Handouts - SecAppDev 2025

Avi Douglen

• Get out of your Bubble: Collaborative Threat Modeling
• Value Driven Security - A Roadmap to Business Alignment

Bart Preneel

• PKI and eIDAS
• The quantum threat and post-quantum cryptography

Cyprien de Saint Guilhem

• COED Technologies: what they can and can't do

Emil Vaagland

• The Bug Bounty Effect: From DevSecOops to Success!

Eva Galperin

• Threat Modeling for Intimate Partner Abuse

Gijs Van Laer

• Break things, but not security: CI/CD done right

Izar Tarandach

• Continuous Threat Modeling: Let Developers Figure It Out
• My Name Is Not Cassandra: AppSec and "I Told You So"

Jim Manico

• Using AI to write Secure React.JS code

Kristina Yasuda

• Verifiable Credentials: Concepts to Practice
• Germany’s EUDI Wallet Ecosystem Development

Niels Tanis

• Using WebAssembly to run, extend, and secure your app
• Reviewing 3rd party libraries security using Scorecards

Philippe De Ryck

• Leveraging the security model of the web
• OpenAPI as a security tool, not just documentation
• Breaking and securing OAuth 2.0 in frontends

Tom Van Cutsem

• Designing "least-authority" JavaScript apps

Yana Dimova

• Web Tracking Technologies