Application Security Beyond the OWASP Top 10


Duration: 50 mins
Laura Bell
CEO, SafeStack

When we discuss application security, we focus around systems like the OWASP Top 10 vulnerabilities. These systems have guided our search for weakness for over a decade. For many development teams however, security can feel abstract, and these lists of vulnerabilities don't always link to modern development approaches or the systems we build. We understand the technical details of how the bugs work but we don't always see why they matter to our applications.

In this session we will look beyond the OWASP top 10 and discuss methods of development teams to find real contextual risks to their applications and organisations, moving beyond the bug type and into the world of threat and attack modelling.

Many people don't care about security. It's OK, don't worry! I'm not judging.

Security is the world of defense, of caution and of risk. Securing systems is hard and we don't have great solutions to the many challenges it poses. Security folk on the whole are the least exciting people to invite to your parties.

The time has come to change this.

So what if we accept that our systems can never be 100% secure and try to go fast? Really fast?

Can we weave security through our software development world in a way that protects us, detects issues quickly and actually helps us move at speed? Let me show you how security can look when it stops being about fear and starts being a tool for building the amazing systems of the future.

You may also be interested in

50 mins
Mental Bookmarks and the Fractal Nature of Success

Good discussions are supposed to diverge from their intended path. Free association is a feature, not a bug, and helps...

180 mins
Beyond Managing Your Manager

The deep-dive workshop presents why conflicts with your manager are inevitable based on differences in priorities and perspectives, and how...

180 mins
Design Principles for the Effective Developer

How many design patterns and principles can you name as developer? Are they important? Should we not rather focus on...

50 mins
Slowdown to Gain Speed: Technical practices that take time but save time

As a software development manager or a technical leader you are eager to remove impediments so your team can produce...

50 mins
Principles of Productive Software Developers

When working as a software developer, as well as in any other job, it’s important to be productive and to...

180 mins
Foundations of Tech Leadership

According to a CareerBuilder study, only 40% of new engineering leaders receive formal training when they become a boss for...