Full schedule for SecAppDev 2026
SecAppDev 2026 offers a dual-track schedule with three days of lectures and two days of workshops. This page shows the full course schedule for SecAppDev 2026.
Monday June 1st
Opening session
Session by Philippe De Ryck in room Lemaire
A warm welcome, some practicalities, and the kick-off of SecAppDev
Security by default - A European perspective on cyber resilience
Deep-dive lecture by Freddy Dezeure in room Lemaire
A technical deep dive into how Microsoft implements security, resilience, and regulatory compliance at scale—mapping NIS2, DORA, and Secure‑by‑Default principles to concrete controls, engineering processes, and tenant‑level protections
Key takeaway: Learn how regulatory requirements become enforceable controls, measurable metrics, and practical Secure‑by‑Default engineering across cloud systems
Post-Quantum Cryptography (PQC): The Risk of Being Late
Deep-dive lecture by Bart Preneel in room Lemaire
Post-Quantum Cryptography (PQC) answers the threat posed by quantum computers. We discuss the emerging standards and national agencies' recommendations for migration. We conclude with performance benchmarks and crypto agility challenges.
Key takeaway: If you have not yet developed a PQC migration strategy, you should do so in the next 6 months.
Secure by Design — Ideas and Techniques
Introductory lecture by Dan Bergh Johnsson and Daniel Deogun in room West Wing
Security is a design concern, not just an implementation concern. This session shows how domain modelling, type design, and boundary thinking can structurally eliminate entire classes of vulnerability - before attackers ever get a chance.
Key takeaway: Security is a quality aspect of software - like maintainability or correctness. Teams that design for quality get security as an emergent benefit
This lecture is also available as a recording on Tuesday June 2nd, 14:00 - 15:30
An Updated Security Model of the Web
Deep-dive lecture by Philippe De Ryck in room Lemaire
An up-to-date look at the browser security model, new browser features, and how mechanisms like the Sanitizer API, cookie prefixes, and script integrity help build more secure web applications.
Key takeaway: Understand how browsers think about security, and how to leverage modern browser features in your applications.
This lecture is also available as a recording on Tuesday June 2nd, 09:00 - 10:30
Achieving Risk-based and Effective Security Testing
Deep-dive lecture by Ruben De Visscher in room West Wing
This talk discusses how to achieve a risk-based and effective security testing strategy by taking ownership of what and how to test instead of relying on limited built-in checkers of off-the-shelf security scanning tools.
Key takeaway: Take ownership of your security testing strategy to improve coverage and efficiency, do not let tool vendors create a sub-optimal strategy for you.
OAuth 2.1 Best Practices
Deep-dive lecture by Philippe De Ryck in room Lemaire
A practical and up-to-date overview of OAuth 2.1, covering core concepts, modern security best practices, and key extensions like PAR and DPoP, with guidance on applying them in real-world architectures and preparing for what’s coming next.
Key takeaway: Learn how to apply OAuth 2.1 best practices and supporting technologies to build secure applications and stay aligned with evolving standards.
AI Memory, Mapped
Deep-dive lecture by Natalie Isak in room West Wing
AI memory is not just another RAG plugin; it is a stateful, persistent attack surface. Securing it requires new threat models, new detection primitives, and architectural decisions made well before deployment.
Key takeaway: Treat AI memory as an attack surface; design for safety and observability from day one.
This lecture is also available as a recording on Tuesday June 2nd, 11:00 - 12:30
Tuesday June 2nd
Building secure applications in the age of AI agents
Introductory lecture by Pieter Philippaerts in room Lemaire
This session explores real-world security risks in AI-assisted coding and presents best practices to mitigate them and securely integrate AI into the development lifecycle.
Key takeaway: AI is a powerful force multiplier, but only when paired with strong security practices, verification, and human oversight.
SBOMs and their Role in Security
Deep-dive lecture by Alexios Zavras in room West Wing
A practical deep dive into SBOMs: what they are, how they’re built and used, and why they matter for modern software security, from vulnerability response and prioritization to supply‑chain risk and provenance touchpoints.
Key takeaway: Participants will learn about SBOMs, how to think about them in an end-to-end manner, and how to apply them to real security workflows.
This lecture is also available as a recording on Tuesday June 2nd, 16:00 - 17:30
An Updated Security Model of the Web
Deep-dive lecture by Philippe De Ryck in room Heilige-Geesttafel
An up-to-date look at the browser security model, new browser features, and how mechanisms like the Sanitizer API, cookie prefixes, and script integrity help build more secure web applications.
This is a recording session with limited interactivity.
Cybersecurity and ethics
Introductory lecture by Bart Preneel in room Lemaire
Cybersecurity shapes society. This talk shows how ethical frameworks can guide security analysis and design. It covers harms to privacy and property, transparency and disclosure, and AI impacts, all based on real-world cases.
Key takeaway: An increasingly digital society implies that software developers are facing more ethical issues; this requires critical reflection.
Model Context Protocol (MCP) Security
Advanced lecture by Jim Manico in room West Wing
An introduction to the Model Context Protocol (MCP) and its security risks. Covers MCP architecture, threat models, and practical defenses to prevent prompt injection, tool abuse, and data leakage in AI tool integrations.
Key takeaway: Understand MCP risks and apply concrete controls to secure AI tool integrations and prevent prompt injection, tool abuse, and data exfiltration.
AI Memory, Mapped
Deep-dive lecture by Natalie Isak in room Heilige-Geesttafel
AI memory is not just another RAG plugin; it is a stateful, persistent attack surface. Securing it requires new threat models, new detection primitives, and architectural decisions made well before deployment.
This is a recording session with limited interactivity.
The ongoing crypto wars
Introductory lecture by Bart Preneel in room Lemaire
This talk traces crypto wars from limits on research and key escrow to Apple vs. FBI. It covers debates on scanning communications and EU plans for access to encrypted data, ending with privacy risks of the EU Digital Identity Wallet.
Key takeaway: Crypto wars show ongoing tension between privacy & surveillance, with growing risks to online privacy
What's New in ASVS v5
Advanced lecture by Eden Sofia Yardeni in room West Wing
A practical session for security practitioners already familiar with ASVS, covering what changed in v5, how to apply it in code review, how it can be used alongside other AppSec tools, and common pitfalls / best practices.
Key takeaway: Coding standards are even more relevant in an age where LLMs are writing most code, making ASVS an increasingly useful resource.
Secure by Design — Ideas and Techniques
Introductory lecture by Dan Bergh Johnsson and Daniel Deogun in room Heilige-Geesttafel
Security is a design concern, not just an implementation concern. This session shows how domain modelling, type design, and boundary thinking can structurally eliminate entire classes of vulnerability - before attackers ever get a chance.
This is a recording session with limited interactivity.
Dark Patterns and the AI Era
Introductory lecture by Johanna Gunawan in room Lemaire
This lecture introduces the concepts of dark patterns from interdisciplinary (HCI, privacy, and legal) literature to highlight the evolution of this UX design phenomena, with implications for the age of AI.
Key takeaway: Dark patterns are a persistent 'threat' to users in a different fashion; security perspectives can contribute to ongoing mitigation efforts.
Designing "least-authority" JavaScript apps
Deep-dive lecture by Tom Van Cutsem in room West Wing
Learn the problems and solutions of combining "trusted" and "untrusted" JavaScript. We introduce secure dialects of JavaScript and practical tools that help to prevent supply-chain attacks from third-party modules.
Key takeaway: Learn how to get "trusted" and "untrusted" JavaScript to safely co-exist in your app.
SBOMs and their Role in Security
Deep-dive lecture by Alexios Zavras in room Heilige-Geesttafel
A practical deep dive into SBOMs: what they are, how they’re built and used, and why they matter for modern software security, from vulnerability response and prioritization to supply‑chain risk and provenance touchpoints.
This is a recording session with limited interactivity.
Wednesday June 3rd
Secure by Design — A Design Lens on Real Breaches
Deep-dive lecture by Daniel Deogun and Dan Bergh Johnsson in room Lemaire
Real breaches, analysed not for how they were exploited but for why they were exploitable. Each reveals a design omission that Secure by Design thinking could have caught — and a lesson you can apply to your own systems.
Key takeaway: Breaches have root causes deeper than the exploit. Learn to trace them back to design omissions
Demystifying CSP for Modern Applications
Deep-dive lecture by Philippe De Ryck in room West Wing
CSP is often seen as complex and frustrating. This session explains why most policies fail, how to fix them, and how to apply CSP effectively in modern applications, including single page apps.
Key takeaway: Understand why CSP often fails and learn how to implement it correctly with practical, actionable guidance.
How to (still) trick AI: Adversarial ML for Today
Introductory lecture by Katharine Jarmul in room Lemaire
There's many known (and still being discovered) attack vectors against deep learning models. In this session, we'll walk through some of the history of adversarial ML and deep learning and find what's changed and what's stayed the same.
Key takeaway: AI/DL models are inherently nondeterministic and have other properties that allow for old, new and interesting attacks.
EU CRA: Survival Workshop for Enterprise & Open Source
Deep-dive lecture by Roman Zhukov in room West Wing
A practical deep-dive into the EU CRA for Enterprise and Open Source. Features interactive "In Scope?", "Who Am I?" and a “Live Gap-Analysis” exercises to help navigating your compliance confidently.
Key takeaway: Transform CRA rules from a legal burden into an engineering advantage using open standards, clear role mapping, and practical guidelines.
Privacy Attacks on Deep Learning Systems
Advanced lecture by Katharine Jarmul in room Lemaire
In this session, you'll dive into how this creates interesting vectors for privacy attacks on AI/ML systems. You'll also be introduced to what types of interventions might work to address such issues.
Key takeaway: Information exfiltration due to memorization is an interesting attack vector for today's AI/deep learning models.
The Art of Cross-site Leaks
Advanced lecture by Tom Van Goethem in room West Wing
XS-Leaks bypass the same-origin policy to infer sensitive user data via browser side-channels. Learn how these invisible attacks work, what browser vendors are doing, and the simple steps you can take to secure your applications.
Key takeaway: XS-Leaks bypass SOP through side channels and native browser features; learn how SameSite and Fetch Metadata help defend your apps.
RTFR (Read The Bleeping RFC)
Deep-dive lecture by Inti De Ceukelaire in room Lemaire
We’ve built the internet upon standards established decades ago, resulting in some considerable security consequences today. In this talk, Inti is revealing his RFC research playbook and will discuss some of his recent finds.
Key takeaway: Creating and maintaining standards is hard and small inaccuracies might result in huge mistakes in years from now. Compliant isn't always more secure!
Closing session
Session by Philippe De Ryck in room Lemaire
Wrapping up the lectures and a book raffle for people that filled out the evaluations.
Course dinner
BBQ Experience Center (Pastorijstraat 7, 3020 Herent)
A joint course dinner / BBQ workshop at the BBQ Experience Center. We start off with a drink and a bite to eat, followed by a relaxing workshop led by experienced grillmasters. A shuttle bus is provided to go there and come back, but you are also welcome to use your own means of transportation.
Thursday June 4th
Enterprise AI Coding with Claude Code
One-day workshop by Jim Manico in room Lemaire
This training teaches engineers to use Claude Code with professional discipline: machine-readable requirements, secure coding prompts, and repeatable GitHub workflows. Participants learn to convert issues into structured plans, refine them before code generation, and enforce review gates for architecture, security, and quality. The course also covers repo governance files (CLAUDE.md, REQUIREMENTS.md, ARCHITECTURE.md, SECURITY.md) to constrain AI behavior and maintain traceability from requirements → plan → code → review.
Learning goal: Attendees will learn a disciplined workflow for using Claude Code professionally: defining machine-readable requirements, generating and reviewing implementation plans, enforcing architecture and security constraints, and producing AI-assisted code.
Threat modeling with AI
One-day workshop by Steven Wierckx in room West Wing
This workshop aims to introduce SecAppDev participants to integrating AI assistance into their threat modeling workflows. Participants will learn how to leverage AI for diagramming, threat identification, and countermeasure recommendations to speed up threat model analysis.
To bring these concepts to life, the workshop includes a guided case study on a Digital Wallet / Payment App, where participants will use AI tools to generate a data flow diagram, identify threats using STRIDE, propose mitigations mapped to industry standards, and summarize findings for business stakeholders.
Learning goal: This session with theoretical points and an integrated exercise provides an engaging, end-to-end view of how AI can support, but not replace, human judgment in threat modeling.
Friday June 5th
Attacking and Defending LLMs
One-day workshop by Katharine Jarmul in room Lemaire
This workshop gives you hands-on experience with attacking large language models (LLMs) using a range of prompt-based strategies. You will actively explore how these attacks work in practice and what their impact is on real systems. The workshop also gives you insight into defensive techniques, and shows how architectural choices, testing approaches, and security observability can be used to strengthen applications built with generative models.
Learning goal: Practical strategies, best practices, and tools to improve the security posture of modern AI systems.
Practical web application security guided by real-world CVEs
One-day workshop by Philippe De Ryck in room West Wing
This workshop explores modern web application security through the lens of recent real-world CVEs. Instead of focusing on theory, we analyze how vulnerabilities such as path traversal, JWT handling flaws, authorization bypasses, and command injection appear in practice. By dissecting real incidents, we uncover common patterns, root causes, and exploitation techniques. The workshop connects these findings to concrete defensive strategies, helping you understand not just what goes wrong, but how to prevent it in modern applications.
Learning goal: Learn core web application security concepts and how they manifest in real-world vulnerabilities, using recent CVEs as context to understand and prevent common issues.