|
Contact Center Authentication
|
|
|
(in)Secure Development - Why some product teams are great and others … aren’t...
|
|
|
Opening Keynote - Starting Strength for AppSec: What Mark Rippetoe Can Teach You about Building AppSec Muscles
|
Square
|
|
Lightning Talk: Node.js and NPM ecosystem: what are the security stakes?
|
|
|
Cloud Forensics: Putting The Bits Back Together
|
|
|
ShiftLeft Ocular: The Google Maps for Auditing Your Code
|
Fabian Yamaguchi
|
|
Browser fingerprints for a more secure web
|
Salesforce
|
|
Can Kubernetes Keep a Secret?
|
|
|
Leveraging users engagement to improve account security
|
|
|
Slack App Security: Securing your Workspaces from a Bot Uprising
|
Slack
|
|
Lessons Learned from the DevSecOps Trenches (Panel)
|
John Heasman
,
Clint Gibler
,
Devdatta Akhawe
,
NCC Group
|
|
Automated Account Takeover: The Rise of Single Request Attacks
|
|
|
Closing Keynote
|
Netflix
|
|
Opening Keynote
|
Google Inc.
,
Chrome
|
|
Lightning Talk: Working with Developers for Fun and Progress
|
|
|
The White Hat’s Advantage: Open-source OWASP tools to aid in penetration testing coverage
|
|
|
Threat Model Every Story: Practical Continuous Threat Modeling Work for Your Team
|
Autodesk
|
|
The Call is Coming From Inside the House: Lessons in Securing Internal Apps
|
Dropbox
|
|
BoMs Away - Why Everyone Should Have a BoM
|
ServiceNow
|
|
Game On! Adding Privacy to Threat Modeling
|
Adam Shostack
,
Shostack & Associates
|
|
Detecting Credential Compromise in AWS
|
Netflix
|
|
A Pragmatic Approach for Internal Security Partnerships
|
Scott Behrens
,
Netflix
|
|
Authorization in the Micro Services world with Kubernetes, ISTIO and Open Policy Agent
|
|
|
Lightning Talk: Inducing Amnesia in Browsers: the Clear Site Data Header
|
KPMG
|
|
Lightning Talk: How to Lose a Container in 10 Minutes
|
Microsoft Corporation
|
|
Netflix's Layered Approach to Reducing Risk of Credential Compromise
|
Netflix
|
|
Lightning Talk: Building Cloud-Native Security for Apps and APIs with NGINX
|
Wallarm
|
|
Preventing Mobile App and API Abuse
|
|
|
How to Start a Cyber War: Lessons from Brussels-EU Cyber Warfare Excercises
|
Christina Kubecka
,
HypaSec
|
|
Pose a Threat: How Perceptual Analysis Helps Bug Hunters
|
Rob Ragan
,
Bishop Fox
|
|
It depends....
|
Dell EMC
|
|
Behind the scenes: Securing in-house execution of unsafe third-party executables
|
LinkedIn
|
|
Cyber Insurance: A Primer for Infosec
|
|
|
Lightning Talk: Usable Security Tooling - Creating Accessible Security Testing with ZAP
|
|
|
The Art of Vulnerability Management
|
|
|
Startup security: Starting a security program at a startup
|
Cloudflare
|
|
CISO Panel: Baking Security Into the SDLC
|
|
|
Lightning Talk: Endpoint Finder - A static analysis tool to find web endpoints
|
|
|
A Seat at the Table
|
Adam Shostack
,
Shostack & Associates
|
|
Offensive Threat Models Against the Supply Chain
|
|
|
On the Frontlines: Securing a Major Cryptocurrency Exchange
|
|
|
Securing Third Party Applications at Scale
|
Salesforce
|
|
An Attacker's View of Serverless and GraphQL Apps
|
|
|
Cache Me If You Can: Messing with Web Caching
|
Louis Dion-Marcil
,
Mandiant
|
|
Closing Keynote
|
|