|
Mobile BDD security tests on steroids: A new framework to automate MSTG and MASVS in your CI/CD pipeline
|
|
|
Web application compromise mitigation with crypto anchoring
|
|
|
Security Culture Hacking: Disrupting the Security Status Quo
|
|
|
Hunter2: Repair The Flag
|
|
|
Value Driven Threat Modeling * DEV Focused*
|
|
|
Cheaters, cheaters, video game eater
|
|
|
How to get the best AppSec test of your life
|
|
|
My journey through building an advanced bot detection product
|
Akamai Technologies
|
|
Better Deserialization Vulnerability Remediation with Automated Gadget Chain Discovery
|
Ian Haken
,
Netflix
|
|
Ecosystem, Interoperability and Standards: The gauntlet of IoT Security and Privacy development lifecycle
|
Kavya Racharla
,
Sumanth Naropanth
|
|
Domino's Delivery of a Faster Response was No Standard Order
|
|
|
Security as a Service: Work where You Engineers Live
|
Adobe Systems, Inc.
|
|
Making Security Approachable for Developers and Operators
|
|
|
Battle Tested Application Security
|
|
|
Chromebooks and network motes to enforce security posture from the device to the cloud
|
|
|
Paving the road for Developers: Lessons from integrating third party library scanning in DevOps workflows
|
|
|
Human factors that influence secure software development
|
|
|
SCORE Bot: Shift Left, at Scale!
|
|
|
Pentesting Swift Application for fun and Profit with OWASP iGoat
|
|
|
Scratching the Surface of your CD?
|
Synopsys
|
|
Serverless Infections: Malware Just Found a New Home
|
Checkmarx
|
|
Defense in depth with semantic static analysis
|
Facebook
|
|
Breaking fraud & bot detection solutions
|
Dropbox
|
|
Are You Trading Stocks Securely? Exposing Security Flaws in Trading Technologies
|
Alejandro Hernandez
,
IOActive, Inc.
|
|
Empowering the Employee: Incident Response with a Security Bot
|
|
|
Authentication as a Microservice: Portable Customer Identity Management
|
|
|
Fixing Mobile AppSec
|
|
|
Campaign Security is Hard
|
Dylan Ayrey
|
|
SDL at Scale: Growing Security Champions
|
Veracode
|
|
Deserialization: what, how and why [not]
|
Salesforce
|
|
Empowering Modern Development with Security Automation - Trials and Tribulations from the Trenches
|
John Heasman
,
Clint Gibler
,
Zane Lackey
,
Scott Behrens
,
Dropbox
|
|
Prevent Business Logic Attacks using Dynamic Instrumentation
|
|
|
Flying Above the Clouds: Securing Kubernetes
|
nVisium
|
|
Threat Model-as-Code: A Framework to go from Codified Threat Modeling to Automated Application Security Testing
|
|
|
The Anatomy of a Secure Web Application in Java Using Spring Security and Apache Fortress
|
|
|
Identity Theft: Attacks on SSO Systems
|
Kelby Ludwig
|
|
Defensible Application Security for the Artificial Intelligence Era
|
|
|
Identifying and Remediating Security Vulnerabilities in AI Assistant Based Applications
|
Samsung Research America
|
|
Tears From the Cloud
|
Netflix
|
|
Are we using Java Crypto API Securely ?
|
CA Veracode
|
|
Open Source Security Tools for Kubernetes Applications
|
|
|
(in)Security is eating the world; speed and autonomy is our only hope for defense
|
Michael Coates
,
Altitude Networks
|
|
Teach a man how to fish
|
|
|
Single Page Applications: Is your design secure?
|
Microsoft Corporation
|