7
0
Fork 0

Fout hersteld in programma VJ22

Talks toegevoegd in programma NJ22
This commit is contained in:
Patrick Reijnen 2023-06-17 16:47:00 +02:00
parent 632101d108
commit 9af29e5f0f
4 changed files with 77 additions and 3 deletions

View file

@ -67,7 +67,7 @@ event_schedule:
speaker: Lucinda Sterk
title: Talk nerdy to me
keynote: true
link:
link: talks/lucinda-sterk-talk-nerdy-to-me/
center: true
size: 3
- row:
@ -87,7 +87,7 @@ event_schedule:
talk:
speaker: Riccardo ten Cate en Glenn ten Cate
title: Exploitation, automation, mitigation
link:
link: talks/riccardo-ten-cate-en-glenn-ten-cate-explotation-automation-mitigation/
- column:
talk:
speaker: Mike Ciavarella

View file

@ -0,0 +1,24 @@
---
categories:
date: 2022-11-29T20:31:43+02:00
description:
layout: event-talk
slug:
tags:
title: "Lucinda Sterk - Talk nerdy to me"
speakers:
- lucinda-sterk
presentation:
filename: 2022-11-29-lucinda-sterk-talk-nerdy-to-me.pdf
recording:
platform: youtube
url: https://www.youtube.com/watch?v=xaEP29OZR3U
---
## Abstract
Ik sta als communicatieadviseur en contentmaker nooit op gelijke hoogte als de technisch experts qua kennis. Hoe komen we dan toch tot een mooi product? Een blogpost of een whitepaper. "Talk nerdy to me", roep ik altijd tegen mijn nerds, en dan begint het proces waarbij zij en ik vooral veel geduld met elkaar moeten opbrengen. In deze talk vertel ik met een beetje humor en een vleugje vooroordeel hoe dat proces in zijn werk gaat.
## Biografie
Lucinda heeft na haar studie journalistiek bij diverse landelijke dagbladen gewerkt. In 2008 maakte zij de overstap naar communicatie en begon ze als crisiscommunicatiespecialist bij de Nationaal Coordinator Terrorismebestrijding en Veiligheid. In 2015 ging zij zich steeds meer richten op communicatie over cybersecurity. Na enkele jaren bij het NCSC, begon ze bij Fox-IT. In 2020 heeft ze de communicatie bij Z-CERT opgezet en sinds 2022 werkt ze voor DIVD en KPN Security

View file

@ -0,0 +1,50 @@
---
categories:
date: 2022-11-29T20:31:43+02:00
description:
layout: event-talk
slug:
tags:
title: "Riccardo ten Cate & Glenn ten Cate - Exploitation, automation, mitigation"
speakers:
- riccardo-ten-cate
- glenn-ten-cate
presentation:
filename: 2022-11-29-riccardo-en-glenn-ten-cate-exploitation-automation-mitigation.pdf
recording:
platform: youtube
url: https://www.youtube.com/watch?v=CH2ntnZxZks
---
## Abstract
We can see the trends in integrating security tooling into CI/CD pipelines. However, security tooling alone will not cover your entire attack surface. This is because the tooling can never understand the full context of the applications functions and logic. On the other hand, resources in the form of manual verification can often be scarce and expensive.
Where do we find the right balance between security test automation and manual verification?
Even more importantly, how do we train the developers to understand the metrics and make security part of their process and culture?
OWASP security knowledge framework introduced a new interactive learning platform to teach you everything you need to know about secure software development! SKF helps you deploy sandboxed learning environments on the fly where you find all the tools you need to get yourself going.
Use the OWASP SKF to train yourself or your entire team to exploit and mitigate web application vulnerabilities.
In our session:
* We will show you how the SKF is set-up, so you can get started.
* We will show the labs and demo live exploitation of the labs.
* How do we fix the vulnerabilities? We will use SKF to generate security requirement that guide how to mitigate the vulnerabilities demonstrated in the labs
* We will implement mitigations (requirements) and use the Owasp ZAP (Automation framework) and ZEST to validate the mitigations.
## Biography Glenn
As a coder, hacker, speaker, trainer and security chapter leader employed at ING Belgium Glenn has over 15 years experience in the field of security. One of the founders of defensive development security trainings dedicated to helping you build and maintain secure software and also speaking at multiple other security conferences in the world.
Not only does Glenn train developers, he and his brother Riccardo also donated an entire knowledge framework solely dedicated to help developers make their code secure by design.
See: SKF (Security knowledge framework) https://www.securityknowledgeframework.org
## Biography Riccardo
As a penetration tester from the Netherlands Riccardo ten Cate specialises in application security and has extensive knowledge in securing applications in multiple coding languages. Riccardo has many years of experience in training and guiding development teams becoming more mature and making their applications secure by design.

View file

@ -200,7 +200,7 @@ event_schedule:
time: 15:30
- column:
talk:
speaker: Michiel Leenaars
speaker: "-"
title: "-"
link:
- column: