Schedule by day

Working Sessions

when

Monday

Tuesday

Wednesday

Thursday

Friday

Android and iOS Security Enhancements and Crackme Apps (Mon Eve)

Android and iOS Security Enhancements and Crackme Apps (Mon)

Hand's on Wardley Maps creation

Introduction to Wardley Maps

Juice Shop Hack'n'Code (Mon)

Jupyter Training (#1)

Jupyter Training (#2)

Jupyter Training (#3)

Lightweight privacy threat modeling using LINDDUN

Lightweight privacy threat modeling using LINDDUN Part II

Mobile AppSec Verification Standard (MASVS)

Mobile AppSec Verification Standard (MASVS) (Evening)

Mobile Basic Security Testing and Reverse Engineering (Mon Evening)

Mobile Basic Security Testing and Reverse Engineering (Mon)

OWASP SAMM Training (#1)

OWASP SAMM Training (#2)

OWASP SAMM Training (#3)

SAMM - Measurement model (Mon EV)

SAMM - Measurement model (Mon PM)

SAMM - Outreach program (Mon)

Schedule & Outcomes (#1)

Schedule & Outcomes (#2)

Schedule & Outcomes (#3)

Security Challenges - An Introduction

Threat Modeling Training (#1)

Threat Modeling Training (#2)

Threat Modeling Training (#3)

TM track introduction

Wardley Maps Training (#1)

Wardley Maps Training (#2)

Wardley Maps Training (#3)

Welcome & Content (#1)

Welcome & Content (#2)

Welcome & Content (#3)

Agile Practices for Security Teams

Android and iOS Security Enhancements and Crackme Apps (Tue)

Creating a generic diagram of a threat model

DevSecOps Maturity Model (DSOMM)

How do Cyber Professionals protect themselves

How do we persist the information from the TM Slack channel?

Jira Schemas

Juice Shop Hack'n'Code (Tue)

Mobile Basic Security Testing and Reverse Engineering (Tue Evening)

Mobile Basic Security Testing and Reverse Engineering (Tue)

OWASP Application Security Curriculum Project

OWASP community-docs

SAMM - Editing agreements and parallel editing

SAMM - Model Challenges (Tue)

SAMM - Model discussions (Tue)

SAMM - Outreach program (Tue)

SAMM - Outreach wrap-up

SAMM - Parallel editing (Tue)

Security Challenges - Analysis, Analogies

Threat Model Cookbook Project (Part 1)

TM maturity

ZAP working session - automation

ZAP working session - the HUD

Android and iOS Security Enhancements and Crackme Apps (Wed Eve)

Android and iOS Security Enhancements and Crackme Apps (Wed)

Application Security Verification Standard

Creating a Security Champions network

Dealing with DevSecOps Findings

Juice Shop Hack'n'Code (Wed)

Mapping OWASP DevSecOps Maturity Model to SAMMv2

Mobile Basic Security Testing and Reverse Engineering (Evening Session)

Mobile Basic Security Testing and Reverse Engineering (Wed)

OWASP HoneyPot

OWASP Media Project

SAMM - Alignment with other OWASP projects (Wed)

SAMM - DevOps guidance

SAMM - Model Challenges (Wed)

SAMM - Model discussions (Wed)

SAMM - Parallel editing (Wed PM)

SAMM - SAMM documents and parallel editing (Wed AM)

Secrets Management

Security Challenges - Analyse others

State and future of threat modeling

Threat Model Cookbook Project (Part 2)

Threat pattern libraries

Using Cynefin Framework making strategic security decisions

ZAP working session - future plans

Android and iOS Security Enhancements and Crackme Apps (Thu Eve)

Android and iOS Security Enhancements and Crackme Apps (Thu)

Cell based Structures for Security

Creating an iOS build pipeline with security checks

Cyber Risk Modeling

From Threat Modeling to DevSecOps metrics

Incremental Threat Modeling

Integrating Security Tools in the SDL

Juice Shop Challenge Refactoring

Juice Shop Release Night

Mapping boot camp

Mobile Basic Security Testing and Reverse Engineering (Evening Session)

Mobile Basic Security Testing and Reverse Engineering (Thu)

SAMM - Agile guidance

SAMM - Alignment with other OWASP projects (Thu)

SAMM - Alignment with Threat Modeling

SAMM - Parallel editing (Thu AM)

SAMM - Parallel editing (Thu PM)

SAMM - SAMM benchmarking and tooling

SAMMv2 - Threat Modeling

Scaling API Security

Securing Kubernete's hosted APIs

Securing the CI Pipeline

Threat Modeling Training (Thu)

Towards a unified way of describing threat models

Track closure

Wardley Mapping - Climatic Patterns and Using Doctrine

Wardley Mapping - Coordinating functions within a PST organisation

Android and iOS Security Enhancements and Crackme Apps (Fri)

Customising the Chaos Engineering Toolkit

Emotional/Multiple Intelligence

OSS BOT and Argumentation Models

Protecting JuiceShop with AWS WAF

Real world Chaos Engineering

SAMM - Alignment with other OWASP projects (Fri)

SAMM - Any Other Business

SAMM - Planning and Roadmap

SAMM - Tooling

Security Challenges - Next step

Sessions not mapped to any day or time

Creating a Threat Library
Creating a Threat Library
Security Challenges - Collate others' strategies and assumptions
Security Challenges - Collate others' strategies and assumptions

User Sessions

Monday

Tuesday

Wednesday

Thursday

Friday

Mobile Security Testing Guide onboarding

OWASP Mobile Security Testing Guide 101

SAMM user session - Introduction

SAMM user session - Round-table

Ask me anything (AMA) on GDPR

Creating Appsec metrics and visualisation

Juice Shop 101

Juice Shop Contributor Onboarding

Introduction to Cynefin Framework

Mobile Security Testing Guide onboarding (Session 2)

OWASP Mobile Security Testing Guide 101 (Session 2)

Using Wardley Maps and Cynefin for Security

Using Wardley Maps on SOC

Wardley Maps for Security

Talking security risk to business - practical games to learn through failure

Third Party Due Diligence

Writing security tests to confirm vulnerabilities and fixes