Lectures at SecAppDev 2026

A technical deep dive into how Microsoft implements security, resilience, and regulatory compliance at scale—mapping NIS2, DORA, and Secure‑by‑Default principles to concrete controls, engineering processes, and tenant‑level protections

Key takeaway: Learn how regulatory requirements become enforceable controls, measurable metrics, and practical Secure‑by‑Default engineering across cloud systems

There's many known (and still being discovered) attack vectors against deep learning models. In this session, we'll walk through some of the history of adversarial ML and deep learning and find what's changed and what's stayed the same.

Key takeaway: AI/DL models are inherently nondeterministic and have other properties that allow for old, new and interesting attacks.

AI memory is not just another RAG plugin; it is a stateful, persistent attack surface. Securing it requires new threat models, new detection primitives, and architectural decisions made well before deployment.

Key takeaway: Treat AI memory as an attack surface; design for safety and observability from day one.

A practical and up-to-date overview of OAuth 2.1, covering core concepts, modern security best practices, and key extensions like PAR and DPoP, with guidance on applying them in real-world architectures and preparing for what’s coming next.

Key takeaway: Learn how to apply OAuth 2.1 best practices and supporting technologies to build secure applications and stay aligned with evolving standards.

This session explores real-world security risks in AI-assisted coding and presents best practices to mitigate them and securely integrate AI into the development lifecycle.

Key takeaway: AI is a powerful force multiplier, but only when paired with strong security practices, verification, and human oversight.

Post-Quantum Cryptography (PQC) answers the threat posed by quantum computers. We discuss the emerging standards and national agencies' recommendations for migration. We conclude with performance benchmarks and crypto agility challenges.

Key takeaway: If you have not yet developed a PQC migration strategy, you should do so in the next 6 months.

An introduction to the Model Context Protocol (MCP) and its security risks. Covers MCP architecture, threat models, and practical defenses to prevent prompt injection, tool abuse, and data leakage in AI tool integrations.

Key takeaway: Understand MCP risks and apply concrete controls to secure AI tool integrations and prevent prompt injection, tool abuse, and data exfiltration.

A practical session for security practitioners already familiar with ASVS, covering what changed in v5, how to apply it in code review, how it can be used alongside other AppSec tools, and common pitfalls / best practices.

Key takeaway: Coding standards are even more relevant in an age where LLMs are writing most code, making ASVS an increasingly useful resource.

A practical deep-dive into the EU CRA for Enterprise and Open Source. Features interactive "In Scope?", "Who Am I?" and a “Live Gap-Analysis” exercises to help navigating your compliance confidently.

Key takeaway: Transform CRA rules from a legal burden into an engineering advantage using open standards, clear role mapping, and practical guidelines.

This talk traces crypto wars from limits on research and key escrow to Apple vs. FBI. It covers debates on scanning communications and EU plans for access to encrypted data, ending with privacy risks of the EU Digital Identity Wallet.

Key takeaway: Crypto wars show ongoing tension between privacy & surveillance, with growing risks to online privacy

In this session, you'll dive into how this creates interesting vectors for privacy attacks on AI/ML systems. You'll also be introduced to what types of interventions might work to address such issues.

Key takeaway: Information exfiltration due to memorization is an interesting attack vector for today's AI/deep learning models.

This talk discusses how to achieve a risk-based and effective security testing strategy by taking ownership of what and how to test instead of relying on limited built-in checkers of off-the-shelf security scanning tools.

Key takeaway: Take ownership of your security testing strategy to improve coverage and efficiency, do not let tool vendors create a sub-optimal strategy for you.

CSP is often seen as complex and frustrating. This session explains why most policies fail, how to fix them, and how to apply CSP effectively in modern applications, including single page apps.

Key takeaway: Understand why CSP often fails and learn how to implement it correctly with practical, actionable guidance.

Cybersecurity shapes society. This talk shows how ethical frameworks can guide security analysis and design. It covers harms to privacy and property, transparency and disclosure, and AI impacts, all based on real-world cases.

Key takeaway: An increasingly digital society implies that software developers are facing more ethical issues; this requires critical reflection.