SecAppDev 2026 - Governance
SecAppDev 2026 offers three days of in-depth lectures and two days of hands-on workshops. Use the buttons below to navigate between the topics.
AI / ML security
OWASP top 10
Authorization
Architecture
Secure Coding
Web security
Cryptography
Governance
Application Security
Privacy
Offensive security
Security by default - A European perspective on cyber resilience
Deep-dive lecture by Freddy Dezeure in room Lemaire
A technical deep dive into how Microsoft implements security, resilience, and regulatory compliance at scale—mapping NIS2, DORA, and Secure‑by‑Default principles to concrete controls, engineering processes, and tenant‑level protections
Key takeaway: Learn how regulatory requirements become enforceable controls, measurable metrics, and practical Secure‑by‑Default engineering across cloud systems
Post-Quantum Cryptography (PQC): The Risk of Being Late
Deep-dive lecture by Bart Preneel
Post-Quantum Cryptography (PQC) answers the threat posed by quantum computers. We discuss the emerging standards and national agencies' recommendations for migration. We conclude with performance benchmarks and crypto agility challenges.
Key takeaway: If you have not yet developed a PQC migration strategy, you should do so in the next 6 months.
EU CRA: Survival Workshop for Enterprise & Open Source
Deep-dive lecture by Roman Zhukov
A practical deep-dive into the EU CRA for Enterprise and Open Source. Features interactive "In Scope?", "Who Am I?" and a “Live Gap-Analysis” exercises to help navigating your compliance confidently.
Key takeaway: Transform CRA rules from a legal burden into an engineering advantage using open standards, clear role mapping, and practical guidelines.