SecAppDev 2023 lecture details
Access control unveiled: Challenges & best practices
Having control over who can access what within an organization has become a cornerstone of modern cybersecurity. This session provides a deep dive into the challenges and best practices of both access control and identity and access management.
Tuesday June 13th, 11:00 - 12:30
Room West Wing
Download handoutsAbstract
Modern cybersecurity strategies, like Zero Trust, emphasize the significance of controlling access within organizations. This necessitates proper access control in applications and effective implementation of identity and access management (IAM). Surprisingly, IAM remains overlooked despite its importance, while access control ranks as the top concern in the OWASP Top 10. This session explores the challenges, best practices, and the connection between access control and IAM.
Key takeaway
Understanding access control & Identity and Access Management (IAM), including challenges & best practices for effective implementation.
Content level
Deep-dive
Target audience
CISOs, security experts, enterprise security engineers
Prerequisites
None
Maarten Decat
Co-founder and CEO, Elimity
Expertise: Software engineering, identity & access management, tech start-up founder
Related lectures
Demystifying Zero Trust
Introductory lecture by Bart Preneel in room Lemaire
Wednesday June 14th, 09:00 - 10:30
We discuss the principles of zero trust and explain how it can be implemented. We also discuss how we can build up trust in devices, software and hardware components.
Key takeaway: Understand whether zero trust is useful for your organization or system. Reflect on which products and services you trust and why
Fantastic software supply-chain vulnerabilities
Introductory lecture by Abhay Bhargav in room Lemaire
Tuesday June 13th, 09:00 - 10:30
This session dives into software supply-chain vulnerabilities, defense strategies, and risk mitigation. Attendees will gain insights and tools to build resilient supply chains and protect organizations from evolving threats.
Key takeaway: A comprehensive understanding of the current state of software supply-chain vulnerabilities and comprehensive defensive strategies
Modern security features for web apps
Introductory lecture by Lukas Weichselbaum in room Lemaire
Wednesday June 14th, 14:00 - 15:30
Learn about new web platform security mechanisms available in web browsers that enable developers to protect their web applications from common and new web attacks.
Key takeaway: Learn how to use new web security features such as CSP3, Trusted Types, Fetch Metadata and COOP to prevent classes of prevalent & emerging web attacks