SecAppDev 2024 lecture details
Security-centric app development: the itsme® use case
In this session, we will look at the history of the itsme® app and highlight how at every step security was at the forefront of the development. From the initial design to adding new features, the focus on security was never lost.
Tuesday June 4th, 09:00 - 10:30
Room Lemaire
Download handoutsAbstract
Over 8 years, the team behind the itsme® app focused on security, integrating it into every phase of its evolution. From its inception, we focused on a secure software development lifecycle (S-SDLC), involving best security practices, experts with a security-first mindset and cutting-edge technology. Key milestones include the launch in 2017 after 2 years of development, major updates such as the launch in new markets, and compliance with global security standards.
In this session, we will showcase how throughout all of these changes, we managed to keep security at the heart of development.
Key takeaway
The itsme® use case demonstrates how to keep security at the core of application development throughout its evolution.
Content level
Introductory
Target audience
Anyone involved in application development.
Prerequisites
None
Steve Mihy
Director, Head of Secure Development, Approach Cyber
Expertise: Application security, web application development and systems integration
Eric Bariaux
Senior Secure Software Architect, Approach Cyber
Expertise: Java, Software Architecture, S-SDLC, Digital Identity
Related lectures
Winning the war in cyber
Keynote lecture by Jessica Robinson in room Lemaire
Monday June 3rd, 09:15 - 10:30
How well we adapt continues to influence our security strategies, our creativity, and our culture, in our companies and in our industry. It seems starting with ourselves is a natural place to begin.
Key takeaway: What the evolution of the security practitioner, and leader, will look in the future in winning the daily battles in cybersecurity.
A complete view of application security with OWASP SAMM
Introductory lecture by Aram Hovsepyan in room Lemaire
Tuesday June 4th, 11:00 - 12:30
This session introduces the OWASP SAMM framework and gives you a clear overview of the application security landscape. It will also help you understand how organizations should deal with software security at scale.
Key takeaway: Learn about the full scope of application security, and how activities such as secure design, coding, pen testing, DevOps fit in this view.
AppSec is changing
Keynote lecture by Erlend Oftedal in room Lemaire
Wednesday June 5th, 16:00 - 17:15
In this keynote we will look at how appsec has been changing over the last 10 years and discuss what might come in the future.
Key takeaway: Overview of appsec as a field and where it's going