Savoy, 3rd Floor, Flamingo Corporate Convention Center

All times are in Pacific Time(GMT -7)

Day 1 - August 11, 2023

10:00

11:00

11:00 - 13:00

Spot the True Positives!

POD Intro

Backslash .

11:00 - 13:00

vAPI : Vulnerable Adversely Programmed Interface

Arsenal Intro

Tushar Kulkarni

11:00 - 13:00

Hands-on GitHub Actions

POD Intro

Magno Logan

11:00 - 13:00

Defensive Coding and Hardened Javascript

Workshop Advanced

Zbyszek Tenerowicz

Aaron Kumavis

11:00 - 13:00

The Ultimate AppSec Trivia Challenge

POD All Audiences

Probely .

11:45

11:45 - 12:30

The attackers guide to exploiting secrets in the universe

Talk Intermediate

Mackenzie Jackson

12:30

12:30 - 13:15

DevSecOps Worst Practices

Talk Intermediate

Tanya Janca

13:00

13:00 - 15:00

Fix The Flag: A Secure Programming Competition

POD All Audiences

Pedram Hayati

13:00 - 15:00

IDN-Squatting Detector

Arsenal All Audiences

Gal Bitensky

13:00 - 15:00

AMA - Tib3rius

Ask Me Anything

Tib3rius .

13:00 - 15:00

Web Shells - What They Are And How To Hunt Them

Workshop Intermediate

Joe Schottman

13:00 - 15:00

The Ultimate AppSec Trivia Challenge

POD All Audiences

Probely .

13:15

13:15 - 14:00

The Dark Playground of CI/CD: Attack Delivery by GitHub Actions

Talk Intermediate

Yusuke Kubo

Kiyohito Yamamoto

14:00

15:00

15:00 - 17:00

FlowMate and CSTC for Advanced Pentesting

Arsenal All Audiences

Florian Haag

Matthias Göhring

15:00 - 17:00

Hunt the Hacker - Detect compromises in your repositories!

POD All Audiences

GitGuardian .

15:00 - 17:00

Faking GitHub Contributions

Workshop Advanced

Tal Folkman

Alik Koldobsky

15:00 - 17:00

Threat modelling fun session with OWASP Cornucopia

POD Intermediate

Spyros Gasteratos

15:00 - 17:00

How to Hide Behavior from Security Tools

POD Intermediate

Mike Larkin

Day 2 - August 12, 2023

10:00

11:00

11:00 - 11:45

Getting More Bang for your Buck:Appsec on a Limited Budget

Talk All Audiences

Viraj Gandhi

Vandana Verma Sehgal

11:00 - 13:00

Hunt the Hacker - Detect compromises in your repositories!

POD All Audiences

GitGuardian .

11:00 - 13:00

The Ultimate AppSec Trivia Challenge

POD All Audiences

Probely .

11:00 - 13:00

JWT Parkour

Workshop Intro

Louis Nyffenegger

11:00 - 13:00

Secure Code Review Challenge

POD All Audiences

Alon Lerner

11:00 - 13:00

Spot the True Positives!

POD All Audiences

Backslash .

11:45

12:30

12:30 - 13:30

Not All Alerts Are Born Equal: Insights from AppSec Experts on Prioritizing Security Alerts

Panel Intermediate

Shahar Man

Trupti Shiralkar

Joe Christian

Kiran Shirali

13:00

13:00 - 15:00

Open Source API Security for devsecops

Arsenal Intermediate

Ankush Jain

Ankita Gupta

13:00 - 15:00

How to Hide Behavior from Security Tools

POD All Audiences

Deepfactor .

13:00 - 15:00

The Ultimate AppSec Trivia Challenge

POD All Audiences

Probely .

13:00 - 15:00

FOR KIDS: Castle Defenders

POD Intro

Pentera .

13:30

14:15

15:00

15:00 - 15:45

SusParams: Hypercharge your web testing with DATA

Talk Intermediate

Jason Haddix

15:00 - 17:00

Faking GitHub Reputation

POD All Audiences

Checkmarx .

15:00 - 17:00

How to Hide Behavior from Security Tools

POD All Audiences

Deepfactor .

15:00 - 17:00

Fix The Flag - Battle Challenge

POD All Audiences

Pedram Hayati

15:00 - 17:00

Hunt the Hacker - Detect compromises in your repositories!

POD All Audiences

GitGuardian .

15:45

16:30

Day 3 - August 13, 2023

09:30

09:30 - 10:15

WAF: Making a Problematic Security Tool Suck Less

Talk Intermediate

Emile Spir

Emmanuelle Lejeail

10:00

10:00 - 12:00

Secure Code Review Challenge

POD All Audiences

Checkmarx .

10:00 - 12:00

Threat modelling fun session with OWASP Cornucopia

POD All Audiences

Spyros Gasteratos

10:00 - 12:00

Pasteur - A C++ library to eliminate injections

Arsenal Intermediate

Yariv Tal

10:00 - 12:00

Hunt the Hacker - Detect compromises in your repositories!

POD All Audiences

GitGuardian .

10:15

11:00

11:00 - 11:45

Threat modeling-based application security pipeline

Talk Intermediate

Nielet D'mello

Larkins Carvalho

11:45

11:45 - 12:30

Android Applications and APIs hacking

Talk All Audiences

Gabrielle Botbol

12:00

12:00 - 14:00

Threat modelling fun session with OWASP Cornucopia

POD All Audiences

Spyros Gasteratos

12:00 - 14:00

Secure from Scratch: Secure Code Workshop

Workshop Intro

Or Sahar

Yariv Tal

12:00 - 14:00

Faking GitHub Reputation

POD All Audiences

Checkmarx .

12:00 - 14:00

How to Hide Behavior from Security Tools

POD All Audiences

Deepfactor .

12:00 - 14:00

AMA - Jim Manico

Ask Me Anything All Audiences

Jim Manico

12:30

13:15

13:15 - 14:00

Scoping for Success (Building a Great Bug Bounty program)

Talk All Audiences

Jeffrey Guerra

Logan MacLaren

Thanks to our Sponsors

Gold Sponsors


Silver Sponsors


Bronze Sponsors


Is your organization passionate about application security and want to sponsor?

Read on how to become a sponsor and checkout our available sponsorship opportunities.