Loading…
AppSec USA 2017 has ended
avatar for Todd Grotenhuis

Todd Grotenhuis

Director of Information Security
Indianapolis, Indiana Area
Websitetodd.grotenhuis.info/tag/security
security strategy, security consulting, security testing
Wednesday, September 20
 

5:00pm EDT

Pre-Conference Reception Veracruz C
 
Thursday, September 21
 

8:00am EDT

Registration North Registration

9:00am EDT

Welcome Note Coronado L KeyNote - Discussion on Application Security: John Steven and Jim Manico will be discussing application security from a unique perspective. Coronado L

10:00am EDT

Morning Coffee Break Veracruz C

10:30am EDT

Moving Fast and Securing Things Coronado J Test Driven Security in the DevOps pipeline Coronado H

11:30am EDT

Bug Bounty Programs: Successfully Controlling Complexity and Perpetual Temptation Coronado L There’s a new sheriff in town; dynamic security group recommendations with Grouper and Dredge Coronado J Popular Approaches to Preventing Code Injection Attacks are Dangerously Wrong Coronado K Top 10 Security Best Practices to secure your Microservices Fiesta 6

12:30pm EDT

Lunch Veracruz B

1:30pm EDT

When Molehill Vulnerabilities Become Mountainous Exploits Coronado L Leveraging the ASVS in the Secure SDLC Coronado J Measuring End-to-End Security Engineering Coronado K Making Vulnerability Management Less Painful with OWASP DefectDojo Coronado H

2:30pm EDT

Application Security “Built from Scratch” Coronado J Embedding GDPR into the SDLC Coronado K Juggling the Elephants – Making AppSec a Continuous Program Coronado H

3:30pm EDT

“Capture the Flag” for Developers: Upping your Training Game Coronado J DASTProxy: Don’t let your automated security testing program stall on crawl. Instead focus on business context. Coronado K

4:30pm EDT

Afternoon Coffee Break Veracruz C

5:00pm EDT

KeyNote - Runa A. Sandvik: Building a Culture of Security at The New York Times Coronado L

6:00pm EDT

WASPY Award Ceremony Coronado L

6:45pm EDT

Conference Dinner Epcot
 
Friday, September 22
 

9:00am EDT

What We Learned Remediating XSS in GitHub Open Source Projects Coronado K Building a Secure DevOps Pipeline Coronado H This Old App, a guide to renovating apps for the cloud Fiesta 6

10:00am EDT

Morning Coffee Break Veracruz C

10:30am EDT

HUNT: Data Driven Web Hacking & Manual Testing Coronado L Where we’re going… we won’t need passwords… Coronado K Monitoring Application Attack Surface and Integrating Security into DevOps Pipelines Coronado H

11:30am EDT

Handling of Security Requirements in Software Development Lifecycle Coronado J Enhancing Physical Perimeter Defense Using SDR Coronado K Core Rule Set for the Masses Coronado H SPLC as a Service Fiesta 6

12:30pm EDT

Lunch Veracruz B

1:30pm EDT

ReproNow: Save time Reproducing and Triaging Security bugs Coronado L How to detect CSRF vulnerability, reliably? Coronado K DevSecOps is real - What we learned by matching our appsec testing to our continuous release cycles Coronado H Beyond End-to-End Encryption: Threats Models For Secure Messaging Fiesta 6

2:30pm EDT

Automating TLS Configuration Verification on the Back-End of the Web Application Stack Coronado J A Static Tainting Analysis Method for Aspect-Oriented Programs Coronado K How to stop worring about application Container security Coronado H

3:30pm EDT

Practical Dynamic Application Security Testing within an Enterprise Coronado H An Agile Framework for Building GDPR Privacy and Data Protection Requirements into SDLC Fiesta 6

4:30pm EDT

Passport Program Raffle Veracruz C Afternoon Coffee Break Veracruz C

5:00pm EDT

KeyNote - Tony UcedaVelez: Fixing Broken Enterprise Threat Models w/ OWASP Measures: Commissioning AppSec Professionals for Real Change Coronado L

5:45pm EDT

Closing Note Coronado L