Sched.com Conference Mobile Apps
AppSec USA 2017 has ended
Create Your Own Event
AppSec USA 2017
Schedule
Simple
Expanded
Grid
By Venue
Speakers
Attendees
Search
or browse by date + venue
1-day training
2-day training
Activity
Breaker
Builder
Defender
Developer Summit
DevOpsSec
Exhibit
IOT/Mobile/Cloud
KeyNote
Members Lounge
Networking
Project Summit
All
Projects
Registration
Store
WASPY Awards
Popular
Sign up
or
log in
to bookmark your favorites and sync them to your phone or calendar.
menu
Menu
Log in
Sign up
Schedule
Speakers
Attendees
Search
tune
Filter sessions
Tuesday
, September 19
Acapulco
9:00am •
Hands-on Security in DevOps and Application Security Automation Workshop (1 of 2 days)
Baja
9:00am •
Whiteboard Hacking aka Hands-on Threat Modeling (1 of 2 days)
Cancun
9:00am •
Practical DevOps Security and Exploitation (1 of 2 days)
Coronado N&P
10:00am •
Developer Summit - Morning Session
2:00pm •
Developer Summit - Afternoon Session
Coronado Q&R
8:00am •
Project Summit and Project Reviews USA 2017
Fiesta 10
9:00am •
Hands On Hardened Web Service Development using ASP.NET (1 of 2 days)
Fiesta 7
9:00am •
Mobile App Attack (1 of 2 days)
Fiesta 8
9:00am •
Open Source Defensive Security (1 of 2 days)
Fiesta 9
9:00am •
Practical Hands-on Internet of Things Hacking - 2017 Edition (1 of 2 days)
Monterrey 2
6:00pm •
OWASP Board Meeting
North Registration
8:00am •
Registration
Wednesday
, September 20
Acapulco
9:00am •
Hands-on Security in DevOps and Application Security Automation Workshop (2 of 2 days)
Baja
9:00am •
Whiteboard Hacking aka Hands-on Threat Modeling (2 of 2 days)
Cancun
9:00am •
Practical DevOps Security and Exploitation (2 of 2 days)
6:30pm •
OWASP Leaders workshop
Coronado E
9:00am •
Advanced SQL Injection Exploitation (1-day)
Coronado F
9:00am •
Defensive Application Security Program (1 of 1 day)
Coronado G
9:00am •
AppSec Fundamentals (1 of 1 day)
Coronado N&P
9:00am •
Developer Summit Full Day Session
Coronado Q&R
9:00am •
Project Summit & Project Reviews USA 2017
Fiesta 10
9:00am •
Hands On Hardened Web Service Development using ASP.NET (1 of 2 days)
Fiesta 7
9:00am •
Mobile App Attack (2 of 2 days)
Fiesta 8
9:00am •
Open Source Defensive Security (2 of 2 days)
Fiesta 9
9:00am •
Practical Hands-on Internet of Things Hacking - 2017 Edition (2 of 2 days)
North Registration
8:00am •
Registration
Veracruz C
5:00pm •
OWASP Store
5:00pm •
Pre-Conference Reception
5:00pm •
Exhibit
Thursday
, September 21
Coronado H
10:30am •
Test Driven Security in the DevOps pipeline
11:30am •
Overcoming Mobile App Security Challenges with DevOps
1:30pm •
Making Vulnerability Management Less Painful with OWASP DefectDojo
2:30pm •
Juggling the Elephants – Making AppSec a Continuous Program
3:30pm •
WAFs FTW! A modern devops approach to security testing your WAF
Coronado J
10:30am •
Moving Fast and Securing Things
11:30am •
There’s a new sheriff in town; dynamic security group recommendations with Grouper and Dredge
1:30pm •
Leveraging the ASVS in the Secure SDLC
2:30pm •
Application Security “Built from Scratch”
3:30pm •
“Capture the Flag” for Developers: Upping your Training Game
Coronado K
10:30am •
Securing C code that seems to work just fine
11:30am •
Popular Approaches to Preventing Code Injection Attacks are Dangerously Wrong
1:30pm •
Measuring End-to-End Security Engineering
2:30pm •
Embedding GDPR into the SDLC
3:30pm •
DASTProxy: Don’t let your automated security testing program stall on crawl. Instead focus on business context.
Coronado L
9:00am •
Welcome Note
9:00am •
KeyNote - Discussion on Application Security: John Steven and Jim Manico will be discussing application security from a unique perspective.
10:30am •
An Investigation into the Differences Between Web Application Scanning Tools when Scanning for XSS and SQLi
11:30am •
Bug Bounty Programs: Successfully Controlling Complexity and Perpetual Temptation
1:30pm •
When Molehill Vulnerabilities Become Mountainous Exploits
2:30pm •
iGoat – A Self Learning Tool for iOS App Pentesting and Security
3:30pm •
Black-Box Approximate Taint Tracking by Utilizing Data Partitioning
5:00pm •
KeyNote - Runa A. Sandvik: Building a Culture of Security at The New York Times
6:00pm •
WASPY Award Ceremony
Coronado M&N
10:00am •
Capture the Flag
Coronado P&Q
10:00am •
Women in AppSec (WIA) Hangout room
Durango 1
10:00am •
OWASP Store
Epcot
6:45pm •
Conference Dinner
Fiesta 6
10:30am •
Federated Login CSRF
11:30am •
Top 10 Security Best Practices to secure your Microservices
1:30pm •
Leveraging Blockchain for Identity and Authentication in IoT is good for Security
2:30pm •
An Overview of API Underprotection
3:30pm •
Androsia: A tool for securing in memory sensitive data
North Registration
8:00am •
Registration
Veracruz B
12:30pm •
Lunch
Veracruz C
10:00am •
Exhibit
10:00am •
Morning Coffee Break
4:30pm •
Afternoon Coffee Break
Friday
, September 22
Coronado H
9:00am •
Building a Secure DevOps Pipeline
10:30am •
Monitoring Application Attack Surface and Integrating Security into DevOps Pipelines
11:30am •
Core Rule Set for the Masses
1:30pm •
DevSecOps is real - What we learned by matching our appsec testing to our continuous release cycles
2:30pm •
How to stop worring about application Container security
3:30pm •
Practical Dynamic Application Security Testing within an Enterprise
Coronado J
9:00am •
Cookie Security – Myths and Misconceptions
10:30am •
Supply Chain Anarchy – Trojaned Binaries in the Java Ecosystem
11:30am •
Handling of Security Requirements in Software Development Lifecycle
1:30pm •
Common Developer Crypto Mistakes (with illustrations in Java)
2:30pm •
Automating TLS Configuration Verification on the Back-End of the Web Application Stack
3:30pm •
Building Secure ASP.NET Core MVC Applications
Coronado K
9:00am •
What We Learned Remediating XSS in GitHub Open Source Projects
10:30am •
Where we’re going… we won’t need passwords…
11:30am •
Enhancing Physical Perimeter Defense Using SDR
1:30pm •
How to detect CSRF vulnerability, reliably?
2:30pm •
A Static Tainting Analysis Method for Aspect-Oriented Programs
3:30pm •
Beyond Takeover – Attacker’s in. Now what?
Coronado L
9:00am •
Passive Fingerprinting of HTTP/2 Clients
10:30am •
HUNT: Data Driven Web Hacking & Manual Testing
11:30am •
Friday the 13th: Attacking JSON
1:30pm •
ReproNow: Save time Reproducing and Triaging Security bugs
2:30pm •
NoSQL Is Not NoVulnerable
3:30pm •
Crafting the next-generation Man-in-the-Browser Trojan
5:00pm •
KeyNote - Tony UcedaVelez: Fixing Broken Enterprise Threat Models w/ OWASP Measures: Commissioning AppSec Professionals for Real Change
5:45pm •
Closing Note
Coronado M&N
9:00am •
Capture the Flag
Coronado P&Q
9:00am •
Women in AppSec (WIA) Hangout Room
Durango 1
10:00am •
OWASP Store
Durango 2
10:00am •
Members Lounge
Fiesta 6
9:00am •
This Old App, a guide to renovating apps for the cloud
10:30am •
R2-D2: ColoR-inspired Convolutional NeuRal Network (CNN)-based AndroiD Malware Detections
11:30am •
SPLC as a Service
1:30pm •
Beyond End-to-End Encryption: Threats Models For Secure Messaging
2:30pm •
How To Approach InfoSec Like a Fed(eral Auditor)
3:30pm •
An Agile Framework for Building GDPR Privacy and Data Protection Requirements into SDLC
North Registration
8:00am •
Registration
Veracruz B
12:30pm •
Lunch
Veracruz C
10:00am •
Morning Coffee Break
10:00am •
Exhibit
4:30pm •
Afternoon Coffee Break
4:30pm •
Passport Program Raffle
Timezone
AppSec USA 2017
America/New York
Filter By Date
AppSec USA 2017
Sep 19
-
22, 2017
Tuesday
, September 19
Wednesday
, September 20
Thursday
, September 21
Friday
, September 22
Filter By Venue
Venues
Sort schedule by Venue
Acapulco
Baja
Cancun
Coronado E
Coronado F
Coronado G
Coronado H
Coronado J
Coronado K
Coronado L
Coronado M&N
Coronado N&P
Coronado P&Q
Coronado Q&R
Durango 1
Durango 2
Epcot
Fiesta 10
Fiesta 6
Fiesta 7
Fiesta 8
Fiesta 9
Monterrey 2
North Registration
Veracruz B
Veracruz C
Filter By Type
1-day training
2-day training
Activity
Breaker
Builder
Defender
Developer Summit
DevOpsSec
Exhibit
IOT/Mobile/Cloud
KeyNote
Members Lounge
Networking
Project Summit
All
Projects
Registration
Store
WASPY Awards
Popular
Recently Active Attendees
R
rimmfus
G
godddrav
G
gosurani
D
DJRoderick
P
PedroNN
V
VFGonzalo
R
RNS_MO
R
RodneyMY
More →
Filter sessions
Apply filters to sessions.
close
Dates
Tuesday
, September 19
Wednesday
, September 20
Thursday
, September 21
Friday
, September 22
Types
1-day training
2-day training
Activity
Breaker
Builder
Defender
Developer Summit
DevOpsSec
Exhibit
IOT/Mobile/Cloud
KeyNote
Members Lounge
Networking
Project Summit
All
Projects
Registration
Store
WASPY Awards
Venues
Acapulco
Baja
Cancun
Coronado E
Coronado F
Coronado G
Coronado H
Coronado J
Coronado K
Coronado L
Coronado M&N
Coronado N&P
Coronado P&Q
Coronado Q&R
Durango 1
Durango 2
Epcot
Fiesta 10
Fiesta 6
Fiesta 7
Fiesta 8
Fiesta 9
Monterrey 2
North Registration
Veracruz B
Veracruz C