User Sessions

In addition to Working Sessions this year we are also introducing the concept of User Sessions, which will be very learning-based hands-on practically-driven sessions, so you leave with the knowledge, skills and tools you need to make immediate changes in your workplace.

We wanted to introduce User Sessions to this year’s event, as we believe that only by keeping your learning up to date and taking opportunities to try these new skills out for yourself in a safe environment, where it’s ok to fail - and fail fast - will you really be able to go back and implement the new knowledge you have acquired.

The Summit now includes these User Sessions, from working through Chaos Experiments to getting to grips with GDPR Patterns, from understanding how to use OWASP SAMM to using Pixi, we want to cover all the bases.

See also the planned Working Sessions.

Current User Sessions

Title Track Description
A long successful career in IT (women in tech) Keynotes Keynote by Ante Gulam
A seat at the table Keynotes Keynote by Adam
A shared understanding of Success Keynotes Keynote by Sara Davis
Adding CRS3 and Pixi to CircleCI pipeline DecSecOps Adding OWASP ModSecurity Core Rule Set 3 and Pixi to CircleCI pipeline
Adding Privacy by Design in Secure Application Development Keynotes Keynote by Sebastien Deleersnyder
Ask me anything (AMA) - Meet the Experts Misc Ask all the burning questions you have to those in industry
Ask me anything (AMA) on GDPR GDPR Ask all the burning questions you have on GDPR
Create a Slack bot in Python DevSecOps Hands on session to show participants how to create a Slack bot in Python
Creating Appsec metrics and visualisation DevSecOps AppSec Metrics and Visualisation
Creating ELK Dashboards Maps and Graphs Practical session on creating ELK Dashboards
Creating Open Source Avatao exercises Misc
Creating Security exams (How to) Security Questions
Crossing the river by feeling the stones Keynotes Keynote by Simon Wardley
Diving into mobile cryptography using dynamic instrumentation with Frida Misc Hands-on session by Carlos Holguera
Gamifying Security Dashboards Keynotes Keynote by Ante Gulam
Hands on Chaos Experiments Chaos Engineering
Hands-on GDPR Patterns GDPR Using GDPR Patterns
Implementing the OWASP responsible disclosure Maturity Model OWASP Projects Hand-on session on creating the OWASP responsible disclosure Maturity Model
InSecurity Keynotes Keynote by Jane Frankland
Informational Awareness Keynotes Keynote by Jonathan Hawes
Integrating Security Tools in the SDL using OWASP DevSecOps Studio DevSecOps Using DevSecOps studio to learn and teach Integrating security tools in the SDL
JIRA - how to use it Misc How to use Jira for risk management, incident response and managing a team
OS Summit Website - how to use it Misc How to update the Open Security website
Publishing apps in a VSTS security pipeline DecSecOps Beginner level session on DevSecOps and publishing to the Cloud
Running CTF Games with OWASP Juice Shop Owasp Projects Running / hosting CTF games with OWASP JuiceShop
SAMM - Best Practices OWASP SAMM User session on how to use Owasp SAMM
SAMM Introduction OWASP SAMM Introduction session on SAMM for people who want to know more about the project
SAMM Round Table OWASP SAMM Round table session with SAMM users
SOC Value Chain using Wardley maps Maps and Graphs
Security Quiz Night (Mon) Security Questions
Security Quiz Night (Thu) Security Questions
Security Quiz Night (Tue) Security Questions
Security Quiz Night (Wed) Security Questions
Summit Onboarding Misc How to update the Open Security website
Testing iOS Apps without Jailbreak Owasp Projects Mobile Security Working Session
Thinking in Graphs Keynotes Keynote by Dinis Cruz
Track Introductions Misc
Update Treat Modeling website 1 Threat Model
Update Treat Modeling website 2 Threat Model
Update Treat Modeling website 3 Threat Model Threat Modeling User Session
Update Treat Modeling website 4 Threat Model Threat Modeling User Session
Update Treat Modeling website 5 Threat Model
Using JIRA to create and execute Security Playbooks DevSecOps Hands on session on how to use JIRA for incident response
Using Neo4J to filter and review SAST findings Maps and Graphs
Using Threat Models for GDPR GDPR Hands on user session on how to use Threat Models in GDPR mappings
Using graphs for GDPR mappings and visualisations GDPR Hands on sessions of mapping GDPR data to graphs
Using the OWASP Maturity Model tool OWASP SAMM Practical session on using the OWASP Maturity Model tool
Wardley Mapping – a practical session on how to use value chain mapping Maps and Graphs Practical session on how to use value chain mapping.
Writing a Security Budget
Writing security tests to confirm vulnerabilities and fixes DevSecOps Hands on session writing security tests
Zap - How to use it Owasp Projects User session to help ZAP users
secureCodeBox - How to improve your CI/CD pipeline with automated security tests DevSecOps Hands on session to introduce the new project secureCodeBox.io and how you could use it to improve your CI/CD pipeline with automated security tests easily.