Abstract
Planning for this years Meetup sessions followed by a discussion on Covid and what we need to be thinking about in our Jobs in relation to InfoSec and our personal OpSec
Date
Mar 31, 2021 19:00 PM — 21:00 PM
Location
Christchurch, New Zealand
Slides:
Outcomes
Three meetups left for this year. What do we want to do?
Kim’s ideas:
- Talk and workshop 3 things that Devs can do in their Sprints to improve their security, possibly a series of these?
- Session on what goes into a good build pipeline
- A walk through the new OWASP API Security Top 10 and how they compare with the OWASP Top 10 Web Application Security Risks
- Threat modelling code, how to do it? how to get the most out of it?
- OWASP tooling and all the new projects that are happening
Group ideas:
- Incident response talk
- Something to get more Devs in
- Software vulnerability management
- Application intrusion detection
- Panel - Ask anything
Highest ranking talks by vote:
| Talk | Speaker(s) |
|---|---|
| 1. Incident response talk and Application intrusion detection | Chris-Kim |
| 2. Panel - Ask anything - Intention to get more Devs along | Pete-Toni |
| 3. Talk and workshop 3 things that Devs can do in their Sprints to improve their security | Kim |
Spare:
- Software vulnerability management (Kevin)
- Session on what goes into a good build pipeline
- Threat modelling code, how to do it? how to get the most out of it?
Kim Carter
Technologist / Engineer, Information Security Professional
Technologist / Engineer, Information Security Professional, Entrepreneur and the founder of BinaryMist Ltd and PurpleTeam-Labs. Ex OWASP NZ Chapter Leader of eight years. Certified Scrum Master. Facilitator, mentor and motivator of cross functional, self managing teams. With a solid 20 years of commercial industry experience across many domains.