SecAppDev 2025 - Supply chain security
SecAppDev 2025 offers three days of in-depth lectures and two days of hands-on workshops. Use the buttons below to navigate between the topics. The full schedule shows all sessions.
AI / ML security
Threat modeling
OWASP top 10
Authorization
Architecture
Secure Coding
Supply chain security
API security
Web security
Governance
Application Security
Reviewing 3rd party libraries security using Scorecards
Introductory lecture by Niels Tanis in room West Wing
Tuesday June 3th, 14:00 - 15:30
We rely on 3rd party libraries which results in security risks. OpenSSF’s Scorecard helps assess package security. This session explores its checks and additional insights to strengthen supply-chain security.
Key takeaway: Understanding how to leverage the OpenSSF Scorecard to review used 3rd party libraries more easily.
Break things, but not security: CI/CD done right
Deep-dive lecture by Gijs Van Laer in room Lemaire
Tuesday June 3th, 11:00 - 12:30
Learn how to secure your CI/CD pipeline without slowing down. We cover risks, best practices, essential tools, real-world attacks, and how to justify your security investments.
Key takeaway: Secure CI/CD is achievable without sacrificing speed: start with key tools, embed best practices, and scale smart.