Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
Download
27677 views
Tweet
Share
Share
---
draft : false
title : "Suggestions for Working Sessions"
year : 2019

banner      : ""
images      : ""
author      : Harrie Bickle 
notes : 
- starting point is the 2017 OSS list
---

What should we work on?

The OSS philosophy is one of participant-driven focus. So it is up to you to shape your conference to target your greatest needs. There is a whole world of ideas, let's start sharing them, prioritising them and turning them into working sessions with clear objectives.

Working Session ideas

Agile AppSec

  • Agile Practices for Security Teams

  • Define Agile Security Practices

  • Integrating Security into a Portfolio Kanban

  • Integrating Security into a Sales Channel

  • Integrating Security into an Spotify Model

  • Security Champions

  • Security Guild vs Security Champions

  • Using Security Risks to Measure Agile Practices

  • InfoSec Warranties and Guarantees

  • Mobilising Business Lines for Security

  • SAMM Metrics for Enterprise

  • The future of privacy

  • Women in Cyber

CISO

  • Application Security Guide for CISO

  • AppSec Article 5 Collective Defence Agreement

  • AppSec for CISOs

  • CISO Round Table

  • CISO Survey

  • Cyber Insurance

  • GDRP DPO and AppSec

  • Growing the AppSec Industry

DevSecOps

  • AppSec SoC Monitoring Visualisation

  • BDD for Cloud Security

  • Docker Security

  • ELK Security Dashboards

  • Integrating Security Tools in SDL

  • JIRA Risk Workflow

  • Netflix Security Automation

  • Node Security Round Table

  • Real Time SAST Engine Architecture

  • Review Docker Security Workshop

  • Securing GitHub Integrations

  • Securing Legacy Applications

  • Securing the CI Pipeline

  • Security Guidance and Feedback in IDE

  • SRE Security Activities

  • Threat Vulnerability Management

  • WAF best practices

  • Writing Security Tests

Education

  • AppSec BSc Masters Curriculum Design

  • Creating AppSec Talent

  • Creating AppSec Teams

  • CTFs

  • Cyber Security Economics

  • Hackathon Beyond OWASP Top Ten

  • Recruiting AppSec Talent

  • Security Book Club

  • Software Defined Everything (SDx)

  • Teaching Attacker Perspective to Developers

IOT

  • GSMA IoT Security Guidelines

  • Internet of Things Project

  • Security Architecture Recommendations for IoT

  • TLS for Local IoT

Juice Shop

  • Juice Shop Brainstorming

  • Juice Shop Coding Day

  • Juice Shop Coding Night

  • Juice Shop Release

Mobile Sec

  • MSTG

  • MSTG 01

  • MSTG 02

  • MSTG 03

  • MSTG 04

  • MSTG 05

Research

  • BeyondCorp for internal Web Applications

  • Future of .Net Containers

  • GraphQL Security Review

  • LANGSEC Language theoretic Security

  • Protobuf for Data Validation Between Services

  • Security Labels

  • Using ML and AI to detect attacks

Playbook Sec

  • AppSec Review and Pentest Playbook

  • Bug Bounty Playbook

  • Create Jira Workflows for Security Playbooks

  • DoS Playbook

  • Due Diligence Playbook

  • Incident Response Playbook

  • Media Handling Playbook

  • Playbooks Common Format

  • Playbooks vs Handbooks

  • Ransomware Playbook

  • Security Monitoring Playbooks

  • Security Playbooks Diagrams

Other Ideas

  • AppSec Job Fair

  • Cross Company Hackathons

  • Crowdsourcing Security Knowledge

  • Hackathon Daily Sessions

  • Internal Bug Bounties Programmes

  • Lessons learned from public bug bounties programmes

  • OWASP Bug Bounty

  • OWASP Top Ten

  • Responsible disclosure

  • GDPR

  • Java

  • Node

  • SAST

  • SOC

  • TLS