Tuesday

No Sessions

Wednesday

No Sessions

Thursday

8:00 AM

Securing Your Software Supply Chain One Open Source Project at a Time

Presented by: Lori Lorusso
Time: Thursday 8:00 AM - 9:00 AM

Delivering software fast is one piece of the CI/CD puzzle, but delivering it securely is the glue that keeps your puzzle from falling apart. Software supply chain attacks are on the rise with security exploits directly targeting open source projects, central repositories, and software package...

Room: Salon ATrack: SecurityTags: Security, DevOps, CI/CDFormat: General SessionLevel: Introductory and overview
10:30 AM

Modern Authentication and Authorization with OIDC, OAuth2, and Resource-based Permissions

Presented by: Eric Boyd
Time: Thursday 10:30 AM - 11:30 AM

Open web standards for authentication, authorization and delegation are especially important in our connected, integrated, and mobile world. There are expectations for single sign-on, integration with external partners, multi-tenancy, identity across application tiers, and authentication with...

Room: Salon ATrack: SecurityTags: .NET, Backend, SecurityFormat: General SessionLevel: Intermediate
1:00 PM

Building Relationships for Better Security

Presented by: Darylynn Ross
Time: Thursday 1:00 PM - 2:00 PM

It's 2024 and software engineering teams and security teams are still struggling to figure out how we can all just get along. Engineering teams are commonly frustrated and annoyed at all the extraneous stuff security wants them to do. And security teams are commonly frustrated with the lack of...

Room: Salon BTrack: SecurityTags: Security, Soft Skills, LeadershipFormat: General SessionLevel: Introductory and overview
3:30 PM

Take Back Control - Introducing Veilid

Presented by: Bill Sempf
Time: Thursday 3:30 PM - 4:30 PM

Veilid is an open-source, peer-to-peer, mobile-first, networked application framework. It allows developers to build private, distributed, scalable social applications containing and sharing a user's personal content without data collection by third parties being of concern. Built by Cult of the...

Room: Salon ETrack: ArchitectureTags: Python, Rust, Mobile, Security, CloudFormat: General SessionLevel: Intermediate
4:45 PM

What Does Security Look Like When Building AI?

Presented by: Robert Herbig
Time: Thursday 4:45 PM - 5:45 PM

Anyone who is working with AI or considering doing so should care about security. When considering building an AI-powered system or product, the traditional attack surfaces and mitigations still apply. However, new attack surfaces can be present depending on the specific AI approaches used. In...

Room: Salon ETrack: SecurityTags: Programming Principles, Security, Machine LearningFormat: General SessionLevel: Introductory and overview

Friday

8:30 AM

Writing Secure APIs - A Look at the OWASP 2023 API Top 10 List

Presented by: Darylynn Ross
Time: Friday 8:30 AM - 9:30 AM

OWASP published a new API top 10 list in July of 2023. There are some old favorites hanging around (I'm looking at you Authentication) and some new comers like Server Side Request Forgery and Unrestricted Access to Sensitive Business Flows. This session will cover the new top 10 list and take a...

Room: NileTrack: SecurityTags: Programming Principles, Security, Code QualityFormat: General SessionLevel: Introductory and overview
11:00 AM

Practical Auth(entication|orization) for Developers

Presented by: Seth Petry-Johnson
Time: Friday 11:00 AM - 12:00 PM

It's never been easier to launch a website or expose services over HTTP. It's also never been easier to make rookie mistakes in the authentication of those services. This session is designed for the average developer/architect that's struggling to make sense of modern authentication options. You'll...

Room: NileTrack: SecurityTags: Programming Principles, SecurityFormat: General SessionLevel: Introductory and overview

Developing kids in tech - a retrospective

Presented by: Bill Sempf
Time: Friday 11:00 AM - 12:00 PM

Your humble speaker has spent the last eighteen years devising, researching, and implementing ways to get kids into tech. Between Scouting, advising friends, KidzMash, and my own Thing 1 and Thing 2, I have accumulated a rather dramatic list of ideas that do and do not work. Programming, social...

Room: Salon HTrack: Career DevelopmentTags: Python, Security, LeadershipFormat: General SessionLevel: Introductory and overview
12:15 PM

All your secrets are belong to us

Presented by: Callum Whyte
Time: Friday 12:15 PM - 1:15 PM

Admit it: we've all checked in an API key or password to a repo at some point... Oops... No one wants their secrets to accidentally leak, so this session is your essential refresher on secret management (and mismanagement!) for your applications and beyond! Let's explore the range of methods and...

Room: OrangeTrack: SecurityTags: .NET, Security, DevOpsFormat: General SessionLevel: Intermediate