AppSecDayAustralia 2019 Nov. 1, 2019 to Nov. 1, 2019, Melbourne, Australia

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote: Security Learns to Sprint: DevSecOps (Keynote) Tanya Janca This talk will argue that DevOps could be the best thing to happen to application ...
Session IPA: Sessions' Interesting Protection Anomalies Louis Jahnke PHPSESSIONID, rack.session, play_session, JSESSIONID.... do these terms seem familiar? In most languages and frameworks, the ...
Hunting Bugs to Extinction with Static Analysis Paul Theriault Static Analysis can be a useful tool to help hunt for security bugs, and even ...
Tears from The Cloud Tim Heckman "When ‘getting pwned’ doesn’t even fully describe what happened" When building your systems and infrastructure ...
How Do I Content Security Policy? Kirk Jackson Content Security Policy (CSP) helps you secure your Web site, by declaring which javascript and ...
K-rail: A tool to manage k8s securely at speed Sam (frenchie) Stewart Kubernetes is a popular and powerful tool for workload management, and doesn’t always have the ...
10 Things I Hate About You — How (Not) to Auth 100's of API's Ryan Hackett This talk will cover the adventures of SEEK's five-year voyage in providing secure forms of ...
DIY Azure Security Assessments Tanya Radichel PenTesters, Blue & Red teamers, network admins and cloud enthusiasts, this talk will layout from ...
Lockpicking - Compromising Physical Security Errbufferoverfl And Ozmart Want to tinker with locks and tools the likes of which you've seen in movies ...
Spot the vuln - Identifying security problems in source code Eldar Marcussen Do you know source code? or perhaps you know vulnerabilities? See where they intersect and ...
When Bots Attack - Mischievous Puppets and Stolen Treasures Andrew Logue As a leading source of Australian property market data, REA’s website is a pot of ...
Hunting the Modern Attacker: Prepping for Appsec Incident Response Maximilian Burkhardt Today, a huge portion of our data lives in web applications, often in multitenant, high-exposure ...
Protecting the Damned: Deploying Insecure Applications at Scale Vivek Ramachandran Most defense talks are about how to code and pentest applications to secure them before ...
Bulletproof Shoes: Protecting from Accidental Token Leaks Max Feldman Version control software has come a long way, and the barrier to creating an open ...
A Purple Team View of Serverless and GraphQL Applications Abhay Bhargav Serverless Technology (Functions as a Service) is fast becoming the next "big thing" in the ...
Adding the Sec to DevOps Andrew Bailey Ever wondered how to add the Sec to your DevOps? In this talk we will ...
Ephemeral Vulnerabilities and the Case for Continuous Security Michael Shah As companies have shifted to a cloud-first architecture and adopted continuous deployment and DevOps practices ...
Security Panel Ken Johnson , Tanya Janca , Sam Radichel A panel discussion with industry leaders, discussing all things security!