Speakers

AWS (mis)configuration from an attacker’s-eye view

Kavisha Sheth
Kavisha Sheth

Achieving Security by Shifting Left in Agile

Bhushan B Gupta
Bhushan B Gupta

Achieving the Web Isolation Nirvana - How far along are we?

Agile Threat Modeling with Open-Source Tools

Christian Schneider
Christian Schneider

All your Ether belong to us (a.k.a Hacking Ethereum-based DApps)

Luis Quispe Gonzales
Luis Quispe Gonzales

An Attackers View on APAC's 2021 Three Major Breaches

Guest Speaker Ric Campo
Guest Speaker Ric Campo

AppSec Timeline: Wins, Failures, Promises, and Predictions

Joseph Feiman
Joseph Feiman

Attacking the microservice systems: methods and practical tips

Alexander Barabanov
Alexander Barabanov

Automate Security, Don't Tell Your Boss

Matt Tesauro
Matt Tesauro

Automated Finding Correlation where do SAST, DAST and IAST overlap

Automatic Vulnerability Remediation - The Trusted and Secure Road to Developer Happiness

Back to Basics: Looking for subtle bugs in beginner programming constructs

Guest Speaker Cole Cornford
Guest Speaker Cole Cornford

Birds & Buttons - Cyber Risk Success Criteria for Board & Executives

Shamane Tan
Shamane Tan

Blockchain-based Security Framework for Cyber Physical Systems (BSF-CPS)

Dr. Abhilasha Vyas
Dr. Abhilasha Vyas

Bot or human? Detecting malicious bots with machine learning in 2021

Code-Origin Policy: Towards a Formal User Privacy Protection for the Web

Phu H. Phung
Phu H. Phung

Common Application Security Mistakes that Enable Automated Attacks

Jason Kent
Jason Kent

Common NGINX Misconfigurations That Leave Your Web Server Open To Attack

Spencer Pearlman
Spencer Pearlman

Connecting the Dots: How Threat Intelligence Protects the Applications

Catalin Curelaru
Catalin Curelaru

Costly mistakes in serverless computing

Miguel Calles
Miguel Calles

Creating an IoT-connected Mobile App Compliance Program Leveraging OWASP MASVS

Brian Reed
Brian Reed

Decoded: Leverage Cybersecurity as a Business Enabler

Guest Speaker Nicole Dove
Guest Speaker Nicole Dove

DevSecOps in 2031: How robots and humans will secure apps together

Guest Speaker Stefan Streichsbier
Guest Speaker Stefan Streichsbier

Developers Struggle with Application Security (and How to Make It Better)

Scott Gerlach
Scott Gerlach

Effective Usage Analysis: The Shortest Path Between a Developer and Accelerated Product Releases

Rami Elron
Rami Elron

Everything You Always Wanted to Know About Fingerprinting Browser Extensions, But Were Afraid to Ask

Nick Nikiforakis
Nick Nikiforakis

Feedback loop in DevSecOps - mature security process and dev cooperation

Daniel Krasnokucki
Daniel Krasnokucki

Fight Club | Grow your OWASP Chapter

Five philosophies to building better application logs

Veronica Schmitt
Veronica Schmitt

Good Bot, Bad Bot: Characterizing Automated Browsing Activity

Nick Nikiforakis
Nick Nikiforakis

Hack Your APIs in 15 Minutes or Less

Himanshu Dwivedi
Himanshu Dwivedi

How Security, Development & Testing can work together to stop the same recurring vulnerabilities appearing in the OWASP Top 10

Stefania Chaplin
Stefania Chaplin

How To Review Code For Vulnerabilities

Vickie Li
Vickie Li

Introducing graph theory to Policy-As-Code

Barak Schoster
Barak Schoster

It's Not Your Developers' Fault

Guest Speaker Edwin Kwan
Guest Speaker Edwin Kwan

Kubernetes Security: Attacking and Defending K8s Clusters

Magno Logan
Magno Logan

Live Q&A Session

Guest Speaker Troy Hunt
Guest Speaker Troy Hunt

Looking at 4 years of web honeypot attacks: tactics, techniques and trends

OWASP API Security Top 10 - A Beginner's Guide to Mitigation

Isabelle Mauny
Isabelle Mauny

OWASP Amass Flagship Project

Jeff Foley
Jeff Foley

OWASP Application Gateway: What is it and how can you use it to secure your webapp?

Gian-Luca Frei
Gian-Luca Frei

OWASP Application Security Verification Standard (ASVS) Flagship Project

OWASP CSRFGuard Flagship Project

OWASP Cheat Sheet Series Flagship Project

Jim Manico
Jim Manico

OWASP Cloud-Native Application Security Top 10 Flagship Project

Ron Vider
Ron Vider

OWASP Cyclone DX Flagship Project

OWASP DefectDojo Flagship Project

OWASP Dependency Track Flagship Project

Steve Springett
Steve Springett

OWASP Dependency-Check Flagship Project

Jeremy Long
Jeremy Long

OWASP ESAPI – A Retrospective: The Good, the Bad, & the Ugly

Kevin Wall
Kevin Wall

OWASP Juice Shop Flagship Project

Björn Kimminich
Björn Kimminich

OWASP Mobile Security Testing Guide Flagship Project

OWASP ModSecurity Core Rule Set Flagship Project

Christian Folini
Christian Folini

OWASP Nettacker Project

Sam Stepanyan
Sam Stepanyan

OWASP OWTF Flagship Project

Saurabh Nandedkar
Saurabh Nandedkar

OWASP Security Knowledge Framework Flagship Project

OWASP Security Shepard Flagship Project

Sean Duggan
Sean Duggan

OWASP Software Assurance Maturity Model (SAMM) Flagship Project

OWASP Top 10 Flagship Project

Andrew van der Stock
Andrew van der Stock

OWASP Top 10 Privacy Risks 2021

Florian Stahl
Florian Stahl

OWASP Web Security Testing Guide Flagship Project

Matteo Meucci
Matteo Meucci

OWASP ZAP Flagship Project

Simon Bennetts
Simon Bennetts

Objects In The Rear View Mirror Are Closer Than They Appear

Erez Yalon
Erez Yalon

Over 20 Years of SQL Injection Attacks in the Wild - Time to Refine and Optimize Web Attack Detection by Using Data Mining Techniques

Or Katz
Or Katz

Post-DevOps, what should we shift-left?

Riotaro OKADA
Riotaro OKADA

Preventing an OWASP Top 10 in the world of AI

Aaron Ansari
Aaron Ansari

Purple Teaming with OWASP Purpleteam

Kim Carter
Kim Carter

React Native Security. Addressing typical mistakes

Julia Potapenko
Julia Potapenko

Redefining Threat Modeling: Security team goes on vacation

Jeevan Singh
Jeevan Singh

Rough Consensus - An OWASP Story

Guest Speaker Jeff Williams
Guest Speaker Jeff Williams

Running a local Chapter

Serge Borso
Serge Borso

Scaling AppSec through Education

Grant Ongers
Grant Ongers

Security As Code - The New Model Of Achieving Security At Scale

Guest Speaker Dr. Chenxi Wang
Guest Speaker Dr. Chenxi Wang

Security Chaos Engineering - Turning the Tide in the War on Uncertainty in Cyber Security

Guest Speaker Aaron Rinehart
Guest Speaker Aaron Rinehart

Security Metrics: Protecting Our Digital Assets of the Future

Caroline Wong
Caroline Wong

Security begins with secure development environments

Software Security Engineering (Learnings from the past to fix the future)

Debasis Mohanty
Debasis Mohanty

Stop the looters: a method to detect digital skimming attacks

Nikolaos Alexiou
Nikolaos Alexiou

The future is simple

The future of Dev[Sec]Ops transformation

Guest Speaker Larry Maccherone
Guest Speaker Larry Maccherone

The making of the OWASP Top 10 and beyond

Brian Glas
Brian Glas

These are the Vulns You are Looking For: AppSec Champions & Jedi Mind Tricks

John Dickson
John Dickson

Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security

Guest Speaker Dan Cornell
Guest Speaker Dan Cornell

Top 10 Challenges for DevSecOps

Gary Robinson
Gary Robinson

Unlocking Mobile App Security Secrets

Jan Seredynski
Jan Seredynski

Using binary search algorithms for blind sql injection

Juan Pablo Quiñe Paz
Juan Pablo Quiñe Paz

What Shall We Do With a Vendor SBOM?

Guest Speaker Wendy Nather
Guest Speaker Wendy Nather

Your code might be secure, but what about your pipeline? Challenges of securing build/deployment environment.

Marcin Szydlowski
Marcin Szydlowski

Your company, as a Knowledge Graph - the foundation of cybersecurity’s future

Ovidiu Cical
Ovidiu Cical

vAPI : Vulnerable Adversely Programmed Interface (OWASP API Top 10)

Tushar Kulkarni
Tushar Kulkarni