Conference Schedule - 12-13 February
AppSec New Zealand Conference 2021
**Presentation abstracts and speaker biographies can be found on this page.
Friday, 12 February 2021
| 08:00 | Registration Opens - Main Foyer, Owen G. Glenn Building | ||
| 09:15 |
Welcome to AppSec New Zealand Conference 2021
John DiLeo (Conference Chair), Kim Carter, and Kirk Jackson - OWASP New Zealand Chapter Leaders Lech Janczewski (Conference Host) - Associate Professor, Univ. of Auckland Video (YouTube, 37:55) |
||
|
Upstairs Auditorium (Room 115)
Track One |
Downstairs Auditorium (Room 098)
Track Two |
||
| 10:00 |
Use the OWASP Threat Modeling Playbook to Improve Your Product Security (Remote Presentation) Sebastien (Seba) Deleersnyder - Toreon |
10:00 |
A Hacker's View of DoS Attacks
Dave Robinson - ZX Security |
| 10:35 |
"Better than Guessing": The Efficacy and Accuracy of SAST and SCA Tools
Raafey Khan - Datacom |
10:35 |
Bug Hunting with Static Analysis Tools
Moss Lilley - Xero |
| 11:10 |
Grow Your Own Security Cha-Cha-Champion
Toni James - SafeStack Academy |
11:10 |
Fuzzing: An Introduction to Fuzzing and How It Relates to App Security
Seth Berger - GitLab |
| 11:45 |
DDoS: How can something so cheap be so expensive?
Jerome Van Rooijen - RedShield |
11:45 |
XXE: Why It's Still in the Top 10
Sam Shute - Quantum Security |
| 12:15 | Break for Lunch - On Your Own | ||
| 13:30 |
Leveraging OWASP Projects and Tools in Your AppSec Program
John DiLeo - Datacom |
13:30 |
Going Above and Beyond
Karan Sharma |
| 14:25 |
OWASP SAMM: Status and Roadmap (Remote Presentation) John Ellingsworth - OWASP SAMM Project |
14:25 |
Building purpleteam (a Security Regression Testing SaaS): From PoC to Alpha
Kim Carter - BinaryMist |
| 14:55 | Break for Afternoon Tea - Coffee/Tea Service Provided | ||
| 15:25 |
Making Your Information Security Policy Useful
Stephen Coates - Aura Information Security |
15:25 |
Authorised Is Not a Yes/No Question (Remote Presentation) Ben Dechrai - Auth0 |
| 16:20 |
Taking a Preventative Human-Led Approach to Software Security and Embedding It into the Developer's DNA (Remote Presentation) Jaap Karan Singh - Secure Code Warrior |
16:20 |
Payment Gateways: The Most Dangerous Game
Stephen Morgan - Datacom |
| 16:55 |
Wrap-Up - Day 1
Evening Activities - On Your Own |
||
Saturday, 13 February 2021
| 08:00 |
Registration Opens - Main Foyer, Owen G. Glenn Building Coffee and and tea service available in both foyers |
||
| 09:15 | Welcome to Day 2 | ||
|
Upstairs Auditorium (Room 115)
Track One |
Downstairs Auditorium (Room 098)
Track Two |
||
| 09:45 |
The Incident Response Plan that Saved Christmas
Petra Smith - Aura Information Security |
09:45 |
An Exploration of the Ethical Issues with Gamification of Information Security Awareness Training
Conor Fitzgerald - Quantum Security |
| 10:20 |
Using an Agreed Scale of Business Harm to End Security Arguments
Stephen Coates - Aura Information Security |
10:20 |
Blame the Virus
Sera |
| 10:55 |
How to Run an AppSec Program in an Agile Environment (Remote Presentation) Mert Can Coşkuner |
10:55 |
Let's Talk about Mental Well-Being in the Community
Hugh Davenport and Daniel Spector |
| 11:30 |
Web Apps: Hardening Too Hard?
Nick Lauder - Quantum Security |
11:30 |
Vulnerability Management 101 with DefectDojo
Rohit Sharma - Medical IT Advisors |
| 11:55 |
The Five Stages of Security Grief: A Humorous Look at How We Can Help People Navigate the Realities of Information Security
Phil Howie - Onwardly |
||
| 12:15 | Break for Lunch - On Your Own | ||
| 13:30 |
Your Browser Wants You to Be Secure
Kirk Jackson - RedShield |
13:30 |
Building Better Security for Your API Platform using Azure API Management (Remote Presentation) Eldert Grootenboer - Motion10 |
| 14:25 |
Are Your CI/CD Pipelines Secure? (Remote Presentation) Angel Rivera - CircleCI |
14:25 |
Federated Logins with Oauth 2, OpenID Connect, and JWTs
Matt (TC) Cotterell - ZX Security |
| 14:55 | Break for Afternoon Tea - Coffee/Tea Service Provided | ||
| 15:25 |
Red vs. Blue: Which Grass Is Greener?
Kate Pearce and Chloe Ashford - Trade Me |
15:25 |
Service Mess to Service Mesh (Remote Presentation) Rob Richardson |
| 16:00 |
Zero to OSCP
Moss Lilley - Xero |
16:00 |
Camera Obscura
Tom Isaacson |
| 16:35 |
Wrap Up - Closing Remarks, Recognition, Prize Giving
Video (YouTube, 24:21) Post-Conference: Time to go out and socialise, for those interested |
||