Web Banner
Back to Conference Home Page

Conference Schedule - 12-13 February

AppSec New Zealand Conference 2021

**Presentation abstracts and speaker biographies can be found on this page.

Friday, 12 February 2021

08:00 Registration Opens - Main Foyer, Owen G. Glenn Building
09:15 Welcome to AppSec New Zealand Conference 2021
John DiLeo (Conference Chair), Kim Carter, and Kirk Jackson - OWASP New Zealand Chapter Leaders
Lech Janczewski (Conference Host) - Associate Professor, Univ. of Auckland

Video (YouTube, 37:55)
  Upstairs Auditorium (Room 115)
Track One
  Downstairs Auditorium (Room 098)
Track Two
10:00 Use the OWASP Threat Modeling Playbook to Improve Your Product Security
(Remote Presentation)
Sebastien (Seba) Deleersnyder - Toreon
10:00 A Hacker's View of DoS Attacks
Dave Robinson - ZX Security
10:35 "Better than Guessing": The Efficacy and Accuracy of SAST and SCA Tools
Raafey Khan - Datacom
10:35 Bug Hunting with Static Analysis Tools
Moss Lilley - Xero
11:10 Grow Your Own Security Cha-Cha-Champion
Toni James - SafeStack Academy
11:10 Fuzzing: An Introduction to Fuzzing and How It Relates to App Security
Seth Berger - GitLab
11:45 DDoS: How can something so cheap be so expensive?
Jerome Van Rooijen - RedShield
11:45 XXE: Why It's Still in the Top 10
Sam Shute - Quantum Security
12:15 Break for Lunch - On Your Own
13:30 Leveraging OWASP Projects and Tools in Your AppSec Program
John DiLeo - Datacom
13:30 Going Above and Beyond
Karan Sharma
14:25 OWASP SAMM: Status and Roadmap
(Remote Presentation)
John Ellingsworth - OWASP SAMM Project
14:25 Building purpleteam (a Security Regression Testing SaaS): From PoC to Alpha
Kim Carter - BinaryMist
14:55 Break for Afternoon Tea - Coffee/Tea Service Provided
15:25 Making Your Information Security Policy Useful
Stephen Coates - Aura Information Security
15:25 Authorised Is Not a Yes/No Question
(Remote Presentation)
Ben Dechrai - Auth0
16:20 Taking a Preventative Human-Led Approach to Software Security and Embedding It into the Developer's DNA
(Remote Presentation)
Jaap Karan Singh - Secure Code Warrior
16:20 Payment Gateways: The Most Dangerous Game
Stephen Morgan - Datacom
16:55 Wrap-Up - Day 1
Evening Activities - On Your Own

Saturday, 13 February 2021

08:00 Registration Opens - Main Foyer, Owen G. Glenn Building
Coffee and and tea service available in both foyers
09:15 Welcome to Day 2
  Upstairs Auditorium (Room 115)
Track One
  Downstairs Auditorium (Room 098)
Track Two
09:45 The Incident Response Plan that Saved Christmas
Petra Smith - Aura Information Security
09:45 An Exploration of the Ethical Issues with Gamification of Information Security Awareness Training
Conor Fitzgerald - Quantum Security
10:20 Using an Agreed Scale of Business Harm to End Security Arguments
Stephen Coates - Aura Information Security
10:20 Blame the Virus
10:55 How to Run an AppSec Program in an Agile Environment
(Remote Presentation)
Mert Can Coşkuner
10:55 Let's Talk about Mental Well-Being in the Community
Hugh Davenport and Daniel Spector
11:30 Web Apps: Hardening Too Hard?
Nick Lauder - Quantum Security
11:30 Vulnerability Management 101 with DefectDojo
Rohit Sharma - Medical IT Advisors
11:55 The Five Stages of Security Grief: A Humorous Look at How We Can Help People Navigate the Realities of Information Security
Phil Howie - Onwardly
12:15 Break for Lunch - On Your Own
13:30 Your Browser Wants You to Be Secure
Kirk Jackson - RedShield
13:30 Building Better Security for Your API Platform using Azure API Management
(Remote Presentation)
Eldert Grootenboer - Motion10
14:25 Are Your CI/CD Pipelines Secure?
(Remote Presentation)
Angel Rivera - CircleCI
14:25 Federated Logins with Oauth 2, OpenID Connect, and JWTs
Matt (TC) Cotterell - ZX Security
14:55 Break for Afternoon Tea - Coffee/Tea Service Provided
15:25 Red vs. Blue: Which Grass Is Greener?
Kate Pearce and Chloe Ashford - Trade Me
15:25 Service Mess to Service Mesh
(Remote Presentation)
Rob Richardson
16:00 Zero to OSCP
Moss Lilley - Xero
16:00 Camera Obscura
Tom Isaacson
16:35 Wrap Up - Closing Remarks, Recognition, Prize Giving
Video (YouTube, 24:21)
Post-Conference: Time to go out and socialise, for those interested