Recent and Upcoming Public Talks & Workshops

2019

Workshop to initialise, train and deploy the Jade Security Champions across the Jade Development Teams.

The security defaults of Docker are designed to get you up and running (“just work”) quickly, rather than being the most secure. There …

The OWASP ZAP HTTP intercepting proxy is useful for manually attacking your Web apps and APIs. Now, we have the official Node API to …

2018

CHCon 2018: A conference for security professionals and hackers in Christchurch, NZ.

The eighth OWASP New Zealand Day conference, held at the University of Auckland.

Kim’s flagship Software Developer focussed training, this time at OWASP New Zealand Day conference.

2017

At BSides Wellington: Kim discusses that Quality (security included) does not have to be neglected when you’re planning, building and …

CHCon 2017: A conference for security professionals and hackers, based in Christchurch, NZ.

Kim’s flagship Software Developer focussed training, this time at Christchurch Hacker Conference (CHCon).

Kim discusses how and why Agile Development Teams fail at security, and how to stop failing.

Attacking a set of carefully curated questions around info-sec, white hat, black hat, attack and defense.

The eighth OWASP New Zealand Day conference, held at the University of Auckland.

At JS Remote Conf: Kim examines and demonstrates a collection of essential attacks, commonly used in the exploitation and demise of …

At NZ.JS: Kim examines and demonstrates a collection of essential attacks, commonly used in the exploitation and demise of many …

DevSecCon, Singapore: Quality (security included) does not have to be neglected when you’re planning, building and running a …

Kim will walk us through a collection of PowerShell delivery (RAM, not disk) techniques for a common reverse shellcode.

2016

Join Kim at AgileNZ 2016 for an exploration into an insightful set of steps he has learned, from an architectural, engineering and …

Kiwicon hands-on threat modelling, attack and defence strategy training for Web Developers wishing to understand their attackers …

CHCon 2016: A conference for security professionals and hackers in Christchurch, NZ.

At AWS Auckland, Kim will demonstrate the OWASP Zap API with NodeGoat, which helps you identify vulnerabilities in your web application …

NodeJS Auckland: Kim will demonstrate the OWASP Zap API with NodeGoat, which helps you identify vulnerabilities in your web application …

This time in Kilkenny of Ireland, Kim will demonstrate the OWASP Zap API with NodeGoat, which helps you identify vulnerabilities in …

This time for the students of University of Canterbury. An exploration into an insightful set of steps he has learned, from an …

Join Kim at Agile Professionals Network for an exploration into an insightful set of steps he has learned, from an architectural, …

This time in New York City at OWASP, Kim will demonstrate the OWASP Zap API with NodeGoat, which helps you identify vulnerabilities in …

Hackers On Planet Earth (HOPE) conference in New York City. An exploration into an insightful set of steps he has learned, from an …

Kim will demonstrate the OWASP Zap API with NodeGoat at the meetup he usually facilitates, which helps you identify vulnerabilities in …

At CHC.js Kim will demonstrate the OWASP Zap API with NodeGoat, which helps you identify vulnerabilities in your web application as you …

Join Kim at CodeCamp Christchurch for an exploration into an insightful set of steps he has learned, from an architectural, engineering …

AusCERT hands-on threat modelling, attack and defence strategy training for Web Developers wishing to understand their attackers …

Kim will take ISIG through the collection of tools added and configured on his penetration testing machine used throughout his book …

The seventh OWASP New Zealand Day conference, held at the University of Auckland.

2015

Kiwicon hands-on threat modelling, attack and defence strategy training for Web Developers wishing to understand their attackers …

Kim talks with his fellow Toastmasters about profiling peoples passwords and then brute forcing web applications with the shortlist of …

Kim talks with his fellow Toastmasters about the risks and countermeasures of luring targets to execute infectious media on their …

Taking the perspective of the penetration tester hired in by the target to find the defects in their security defences before the cyber …

At Functional Christchurch, due to popular demand. Taking the perspective of the penetration tester hired in by the target to find the …

At Test Professionals Network Christchurch, due to popular demand. Taking the perspective of the penetration tester hired in by the …

At CHCH.js Christchurch, due to popular demand. Taking the perspective of the penetration tester hired in by the target to find the …

At WDCNZ: Kim discusses and demonstrates how JavaScript can be used for good and evil.

At Dot Net User Group, Christchurch, due to popular demand this presentation is being run again. Drawing from Kim’s recent blog …

At OWASP meetup, Christchurch, due to popular demand this presentation is being run again. Drawing from Kim’s recent blog post …

In this 5 – 7 minute talk, Kim demonstrates (hands on) how easy it can be to compromise passwords using a collection of techniques. Kim …

At CampJS, Melbourne, Australia: Join Kim in the exploration into an insightful set of steps he has learned, from an architectural …

Saturn Architect Conference, Baltimore, MD, USA: Drawing from Kim’s recent blog post “Journey to Self Hosting” and …

The sixth OWASP New Zealand Day conference, held at the University of Auckland.

2014

At AgileNZ: Are you looking to get more out of your organisation’s software developers, increase your ROI, spend less money on fixing …

At CHC.js Kim will demonstrate write a blogging platform in JavaScript using Ember.js. The application had the functionality to …

2013

At OWASP NZ Day: What are we doing with all the characters that get shoved into our applications? Have we considered every potential …

At ANZTB: Hands-on insight into security testing. Kim will discuss some of the more common security vulnerabilities being found in …

At Canterbury Software Cluster: In this session Kim went over the benefits of introducing TDD and BDD: How to introduce them, their …

2012

This was a presentation held at one of TSBCs Sprint Reviews after attending a Clarus Professional Scrum Master course.