Working Session's - With NO OrganizersBack to Editor's pages

These Working Sessions current have NO organizer and the content still needs some work. if you are interested in this topic, please sign-up as one of the organizers! This could be a great career opportunity to show your talent, skills and professionalism.

# name (title) track technologies participants status
1 Applying Top 10 to Standards edit Owasp Top 10 2017 PCI
done
2 Best practices in using SAST, DAST, IAST and RASP Tools edit DevSecOps SAST Marc Rimbau , Felipe Zipitria , Avi Douglen , Timo Pagel , Francois Raynaud , Fabien Thalgott , Nessim Kisserli
final stage; need-working materials
3 BeyondCorp for internal Web Applications edit Research
draft
4 Browser Security edit Browsers
done
5 Bug Bounty Playbook edit Security Playbooks Jonas Vanalderweireldt , Alexander Antukh , Danny Grander , Devesh Bhatt , Isuru Tharanga , James Osborn , Jason Haddix , Josh Armour , Nikita Garia , Peleus Uhley , Sam Houston , Vinod Anandan
done
6 Cheat Sheets edit Owasp Projects Johan Peeters , Don Gibson , Jonas Vanalderweireldt , Steven van der Baan , Ajay Gupta , Anuruddha Hewawasam , Chris Cooper , Isuru Tharanga , Peter Turczak
done
7 Collaboratively write revised and new text edit Owasp Top 10 2017
draft
8 Create Jira Workflows for Security Playbooks edit Security Playbooks Jira Irene Michlin , Duncan Hurwood
final stage; need-working materials
9 Creating AppSec Talent (next 100k professionals) edit Education Tiffany Long , Mateo Martinez , Adrian Winckles , Devesh Bhatt , Felipe Zipitria , Gabor Pek , Juan Calderon , Mark Felegyhazi , Mateo Martinez , Nikita Garia , Ross Tanner , Stefano Di Paola , Vinod Anandan
Merged with "Creating App sec teams"
10 Diffing and Version Control Threat Models edit Threat Model Irene Michlin , Steven Wierckx , Luis Saiz
draft
11 DoS Playbook edit Security Playbooks Chris Dee , Chris Howell , Isuru Tharanga , James Osborn , Marco Morana
final stage; need-working materials
12 End of Summit Debrief edit
done
13 Future of .Net Containers edit Research .Net,Docker PhotoBox
draft
14 GSMA IoT Security Guidelines edit IoT Tamer Elzayyat
done
15 GraphQL Security Review edit Research PhotoBox , Daniela Cruzes , Danny Grander , Sandor Lenart
done
16 How is the Top 10 Used in Real World edit Owasp Top 10 2017
done
17 Integrating Security Tools in the SDL edit DevSecOps SAST Achim D. Brucker , Danny Grander , Helen Bravo , Nuno Loureiro
done
18 Integrating Security into a Portfolio Kanban edit Agile AppSec Ante Gulam , Irene Michlin , Mamta Vuppu , Avi Douglen , Chris Cooper , Daniela Cruzes , Geoff Hill , Tony Richards , Victor Vidigal Ribeiro
need more content
19 Integrating Security into a Sales Channel edit Agile AppSec Francois Raynaud , Daniela Cruzes , Rahul Raghavan , Tony Richards
merged with integrating security into a portfolio kanban
20 LANGSEC Language-theoretic Security edit Research Johan Peeters
done
21 Lessons learned from public bug bounties programmes edit Security Crowdsourcing Adrian Winckles , Alexander Antukh , Josh Armour , Peleus Uhley , Sam Houston , Vinod Anandan
need working materials
22 Media Handling Playbook edit Security Playbooks GDPR Tiffany Long , Nikita Garia
done
23 OWASP Bug Bounty edit Security Crowdsourcing Anuruddha Hewawasam , Danny Grander , Josh Armour , Sam Houston
need target audience; need outcomes; need working materials
24 OWASP Top 10 Call for Data and Weightings Discussion edit Owasp Top 10 2017 Steve Kosten
draft
25 OWASP Top 10 Process Discussion edit Owasp Top 10 2017
draft
26 Owasp-Website edit Owasp Kate Hartmann
draft
27 Participant Debrief edit Summit Team Dinis Cruz
28 Peer Review of RC2 edit Owasp Top 10 2017
out
29 Playbooks vs Handbooks edit Security Playbooks Tiffany Long , Jonas Vanalderweireldt , Marco Morana
mereged with Playbooks Common Format
30 Prepare Daily Briefing session edit Summit Team Dinis Cruz
31 Prepare Evening Briefing edit Summit Team
32 Protobuf for Data Validation Between Services edit Research
draft
33 Radical Candor edit
review-content
34 Real-Time SAST Engine Architecture edit DevSecOps
draft
35 Reverse Engineering APK's with Bytecodeviewer edit Tools Mobile Don Gibson , Achim D. Brucker , Adrian Winckles , Christian DeHoyos , Dougal Kennedy
done
36 SRE Security Activities edit DevSecOps Don Gibson , Madhu Akula
draft
37 Security Architecture Recommendations for IoT edit IoT Peter Turczak , Tamer Elzayyat
done
38 Security Book Club edit Education Dinis Cruz , Francois Raynaud , Anuruddha Hewawasam
done
39 Security Guidance and Feedback in IDE edit DevSecOps IDE,SAST Achim D. Brucker , Adam Shostack , Alexander Antukh , Brian Lawrence , Daniela Cruzes , Helen Bravo , Jonathon Brookfield , Tiago Mendo , Vinod Anandan
missing-Working materials
40 Security Labels edit Research Dinis Cruz , Chris Cooper
draft
41 Security-Review-pure-Javascript-Applications edit
draft
42 Staff Technical Writer's Session edit Summit Team Dinis Cruz
43 Synchronize Multiple Owasp Top 10s edit Owasp Top 10
draft
44 TM-4 edit Threat Model
draft
45 TM-5 edit Threat Model
draft
46 Threat Modeling Diagramming Techniques edit Threat Model Steven Wierckx , Stephen de Vries , Irene Michlin , Steven van der Baan , Adam Shostack , Avi Douglen , Ben Cornelius , Daniela Cruzes , Denis Pilipchuk , Devesh Bhatt , Fraser Scott , Geoff Hill , Jason Li , Jonathon Brookfield , Juan Calderon , Luis Saiz , Marco Morana , Matt Pendlebury , Milo Hunter , Slava Katok , Tony UV , Victor Vidigal Ribeiro
done
47 Threat Modeling IoT Devices edit Threat Model IoT Adam Shostack , Adrian Winckles , Amani Altarawneh , Avi Douglen , Ceara Treacy , Chris Howell , Denis Pilipchuk , Devesh Bhatt , Gabor Pek , Ingo Hanke , Peter Turczak , Slava Katok , Tamer Elzayyat , Tony UV
done
48 Threat Modeling Scaling and Security Champions edit Threat Model Robert Hurlbut , Irene Michlin , Mamta Vuppu , Viktor Lindström , Steven Wierckx , Avi Douglen , Gabor Pek , Geoff Hill , Slava Katok , Tony Richards
done
49 Threat Modeling Schema edit Threat Model
draft
50 Threat Modeling Selling The Idea edit Threat Model unknown
done
51 Threat Modeling Tools edit Threat Model Geoff Hill , Irene Michlin , Stephen de Vries , Johan Peeters , Duncan Hurwood , Viktor Lindstrom , Christian Martorella , Don Gibson , Mateo Martinez , Steven van der Baan , Adrian Winckles , Amani Altarawneh , Avi Douglen , Christian DeHoyos , Daniela Cruzes , Denis Pilipchuk , Devesh Bhatt , Felipe Zipitria , Fraser Scott , Hamza Alkofahi , Isuru Tharanga , Jason Li , Kevin Greene , Luis Saiz , Marco Morana , Mateo Martinez , Mike Goodwin , Milo Hunter , Naushad , Slava Katok , Tony UV , Victor Vidigal Ribeiro
done
52 Threat Modeling Where do I Start? edit Threat Model Naushad007 , Robert Hurlbut , Irene Michlin , Mamta Vuppu , Viktor Lindstrom , Sebastien Deleersnyder , Timo Pagel , Nessim Kisserli , Abhinav Sejpal , Adam Shostack , Alexander Antukh , Avi Douglen , Christian DeHoyos , Daniel Kefer , Daniela Cruzes , Denis Pilipchuk , Ed Woodfall , Erez Yalon , Jonathon Brookfield , Luis Saiz , Marc Rimbau , Milo Hunter , Naushad , Nessim Kisserli , Peter Turczak , Slava Katok , Tony UV , Victor Vidigal Ribeiro , Vinod Anandan
done
53 Threat Modeling by Feature and Layer edit Threat Model Avi Douglen , Luis Saiz , Marc Rimbau , Slava Katok
draft
54 Threat Modeling pure Javascript Applications edit Threat Model
draft
55 Top 10 merge with Proactive Controls edit Owasp Top 10 2017
draft
56 Use Threat Models to Lock Developers Briefs edit Threat Model
draft
57 Using Holacracy in Working Sessions edit
need-more content; need-working materials
58 Using JIRA and Confluence to Store Threat Model Data edit Threat Model Marc Rimbau
draft
59 Validation of Weightings Discussion edit Owasp Top 10 2017
draft
60 feedback and conclusion edit Owasp Top 10 2017
draft
61 peer review of existing text edit Owasp Top 10 2017
draft