SecAppDev 2024 lecture details
Technical approach to Zero Trust Application Access
This session explores Zero Trust Application Access (ZTAA), a security model emphasizing "never trust, always verify". It'll cover the basics of ZTAA and important points for building and deploying applications within this strategy.
Monday June 3rd, 11:00 - 12:30
Room Lemaire
Download handoutsAbstract
In today's fast-changing cybersecurity world, traditional security methods are no longer enough. The shift to remote work and more cloud use have shown weaknesses in old security approaches. Zero Trust Application Access (ZTAA) uses a "never trust, always verify" approach.
This session will cover the basics of ZTAA, how to put it into practice in businesses, and important points for building and deploying applications with respect to this strategy. Focusing on authentication, device security, encryption, and applications security, ZTAA offers a solid way to handle today’s cybersecurity issues.
Key takeaway
You'll learn how to deploy Zero Trust Application Access (ZTAA) in small and large businesses and how to build applications according to ZTAA.
Content level
Introductory
Target audience
People involved with the technical security strategy of a company and security engineers.
Prerequisites
None.
Gijs Van Laer
CTO, XFA
Expertise: Information security strategies, application security, and applied cryptography
Related lectures
Supercharging OAuth 2.0 security
Advanced lecture by Philippe De Ryck in room Lemaire
Tuesday June 4th, 16:00 - 17:30
Discover how to apply OAuth 2.0 in high-security scenarios, exploring its latest security enhancements. Learn about advanced features like Resource Indicators, JAR, PAR, and DPoP, gaining the knowledge to implement OAuth 2.0 securely.
Key takeaway: OAuth 2.0 offers various new security enhancements, including Resource Indicators, JAR, PAR, DPoP, designed for high-security environments
Cryptographic algorithms update
Deep-dive lecture by Bart Preneel in room Lemaire
Monday June 3rd, 14:00 - 15:30
An update on the most important cryptographic algorithms and a status on the migration towards post-quantum security.
Key takeaway: Which cryptographic algorithms to use for which tasks.
Practical cryptography with Tink
Deep-dive lecture by Neil Madden in room West Wing
Monday June 3rd, 16:00 - 17:30
Learn how to translate cryptography know-how into robust working code that is easy to review. Avoid common implementation pitfalls by learning how to use the modern Tink cryptographic library.
Key takeaway: Learn how to use Tink to implement cryptographic features and protocols in a robust manner.