Handouts - SecAppDev 2023

Abhay Bhargav

• Fantastic software supply-chain vulnerabilities
• Policy-as-Code: across the tech stack

Avi Douglen

• Building a secure Software Development Lifecycle
• Analysis of authentication: deciding on "good enough"

Bart Preneel

• An intro to cryptographic algorithms
• Demystifying Zero Trust
• Entity authentication and key establishment

Bruno Bossola

• Supply chain risks in software development

Claudio Merloni

• Secure defaults: developer-friendly security

Davy Preuveneers

• Attacks against machine learning pipelines

Gary McGraw

• Security engineering for machine learning
• How to avoid the top ten software security flaws
• 42 things

Isabelle Mauny

• OpenAPI: the common language of APIs
• Security architecture in a distributed world

Jim Manico

• Third-party library security management
• The unabridged history of application security

Lukas Weichselbaum

• Modern security features for web apps

Maarten Decat

• Access control unveiled: Challenges & best practices

Philippe De Ryck

• The security model of the web
• OAuth 2.0 and OpenID Connect architectures
• From zero to hero with Content Security Policy

Pieter De Cremer

• Secure defaults: developer-friendly security