• Most recent
• Conferences
• For organizers
• The rig
• Buy me a Mate
• Search
• Fundraiser
• Twitter

• Dublin
• Amsterdam

OWASP Global AppSec Amsterdam

• 

  ►

  Opening Remarks
  - Global AppSec Crew
• 

  ►

  The House Is Built On Sand: Exploiting Hardware Glitches And Side Channels In Perfect Software
  - Herbert Bos
• 

  ►

  Attacking AWS: The Full Cyber Kill Chain
  - Pawel Rzepa
• 

  ►

  Controlled Mayhem With Cloud Native Security Pipelines
  - Ben Pick
• 

  ►

  Practical OWASP CRS In High Security Settings
  - Christian Folini
• 

  ►

  OWASP Based Threat Modelling: Creating A Feedback Model In An Agile Environment
  - Chaitanya Bhatt
• 

  ►

  Security Vulnerabilities Decomposition: Another Way To Look At Vulnerabilities
  - Katy Anton
• 

  ►

  The Zest Of ZAP: How Scripting In Our Favorite Tool Can Bridge The Gap Between Dev Teams And Security
  - Peter Hauschulz
• 

  ►

  Knative Security Pipelines
  - Spyros Gasteratos
• 

  ►

  WebAuthn: Strong Authentication vs Privacy vs Convenience
  - Suby Raman
• 

  ►

  Choosing The Right Static Code Analyzers Based On Hard Data
  - Chris Horn
• 

  ►

  OWASP SAMM2: Your Dynamic Software Security Journey
  - Sebastien Deleersnyder
• 

  ►

  Web Apps vs Blockchain DApps (Smart Contracts): Tools, Vulns And Standards
  - Damian Rusinek
• 

  ►

  Being Powerful While Powerless: Elevating Security By Leading Without Authority
  - Nathan Yee
• 

  ►

  Secure Agile Development According To SAMM
  - Rob Van Der Veer
• 

  ►

  Threat Modelling Stories From The Trenches
  - David Johannson and Andrew Lee-Thorp
• 

  ►

  The Now And The Future Of Malicious WebAssembly
  - Marius Musch
• 

  ►

  Mobile-Friendly Or Attacker-Friendly? A Large- Scale Security Evaluation Of Mobile-First Websites
  - Tom Van Goethem
• 

  ►

  Modern And Secure IAM For Modern Applications
  - Vinod Anandan
• 

  ►

  OWASP Docker Top 10
  - Dirk Wetter
• 

  ►

  Securing The Future
  - Mikko Hypponen
• 

  ►

  The Woman Who Squashed Terrorists: When An Embassy Gets Hacked
  - Chris Kubecka
• 

  ►

  Restricting The Scripts, You're To Blame, You Give CSP A Bad Name
  - Sebastian Roth and Ben Stock
• 

  ►

  SUSTO: Systematic Universal Security Testing Orchestration
  - Luis Saiz
• 

  ►

  Unlikely Allies: How HR Can Help Build A Security-First Culture
  - Alison Eastaway
• 

  ►

  Don't Trust The Locals: Evaluating And Mitigating The Insecurity Caused By Trusting Your Client-Side Storage
  - Ben Stock and Marius Steffens
• 

  ►

  How Do JavaScript Frameworks Impact The Security Of Applications?
  - Ksenia Peguero
• 

  ►

  Do Certain Types Of Developers Or Teams Write More Secure Code?
  - Anita Damico
• 

  ►

  HTTP Desync Attacks: Smashing Into The Cell Next Door
  - James Kettle
• 

  ►

  [In]secure Deserialization, And How [Not] To Do It
  - Alexei Kojenov
• 

  ►

  The Security We Need: Designing Usable IoT Security
  - Damilare D. Fagbemi
• 

  ►

  The State Of Credential Stuffing And The Future Of Account Takeovers
  - Jarrod Overson
• 

  ►

  No More Whack-A-Mole: How To Find And Prevent Entire Classes Of Security Vulnerabilities
  - Sam Lanning
• 

  ►

  ScriptProtect: Mitigating Unsafe Third-Party JavaScript Practices
  - Marius Musch and Martin Johns
• 
  Making The Web Secure, By Design ++
  - Glenn Ten Cate and Riccardo Ten Cate
• 

  ►

  Breaches Are Everywhere. What’s A Good Security Leader To Do?!
  - Richard Greenberg
• 

  ►

  Five Key Trends In Application Security
  - Ameya Talwalkar
• 

  ►

  How To Learn (And Teach) Hacking
  - Ruben Gonzalez
• 

  ►

  Fast Forwarding Mobile Security With The OWASP Mobile Security Testing Guide
  - Jeroen Willemsen
• 

  ►

  How I Could Have Stolen Your Photos From Google
  - Gergo Turcsanyi
• 

  ►

  An Infosec Timeline: Noteworthy Events From 1970 To 2050
  - Mario Heiderich
• 

  ►

  Closing Remarks
  - Global AppSec Crew