Conference Schedule - 12-13 February
AppSec New Zealand Conference 2021
**Presentation abstracts and speaker biographies can be found on this page.
Friday, 12 February 2021
| 08:00 | Registration Opens - Main Foyer, Owen G. Glenn Building | ||
| 09:15 | Welcome to AppSec New Zealand Conference 2021 John DiLeo (Conference Chair), Kim Carter, and Kirk Jackson - OWASP New Zealand Chapter Leaders Lech Janczewski (Conference Host) - Associate Professor, Univ. of Auckland Video (YouTube, 37:55) | ||
| Upstairs Auditorium (Room 115) Track One | Downstairs Auditorium (Room 098) Track Two | ||
| 10:00 | Use the OWASP Threat Modeling Playbook to Improve Your Product Security (Remote Presentation) Sebastien (Seba) Deleersnyder - Toreon | 10:00 | A Hacker's View of DoS Attacks Dave Robinson - ZX Security |
| 10:35 | "Better than Guessing": The Efficacy and Accuracy of SAST and SCA Tools Raafey Khan - Datacom | 10:35 | Bug Hunting with Static Analysis Tools Moss Lilley - Xero |
| 11:10 | Grow Your Own Security Cha-Cha-Champion Toni James - SafeStack Academy | 11:10 | Fuzzing: An Introduction to Fuzzing and How It Relates to App Security Seth Berger - GitLab |
| 11:45 | DDoS: How can something so cheap be so expensive? Jerome Van Rooijen - RedShield | 11:45 | XXE: Why It's Still in the Top 10 Sam Shute - Quantum Security |
| 12:15 | Break for Lunch - On Your Own | ||
| 13:30 | Leveraging OWASP Projects and Tools in Your AppSec Program John DiLeo - Datacom | 13:30 | Going Above and Beyond Karan Sharma |
| 14:25 | OWASP SAMM: Status and Roadmap (Remote Presentation) John Ellingsworth - OWASP SAMM Project | 14:25 | Building purpleteam (a Security Regression Testing SaaS): From PoC to Alpha Kim Carter - BinaryMist |
| 14:55 | Break for Afternoon Tea - Coffee/Tea Service Provided | ||
| 15:25 | Making Your Information Security Policy Useful Stephen Coates - Aura Information Security | 15:25 | Authorised Is Not a Yes/No Question (Remote Presentation) Ben Dechrai - Auth0 |
| 16:20 | Taking a Preventative Human-Led Approach to Software Security and Embedding It into the Developer's DNA (Remote Presentation) Jaap Karan Singh - Secure Code Warrior | 16:20 | Payment Gateways: The Most Dangerous Game Stephen Morgan - Datacom |
| 16:55 | Wrap-Up - Day 1 Evening Activities - On Your Own | ||
Saturday, 13 February 2021
| 08:00 | Registration Opens - Main Foyer, Owen G. Glenn Building Coffee and and tea service available in both foyers | ||
| 09:15 | Welcome to Day 2 | ||
| Upstairs Auditorium (Room 115) Track One | Downstairs Auditorium (Room 098) Track Two | ||
| 09:45 | The Incident Response Plan that Saved Christmas Petra Smith - Aura Information Security | 09:45 | An Exploration of the Ethical Issues with Gamification of Information Security Awareness Training Conor Fitzgerald - Quantum Security |
| 10:20 | Using an Agreed Scale of Business Harm to End Security Arguments Stephen Coates - Aura Information Security | 10:20 | Blame the Virus Sera |
| 10:55 | How to Run an AppSec Program in an Agile Environment (Remote Presentation) Mert Can Coşkuner | 10:55 | Let's Talk about Mental Well-Being in the Community Hugh Davenport and Daniel Spector |
| 11:30 | Web Apps: Hardening Too Hard? Nick Lauder - Quantum Security | 11:30 | Vulnerability Management 101 with DefectDojo Rohit Sharma - Medical IT Advisors |
| 11:55 | The Five Stages of Security Grief: A Humorous Look at How We Can Help People Navigate the Realities of Information Security Phil Howie - Onwardly | ||
| 12:15 | Break for Lunch - On Your Own | ||
| 13:30 | Your Browser Wants You to Be Secure Kirk Jackson - RedShield | 13:30 | Building Better Security for Your API Platform using Azure API Management (Remote Presentation) Eldert Grootenboer - Motion10 |
| 14:25 | Are Your CI/CD Pipelines Secure? (Remote Presentation) Angel Rivera - CircleCI | 14:25 | Federated Logins with Oauth 2, OpenID Connect, and JWTs Matt (TC) Cotterell - ZX Security |
| 14:55 | Break for Afternoon Tea - Coffee/Tea Service Provided | ||
| 15:25 | Red vs. Blue: Which Grass Is Greener? Kate Pearce and Chloe Ashford - Trade Me | 15:25 | Service Mess to Service Mesh (Remote Presentation) Rob Richardson |
| 16:00 | Zero to OSCP Moss Lilley - Xero | 16:00 | Camera Obscura Tom Isaacson |
| 16:35 | Wrap Up - Closing Remarks, Recognition, Prize Giving Video (YouTube, 24:21) Post-Conference: Time to go out and socialise, for those interested | ||