Tuesday

No Sessions

Wednesday

No Sessions

Thursday

8:00 AM

Securing Your Software Supply Chain One Open Source Project at a Time

Presented by: Lori Lorusso
Time: Thursday 8:00 AM - 9:00 AM

Delivering software fast is one piece of the CI/CD puzzle, but delivering it securely is the glue that keeps your puzzle from falling apart. Software supply chain attacks are on the rise with security exploits directly targeting open source projects, central repositories, and software package...

Room: Salon ATrack: SecurityTags: Security, DevOps, CI/CDFormat: General SessionLevel: Introductory and overview
1:00 PM

Building Relationships for Better Security

Presented by: Darylynn Ross
Time: Thursday 1:00 PM - 2:00 PM

It's 2024 and software engineering teams and security teams are still struggling to figure out how we can all just get along. Engineering teams are commonly frustrated and annoyed at all the extraneous stuff security wants them to do. And security teams are commonly frustrated with the lack of...

Room: Salon BTrack: SecurityTags: Security, Soft Skills, LeadershipFormat: General SessionLevel: Introductory and overview
4:45 PM

What Does Security Look Like When Building AI?

Presented by: Robert Herbig
Time: Thursday 4:45 PM - 5:45 PM

Anyone who is working with AI or considering doing so should care about security. When considering building an AI-powered system or product, the traditional attack surfaces and mitigations still apply. However, new attack surfaces can be present depending on the specific AI approaches used. In...

Room: Salon ETrack: SecurityTags: Programming Principles, Security, Machine LearningFormat: General SessionLevel: Introductory and overview

Friday

8:30 AM

Writing Secure APIs - A Look at the OWASP 2023 API Top 10 List

Presented by: Darylynn Ross
Time: Friday 8:30 AM - 9:30 AM

OWASP published a new API top 10 list in July of 2023. There are some old favorites hanging around (I'm looking at you Authentication) and some new comers like Server Side Request Forgery and Unrestricted Access to Sensitive Business Flows. This session will cover the new top 10 list and take a...

Room: NileTrack: SecurityTags: Programming Principles, Security, Code QualityFormat: General SessionLevel: Introductory and overview
11:00 AM

Practical Auth(entication|orization) for Developers

Presented by: Seth Petry-Johnson
Time: Friday 11:00 AM - 12:00 PM

It's never been easier to launch a website or expose services over HTTP. It's also never been easier to make rookie mistakes in the authentication of those services. This session is designed for the average developer/architect that's struggling to make sense of modern authentication options. You'll...

Room: NileTrack: SecurityTags: Programming Principles, SecurityFormat: General SessionLevel: Introductory and overview