Tracks

Here is the current (under construction) schedule for the tracks

By Tracks

MondayTuesdayWednesdayThursdayFriday
Misc
Onboarding and Training
OWASP Juice Shop
OWASP MSTG
OWASP Projects
Wardley Maps
OWASP Juice Shop
OWASP MSTG
OWASP SAMM
Wardley Maps
DevSecOps
Misc
OWASP Juice Shop
OWASP MSTG
OWASP Projects
OWASP SAMM
Threat Model
Wardley Maps
DevSecOps
OWASP Juice Shop
OWASP MSTG
OWASP SAMM
Threat Model
Misc
OWASP MSTG
OWASP Projects

By Sessions

DevSecOps

when dayWed,Thu
descriptionSessions focusing on the DevSecOps tools and techniques to embed security as part of CI/CD pipelines
organizersDominik de Smit Dominik de Smit


Total sessions for this track: 13

MondayTuesdayWednesdayThursdayFriday
AM-1
10:30 - 12:30
Agile Practices for Security Teams
Larch room
Dealing with DevSecOps Findings
Maulden room
Integrating Security Tools in the SDL
Maulden room
PM-1
13:30 - 15:00
Creating Appsec metrics and visualisation
Maulden room
Secrets Management
Maulden room
Time slot over-subscribed
From Threat Modeling to DevSecOps metrics
Montague room
Integrating Security Tools in the SDL
Maulden room
Writing security tests to confirm vulnerabilities and fixes
Pedley room
PM-2
15:30 - 16:30
DevSecOps Maturity Model (DSOMM)
Maulden room
Dealing with DevSecOps Findings
Maulden room
Securing the CI Pipeline
Maulden room
PM-3
16:30 - 18:00
DevSecOps Maturity Model (DSOMM)
Maulden room
Dealing with DevSecOps Findings
Maulden room
Securing the CI Pipeline
Maulden room
Eve-1
19:30 - 21:00
Creating a Security Champions network
Dinner Villa
Sessions not mapped to any day or time

(back to all track's schedule)

Misc

when dayMon,Wed,Fri
descriptionSessions on multiple topics
organizers


Total sessions for this track: 17

MondayTuesdayWednesdayThursdayFriday
AM-1
10:30 - 12:30
Ask me anything (AMA) on GDPR
Maulden room
Security Challenges - Analyse others
Time slot over-subscribed
Emotional/Multiple Intelligence
Portland room
Real world Chaos Engineering
Montague room
Security Challenges - Next step
Larch room
PM-1
13:30 - 15:00
Introduction to Cynefin Framework
Portland room
Customising the Chaos Engineering Toolkit
Maulden room
DS-3
15:00 - 15:30
Time slot over-subscribed
Scaling API Security
Larch room
Securing Kubernete's hosted APIs
Maulden room
Third Party Due Diligence
Pedley room
PM-2
15:30 - 16:30
Security Challenges - An Introduction
Portland room
PM-3
16:30 - 18:00
Security Challenges - Analysis, Analogies
Portland room
Using Cynefin Framework making strategic security decisions
Portland room
Cyber Risk Modeling
Montague room
Eve-1
19:30 - 21:00
OWASP community-docs
virtual-1
Sessions not mapped to any day or time

(back to all track's schedule)

Onboarding and Training

when dayMon
descriptionOnboarding and Training sessions
organizers


Total sessions for this track: 19

MondayTuesdayWednesdayThursdayFriday
ST-2
9:00 - 10:00
Threat Modeling Training (Thu)
Larch room

(back to all track's schedule)

OWASP Juice Shop

when dayMon,Tue,Wed,Thu
descriptionSessions focusing on OWASP Juice Shop
organizersBjoern Kimminich Bjoern Kimminich


Total sessions for this track: 11

MondayTuesdayWednesdayThursdayFriday
AM-1
10:30 - 12:30
Juice Shop 101
Montague room
Juice Shop Challenge Refactoring
Montague room
PM-1
13:30 - 15:00
Juice Shop Contributor Onboarding
Montague room
Eve-1
19:30 - 21:00
Juice Shop Hack'n'Code (Mon)
174 - Juice Shop villa
Juice Shop Hack'n'Code (Tue)
174 - Juice Shop villa
Juice Shop Hack'n'Code (Wed)
174 - Juice Shop villa
Juice Shop Release Night
174 - Juice Shop villa
Eve-2
21:00 - 23:00
Juice Shop Hack'n'Code (Mon)
174 - Juice Shop villa
Juice Shop Hack'n'Code (Tue)
174 - Juice Shop villa
Juice Shop Hack'n'Code (Wed)
174 - Juice Shop villa
Juice Shop Release Night
174 - Juice Shop villa
Sessions not mapped to any day or time

(back to all track's schedule)

OWASP MSTG

when dayMon, Tue, Wed, Thu, Fri
descriptionSessions focusing on the OWASP MSTG project.
organizersJeroen Willemsen Jeroen Willemsen , Carlos Holguera Carlos Holguera , Sven Schleier Sven Schleier , Jeroen Beckers Jeroen Beckers


Total sessions for this track: 22

MondayTuesdayWednesdayThursdayFriday
AM-1
10:30 - 12:30
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Tue)
Pedley room
Mobile Basic Security Testing and Reverse Engineering (Tue)
Pedley room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Wed)
708 - MSTG villa
Mobile Security Testing Guide onboarding (Session 2)
Pedley room
OWASP Mobile Security Testing Guide 101 (Session 2)
Pedley room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu)
708 - MSTG villa
Creating an iOS build pipeline with security checks
Pedley room
Mobile Basic Security Testing and Reverse Engineering (Thu)
708 - MSTG villa
Android and iOS Security Enhancements and Crackme Apps (Fri)
Pedley room
DS-2
12:30 - 13:30
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Mon)
Maulden room
Mobile Basic Security Testing and Reverse Engineering (Mon)
Maulden room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Tue)
Pedley room
Mobile Basic Security Testing and Reverse Engineering (Tue)
Pedley room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Wed)
708 - MSTG villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Thu)
708 - MSTG villa
Android and iOS Security Enhancements and Crackme Apps (Fri)
Pedley room
PM-1
13:30 - 15:00
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Mon)
Maulden room
Mobile AppSec Verification Standard (MASVS)
Maulden room
Mobile Basic Security Testing and Reverse Engineering (Mon)
Maulden room
Mobile Security Testing Guide onboarding
Maulden room
OWASP Mobile Security Testing Guide 101
Maulden room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Tue)
Pedley room
Mobile Basic Security Testing and Reverse Engineering (Tue)
Pedley room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Wed)
708 - MSTG villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Thu)
708 - MSTG villa
Android and iOS Security Enhancements and Crackme Apps (Fri)
Pedley room
PM-2
15:30 - 16:30
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Mon)
Maulden room
Mobile AppSec Verification Standard (MASVS)
Maulden room
Mobile Basic Security Testing and Reverse Engineering (Mon)
Maulden room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Tue)
Pedley room
Mobile Basic Security Testing and Reverse Engineering (Tue)
Pedley room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Wed)
708 - MSTG villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Thu)
708 - MSTG villa
Android and iOS Security Enhancements and Crackme Apps (Fri)
Pedley room
PM-3
16:30 - 18:00
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Mon)
Maulden room
Mobile AppSec Verification Standard (MASVS)
Maulden room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Tue)
Pedley room
Mobile Basic Security Testing and Reverse Engineering (Tue)
Pedley room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Wed)
708 - MSTG villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Thu)
708 - MSTG villa
Eve-1
19:30 - 21:00
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Mon Eve)
708 - MSTG villa
Mobile AppSec Verification Standard (MASVS) (Evening)
178 - Sessions 1 villa
Mobile Basic Security Testing and Reverse Engineering (Mon Evening)
179 - Sessions 2 villa
Mobile Basic Security Testing and Reverse Engineering (Tue Evening)
180 - Dinner Villa villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed Eve)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Evening Session)
708 - MSTG villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu Eve)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Evening Session)
708 - MSTG villa
Eve-2
21:00 - 23:00
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Mon Eve)
708 - MSTG villa
Mobile AppSec Verification Standard (MASVS) (Evening)
178 - Sessions 1 villa
Mobile Basic Security Testing and Reverse Engineering (Mon Evening)
179 - Sessions 2 villa
Mobile Basic Security Testing and Reverse Engineering (Tue Evening)
180 - Dinner Villa villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed Eve)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Evening Session)
708 - MSTG villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu Eve)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Evening Session)
708 - MSTG villa

(back to all track's schedule)

OWASP Projects

when dayMon,Wed,Fri
descriptionSessions on multiple OWASP Projects
organizers


Total sessions for this track: 9

MondayTuesdayWednesdayThursdayFriday
AM-1
10:30 - 12:30
ZAP working session - automation
Portland room
ZAP working session - future plans
Portland room
PM-1
13:30 - 15:00
ZAP working session - the HUD
Portland room
Application Security Verification Standard
178 - Sessions 1 villa
PM-2
15:30 - 16:30
OWASP Application Security Curriculum Project
Montague room
OWASP HoneyPot
158 - Villa 158 villa
Eve-1
19:30 - 21:00
OWASP Media Project
virtual-2
Sessions not mapped to any day or time

(back to all track's schedule)

OWASP SAMM

when dayTue,Wed,Thu
descriptionSAMM team working together in a 5-day sprint on SAMMv2
organizersSebastien Deleersnyder Sebastien Deleersnyder , Bart De Win Bart De Win


Total sessions for this track: 38

MondayTuesdayWednesdayThursdayFriday
AM-1
10:30 - 12:30
SAMM - Editing agreements and parallel editing
Kings room
SAMM - SAMM documents and parallel editing (Wed AM)
Kings room
SAMM - Parallel editing (Thu AM)
Kings room
SAMM - Tooling
Kings room
DS-2
12:30 - 13:30
SAMM - Outreach program (Mon)
Kings room
SAMM - Outreach program (Tue)
Kings room
SAMM - Alignment with other OWASP projects (Wed)
Kings room
SAMM - Alignment with other OWASP projects (Thu)
Kings room
SAMM - Alignment with other OWASP projects (Fri)
Kings room
PM-1
13:30 - 15:00
SAMM user session - Introduction
Kings room
SAMM - Parallel editing (Tue)
Kings room
SAMM - Parallel editing (Wed PM)
Kings room
SAMM - Parallel editing (Thu PM)
Kings room
SAMM - Any Other Business
Kings room
PM-2
15:30 - 16:30
SAMM user session - Round-table
Kings room
SAMM - Model discussions (Tue)
Kings room
SAMM - Model discussions (Wed)
Kings room
SAMM - Alignment with Threat Modeling
Kings room
SAMM - Planning and Roadmap
Kings room
PM-3
16:30 - 18:00
SAMM - Measurement model (Mon PM)
Kings room
SAMM - Outreach wrap-up
Kings room
Time slot over-subscribed
Mapping OWASP DevSecOps Maturity Model to SAMMv2
Kings room
SAMM - DevOps guidance
Kings room
SAMM - SAMM benchmarking and tooling
Kings room
Eve-1
19:30 - 21:00
SAMM - Measurement model (Mon EV)
157 - SAMM villa
SAMM - Model Challenges (Tue)
157 - SAMM villa
SAMM - Model Challenges (Wed)
157 - SAMM villa
SAMM - Agile guidance
157 - SAMM villa
Sessions not mapped to any day or time

(back to all track's schedule)

Threat Model

when dayWed,Thu
descriptionSessions focusing on Threat Modeling
organizers


Total sessions for this track: 24

MondayTuesdayWednesdayThursdayFriday
AM-1
10:30 - 12:30
State and future of threat modeling
Larch room
Towards a unified way of describing threat models
Larch room
PM-1
13:30 - 15:00
TM track introduction
Larch room
Time slot over-subscribed
Creating a generic diagram of a threat model
Larch room
How do we persist the information from the TM Slack channel?
Larch room
Automated Threat Hunting Project Collaboration
    Larch room
    Incremental Threat Modeling
    Larch room
    PM-2
    15:30 - 16:30
    Lightweight privacy threat modeling using LINDDUN
    Larch room
    TM maturity
    Larch room
    Threat pattern libraries
    Larch room
    SAMMv2 - Threat Modeling
    Larch room
    PM-3
    16:30 - 18:00
    Lightweight privacy threat modeling using LINDDUN Part II
    Larch room
    Threat Model Cookbook Project (Part 1)
    Larch room
    Threat Model Cookbook Project (Part 2)
    Larch room
    Track closure
    Larch room
    Sessions not mapped to any day or time

    (back to all track's schedule)

    Wardley Maps

    when dayMon,Tue,Wed
    descriptionSessions focusing on the use of Wardley Maps in Security
    organizersPending


    Total sessions for this track: 12

    MondayTuesdayWednesdayThursdayFriday
    AM-1
    10:30 - 12:30
    Mapping boot camp
    Portland room
    PM-1
    13:30 - 15:00
    Introduction to Wardley Maps
    Portland room
    Wardley Maps for Security
    Montague room
    Cell based Structures for Security
    Portland room
    DS-3
    15:00 - 15:30
    Talking security risk to business - practical games to learn through failure
    Portland room
    PM-2
    15:30 - 16:30
    Using Wardley Maps and Cynefin for Security
    Portland room
    Wardley Mapping - Climatic Patterns and Using Doctrine
    Portland room
    PM-3
    16:30 - 18:00
    Hand's on Wardley Maps creation
    Portland room
    Using Wardley Maps on SOC
    Montague room
    Wardley Mapping - Coordinating functions within a PST organisation
    Portland room
    Sessions not mapped to any day or time

    (back to all track's schedule)