Tracks

Here is the current (under construction) schedule for the tracks

By Tracks

Monday Tuesday Wednesday Thursday Friday
Misc
OWASP Juice Shop
OWASP MSTG
OWASP Projects
Onboarding and Training
Wardley Maps
OWASP Juice Shop
OWASP MSTG
OWASP SAMM
Wardley Maps
DevSecOps
Misc
OWASP Juice Shop
OWASP MSTG
OWASP Projects
OWASP SAMM
Threat Model
Wardley Maps
DevSecOps
OWASP Juice Shop
OWASP MSTG
OWASP SAMM
Threat Model
Misc
OWASP MSTG
OWASP Projects

By Sessions

DevSecOps

when day Wed,Thu
description Sessions focusing on the DevSecOps tools and techniques to embed security as part of CI/CD pipelines
organizers Dominik de Smit Dominik de Smit


Total sessions for this track: 13

Monday Tuesday Wednesday Thursday Friday
AM-1
10:30 - 12:30
Agile Practices for Security Teams
Larch room
Dealing with DevSecOps Findings
Maulden room
Integrating Security Tools in the SDL
Maulden room
PM-1
13:30 - 15:00
Creating Appsec metrics and visualisation
Maulden room
Secrets Management
Maulden room
Time slot over-subscribed
From Threat Modeling to DevSecOps metrics
Montague room
Integrating Security Tools in the SDL
Maulden room
Writing security tests to confirm vulnerabilities and fixes
Pedley room
PM-2
15:30 - 16:30
DevSecOps Maturity Model (DSOMM)
Maulden room
Dealing with DevSecOps Findings
Maulden room
Securing the CI Pipeline
Maulden room
PM-3
16:30 - 18:00
DevSecOps Maturity Model (DSOMM)
Maulden room
Dealing with DevSecOps Findings
Maulden room
Securing the CI Pipeline
Maulden room
Eve-1
19:30 - 21:00
Creating a Security Champions network
Dinner Villa
Sessions not mapped to any day or time

(back to all track's schedule)

Misc

when day Mon,Wed,Fri
description Sessions on multiple topics
organizers


Total sessions for this track: 17

Monday Tuesday Wednesday Thursday Friday
AM-1
10:30 - 12:30
Ask me anything (AMA) on GDPR
Maulden room
Security Challenges - Analyse others
Time slot over-subscribed
Emotional/Multiple Intelligence
Portland room
Real world Chaos Engineering
Montague room
Security Challenges - Next step
Larch room
PM-1
13:30 - 15:00
Introduction to Cynefin Framework
Portland room
Customising the Chaos Engineering Toolkit
Maulden room
DS-3
15:00 - 15:30
Time slot over-subscribed
Scaling API Security
Larch room
Securing Kubernete's hosted APIs
Maulden room
Third Party Due Diligence
Pedley room
PM-2
15:30 - 16:30
Security Challenges - An Introduction
Portland room
PM-3
16:30 - 18:00
Security Challenges - Analysis, Analogies
Portland room
Using Cynefin Framework making strategic security decisions
Portland room
Cyber Risk Modeling
Montague room
Eve-1
19:30 - 21:00
OWASP community-docs
virtual-1
Sessions not mapped to any day or time

(back to all track's schedule)

OWASP Juice Shop

when day Mon,Tue,Wed,Thu
description Sessions focusing on OWASP Juice Shop
organizers Bjoern Kimminich Bjoern Kimminich


Total sessions for this track: 11

Monday Tuesday Wednesday Thursday Friday
AM-1
10:30 - 12:30
Juice Shop 101
Montague room
Juice Shop Challenge Refactoring
Montague room
PM-1
13:30 - 15:00
Juice Shop Contributor Onboarding
Montague room
Eve-1
19:30 - 21:00
Juice Shop Hack'n'Code (Mon)
174 - Juice Shop villa
Juice Shop Hack'n'Code (Tue)
174 - Juice Shop villa
Juice Shop Hack'n'Code (Wed)
174 - Juice Shop villa
Juice Shop Release Night
174 - Juice Shop villa
Eve-2
21:00 - 23:00
Juice Shop Hack'n'Code (Mon)
174 - Juice Shop villa
Juice Shop Hack'n'Code (Tue)
174 - Juice Shop villa
Juice Shop Hack'n'Code (Wed)
174 - Juice Shop villa
Juice Shop Release Night
174 - Juice Shop villa
Sessions not mapped to any day or time

(back to all track's schedule)

OWASP MSTG

when day Mon, Tue, Wed, Thu, Fri
description Sessions focusing on the OWASP MSTG project.
organizers Jeroen Willemsen Jeroen Willemsen , Carlos Holguera Carlos Holguera , Sven Schleier Sven Schleier , Jeroen Beckers Jeroen Beckers


Total sessions for this track: 22

Monday Tuesday Wednesday Thursday Friday
AM-1
10:30 - 12:30
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Tue)
Pedley room
Mobile Basic Security Testing and Reverse Engineering (Tue)
Pedley room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Wed)
708 - MSTG villa
Mobile Security Testing Guide onboarding (Session 2)
Pedley room
OWASP Mobile Security Testing Guide 101 (Session 2)
Pedley room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu)
708 - MSTG villa
Creating an iOS build pipeline with security checks
Pedley room
Mobile Basic Security Testing and Reverse Engineering (Thu)
708 - MSTG villa
Android and iOS Security Enhancements and Crackme Apps (Fri)
Pedley room
DS-2
12:30 - 13:30
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Mon)
Maulden room
Mobile Basic Security Testing and Reverse Engineering (Mon)
Maulden room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Tue)
Pedley room
Mobile Basic Security Testing and Reverse Engineering (Tue)
Pedley room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Wed)
708 - MSTG villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Thu)
708 - MSTG villa
Android and iOS Security Enhancements and Crackme Apps (Fri)
Pedley room
PM-1
13:30 - 15:00
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Mon)
Maulden room
Mobile AppSec Verification Standard (MASVS)
Maulden room
Mobile Basic Security Testing and Reverse Engineering (Mon)
Maulden room
Mobile Security Testing Guide onboarding
Maulden room
OWASP Mobile Security Testing Guide 101
Maulden room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Tue)
Pedley room
Mobile Basic Security Testing and Reverse Engineering (Tue)
Pedley room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Wed)
708 - MSTG villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Thu)
708 - MSTG villa
Android and iOS Security Enhancements and Crackme Apps (Fri)
Pedley room
PM-2
15:30 - 16:30
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Mon)
Maulden room
Mobile AppSec Verification Standard (MASVS)
Maulden room
Mobile Basic Security Testing and Reverse Engineering (Mon)
Maulden room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Tue)
Pedley room
Mobile Basic Security Testing and Reverse Engineering (Tue)
Pedley room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Wed)
708 - MSTG villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Thu)
708 - MSTG villa
Android and iOS Security Enhancements and Crackme Apps (Fri)
Pedley room
PM-3
16:30 - 18:00
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Mon)
Maulden room
Mobile AppSec Verification Standard (MASVS)
Maulden room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Tue)
Pedley room
Mobile Basic Security Testing and Reverse Engineering (Tue)
Pedley room
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Wed)
708 - MSTG villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Thu)
708 - MSTG villa
Eve-1
19:30 - 21:00
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Mon Eve)
708 - MSTG villa
Mobile AppSec Verification Standard (MASVS) (Evening)
178 - Sessions 1 villa
Mobile Basic Security Testing and Reverse Engineering (Mon Evening)
179 - Sessions 2 villa
Mobile Basic Security Testing and Reverse Engineering (Tue Evening)
180 - Dinner Villa villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed Eve)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Evening Session)
708 - MSTG villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu Eve)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Evening Session)
708 - MSTG villa
Eve-2
21:00 - 23:00
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Mon Eve)
708 - MSTG villa
Mobile AppSec Verification Standard (MASVS) (Evening)
178 - Sessions 1 villa
Mobile Basic Security Testing and Reverse Engineering (Mon Evening)
179 - Sessions 2 villa
Mobile Basic Security Testing and Reverse Engineering (Tue Evening)
180 - Dinner Villa villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Wed Eve)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Evening Session)
708 - MSTG villa
Time slot over-subscribed
Android and iOS Security Enhancements and Crackme Apps (Thu Eve)
708 - MSTG villa
Mobile Basic Security Testing and Reverse Engineering (Evening Session)
708 - MSTG villa

(back to all track's schedule)

OWASP Projects

when day Mon,Wed,Fri
description Sessions on multiple OWASP Projects
organizers


Total sessions for this track: 9

Monday Tuesday Wednesday Thursday Friday
AM-1
10:30 - 12:30
ZAP working session - automation
Portland room
ZAP working session - future plans
Portland room
PM-1
13:30 - 15:00
ZAP working session - the HUD
Portland room
Application Security Verification Standard
178 - Sessions 1 villa
PM-2
15:30 - 16:30
OWASP Application Security Curriculum Project
Montague room
OWASP HoneyPot
158 - Villa 158 villa
Eve-1
19:30 - 21:00
OWASP Media Project
virtual-2
Sessions not mapped to any day or time

(back to all track's schedule)

OWASP SAMM

when day Tue,Wed,Thu
description SAMM team working together in a 5-day sprint on SAMMv2
organizers Sebastien Deleersnyder Sebastien Deleersnyder , Bart De Win Bart De Win


Total sessions for this track: 38

Monday Tuesday Wednesday Thursday Friday
AM-1
10:30 - 12:30
SAMM - Editing agreements and parallel editing
Kings room
SAMM - SAMM documents and parallel editing (Wed AM)
Kings room
SAMM - Parallel editing (Thu AM)
Kings room
SAMM - Tooling
Kings room
DS-2
12:30 - 13:30
SAMM - Outreach program (Mon)
Kings room
SAMM - Outreach program (Tue)
Kings room
SAMM - Alignment with other OWASP projects (Wed)
Kings room
SAMM - Alignment with other OWASP projects (Thu)
Kings room
SAMM - Alignment with other OWASP projects (Fri)
Kings room
PM-1
13:30 - 15:00
SAMM user session - Introduction
Kings room
SAMM - Parallel editing (Tue)
Kings room
SAMM - Parallel editing (Wed PM)
Kings room
SAMM - Parallel editing (Thu PM)
Kings room
SAMM - Any Other Business
Kings room
PM-2
15:30 - 16:30
SAMM user session - Round-table
Kings room
SAMM - Model discussions (Tue)
Kings room
SAMM - Model discussions (Wed)
Kings room
SAMM - Alignment with Threat Modeling
Kings room
SAMM - Planning and Roadmap
Kings room
PM-3
16:30 - 18:00
SAMM - Measurement model (Mon PM)
Kings room
SAMM - Outreach wrap-up
Kings room
Time slot over-subscribed
Mapping OWASP DevSecOps Maturity Model to SAMMv2
Kings room
SAMM - DevOps guidance
Kings room
SAMM - SAMM benchmarking and tooling
Kings room
Eve-1
19:30 - 21:00
SAMM - Measurement model (Mon EV)
157 - SAMM villa
SAMM - Model Challenges (Tue)
157 - SAMM villa
SAMM - Model Challenges (Wed)
157 - SAMM villa
SAMM - Agile guidance
157 - SAMM villa
Sessions not mapped to any day or time

(back to all track's schedule)

Onboarding and Training

when day Mon
description Onboarding and Training sessions
organizers


Total sessions for this track: 19

Monday Tuesday Wednesday Thursday Friday
ST-2
9:00 - 10:00
Threat Modeling Training (Thu)
Larch room

(back to all track's schedule)

Threat Model

when day Wed,Thu
description Sessions focusing on Threat Modeling
organizers


Total sessions for this track: 24

Monday Tuesday Wednesday Thursday Friday
AM-1
10:30 - 12:30
State and future of threat modeling
Larch room
Towards a unified way of describing threat models
Larch room
PM-1
13:30 - 15:00
TM track introduction
Larch room
Time slot over-subscribed
Creating a generic diagram of a threat model
Larch room
How do we persist the information from the TM Slack channel?
Larch room
Automated Threat Hunting Project Collaboration
Larch room
Incremental Threat Modeling
Larch room
PM-2
15:30 - 16:30
Lightweight privacy threat modeling using LINDDUN
Larch room
TM maturity
Larch room
Threat pattern libraries
Larch room
SAMMv2 - Threat Modeling
Larch room
PM-3
16:30 - 18:00
Lightweight privacy threat modeling using LINDDUN Part II
Larch room
Threat Model Cookbook Project (Part 1)
Larch room
Threat Model Cookbook Project (Part 2)
Larch room
Track closure
Larch room
Sessions not mapped to any day or time

(back to all track's schedule)

Wardley Maps

when day Mon,Tue,Wed
description Sessions focusing on the use of Wardley Maps in Security
organizers Pending


Total sessions for this track: 12

Monday Tuesday Wednesday Thursday Friday
AM-1
10:30 - 12:30
Mapping boot camp
Portland room
PM-1
13:30 - 15:00
Introduction to Wardley Maps
Portland room
Wardley Maps for Security
Montague room
Cell based Structures for Security
Portland room
DS-3
15:00 - 15:30
Talking security risk to business - practical games to learn through failure
Portland room
PM-2
15:30 - 16:30
Using Wardley Maps and Cynefin for Security
Portland room
Wardley Mapping - Climatic Patterns and Using Doctrine
Portland room
PM-3
16:30 - 18:00
Hand's on Wardley Maps creation
Portland room
Using Wardley Maps on SOC
Montague room
Wardley Mapping - Coordinating functions within a PST organisation
Portland room
Sessions not mapped to any day or time

(back to all track's schedule)