SecAppDev 2026 - Application Security
SecAppDev 2026 offers three days of in-depth lectures and two days of hands-on workshops. Use the buttons below to navigate between the topics.
AI / ML security
OWASP top 10
Authorization
Architecture
Secure Coding
Web security
Governance
Application Security
Privacy
Offensive security
Security by default - A European perspective on cyber resilience
Deep-dive lecture by Freddy Dezeure in room Lemaire
A technical deep dive into how Microsoft implements security, resilience, and regulatory compliance at scale—mapping NIS2, DORA, and Secure‑by‑Default principles to concrete controls, engineering processes, and tenant‑level protections
Key takeaway: Learn how regulatory requirements become enforceable controls, measurable metrics, and practical Secure‑by‑Default engineering across cloud systems
EU CRA: Survival Workshop for Enterprise & Open Source
Deep-dive lecture by Roman Zhukov
A practical deep-dive into the EU CRA for Enterprise and Open Source. Features interactive "In Scope?", "Who Am I?" and a “Live Gap-Analysis” exercises to help navigating your compliance confidently.
Key takeaway: Transform CRA rules from a legal burden into an engineering advantage using open standards, clear role mapping, and practical guidelines.
Demystifying CSP for Modern Applications
Deep-dive lecture by Philippe De Ryck
CSP is often seen as complex and frustrating. This session explains why most policies fail, how to fix them, and how to apply CSP effectively in modern applications, including single page apps.
Key takeaway: Understand why CSP often fails and learn how to implement it correctly with practical, actionable guidance.