communication
- Using maps to define how to capture, detect and prevent 6 real-world security incidents
- Using maps to define how to capture, detect and prevent 6 real-world security incidents
- Wardley Mapping – a practical session on how to use value chain mapping
- Wardley Mapping – a practical session on how to use value chain mapping
Misc
Misc Sessions on multiple topics
OWASP SAMM
SAMM team working together in a 5-day sprint on SAMMv2
Owasp Projects
Sessions based around multiple Owasp Projects
Security Questions
Track focused on creating Security Questions and Answers (with daily quizzes planned for the evening sessions)
Threat Model
With Working Sessions such as Attack chains as TM technique and Threat Model cheat sheets
- Attack chains as TM technique
- Attack chains as TM technique
- Create generic TM for CMS
- Create generic TM for CMS
- Create generic TM for CMS
- Describe different ways of implementing TM in agile organisations
- Describe different ways of implementing TM in agile organisations
- Share your Threat Models diagrams and create a Book
- Threat Modeling Website Structure
- Threat Modeling Website Structure
- Threat model cheat sheets
- Threat model cheat sheets
- Threat model closing session
- Threat model closing session
- Threat model guide
- Update Treat Modeling website 1
- Update Treat Modeling website 2
- Update Treat Modeling website 5