Vídeos de OWASP AppSec Europe 2016

Se han publicado los vídeos de las charlas de OWASP Europe 2016 celebrada en Roma. La lista de las charlas publicadas es la siguiente:

• Abhay Bhargav - SecDevOps: A View from the Trenches
• A. Brucker, S. Dashevskyi, F. Massacci - Using Third Party Components for building a
• Adam Muntner - Open Source Approaches to Security for Applications and Services at Mo
• Ajin Abraham - Automated Mobile Application Security Assessment with MobSF
• Amol Sarwate - 2016 State of Vulnerability Exploits
• Andreas Falk - Building secure cloud - native applications with spring boot and spring
• Arne Swinnen - The Tales of a Bug Bounty Hunter - 10 Interesting Vulnerabilities
• B. Stock, B. Kaiser, S. Lekies, S. Pfistner - From Facepalm to Brain Bender
• Chris Romeo - AppSec Awareness - A Blue Print for Security Culture Change
• C. Mainka, C. Spth, V. Mladenov - From DTD to XXE - An Evaluation of XML - Parsers
• C. Mainka, V. Mladenov, T. Wich - Systematically Breaking and Fixing OpenID Connect
• Christian Schneider, Alvaro Muoz - Surviving the Java serialization apocalypse
• Christian Wressnegger - Analyzing and Detecting Flash - based Malware
• Dan Cornell - The ABCs of Source-Assisted Web Application Penetration Testing
• Daniel Kefer, Rene Reuter - Addressing Security Requirements in Development Projects
• David Lindner, Jack Mannino - Dont Touch Me That Way
• David Rook - Leveling up your application security program
• Dinis Cruz - Using JIRA to manage Risks and Security Champions activities
• Dirk Wetter - Calm down HTTPS is not a VPN
• Felix Leder - Bug Hunting on the Dark Side
• Giancarlo Pellegrino - Compression Bombs Strike Back
• Glen ten Cate - OWASP Security Knowledge Framework - Making the web secure by design
• Grant McCracken, Shpend Kurtishaj - Running a bug bounty - what you need to know.
• Ikka Turunen - A chain of trust-How to implement a supply chain approach to build and
• Jacky Fox - Attracting and retaining women in Cyber Security
• Jakub Kaluzny - Big problems with big data - Hadoop interfaces security
• Johannes Dahse - Static Code Analysis of Complex PHP Application Vulnerabilities
• John Dickson - Making OpenSAMM More Effective in a DevOps World
• John Kozyrakis - Everything You Need to Know About Certificate Pinning But Are Too
• Jonathan Kuskos - The Top 10 Web Hacks of 2015
• J. Rose, R. Sulatycki - Grow up AppSec-A case study of maturity models and metrics
• Julia Knecht - SAASY SPLC
• Liesbeth Kempen - Idiot proof is not enough make it villain proof
• L. Compagna, A. Sudhodanan, A. Armando, R. Carbone - Attack Patterns for Black-Box Det
• Marisa Fagan - The Cool Factor - Securitys Secret Weapon
• Matthias Rohr - Practical Threat Modeling with Microsofts Threat Modeling Tool 2016
• Michele Spagnuolo, Lukas Weichselbaum - Making CSP great again
• Mike West - Keynote - Hardening the Web Platform
• Oliver Lavery - Framework Security - Have You Hugged A Developer Today
• Rob van der Veer - Grip on SSD - Dutch government standard for outsourcing secure
• Scott Davis - Scanning with swagger - Using the Open API specification to find first
• Sebastian Lekies - Securing AngularJS Applications
• Simone Onofri - Security Project Management - how to be Agile in
• Tobias Gondrom - OWASP CISO Survey Report Tactical Insights for Managers
• Tom Van Goethem - The Timing Attacks They Are a - Changin
• Tony Uceda Velez - Attack tree vignettes for Containers as a Service applications and
• Wojtek Dworakowski - Internet banking safeguards vulnerabilities
• Yair Amit - Why Hackers Are Winning The Mobile Malware Battle - Bypassing