53:25

Threat Modeling For Developers (Panel)

00:59

OWASP Cornucopia

14:53

How to play OWASP Cornucopia

00:59

OWASP 2024 Global AppSec Lisbon -- Promo

03:40

Security for Citizen Developers: Low-Code/No-Code Cybersecurity Threats

14:14

AI and API Security Panel

00:26

OWASP Spot

47:03

The State of Secure DevOps - Security enables Velocity

45:09

OpenCRE.org - Universal Translator for Security

51:24

Level Up Your Security Champions (and Your Program)

47:23

How to Avoid Potholes When Scaling Your Application Security Program

44:27

Bootstrap Your Software Security with OWASP SAMM 2.1

44:49

“Shift Left” Isn’t What You Expected

41:23

Moving Forward By Looking Back: Data Collection and Analysis at OWASP

47:01

Influencing Without Authority: The Foundations of a Successful Security Department of Yes

50:43

Better Protect Sensitive Data in the Cloud with Client-Side Application Layer Encryption

30:50

Cutting to the chase: Security Design and Guidance at scale

46:13

From SBOMs to F-Bombs: Vulnerability Analysis, SCA Tools, and False Positives & Negatives

39:49

Using WebAssembly to run, extend, and secure your application!

36:22

OWASP Low-Code No-Code Top 10

37:07

No Code you shall use, malware you shall get

42:13

AppSec Threats Deserve Their Own Incident Response Plan

43:56

Credential Sharing as a Service: the Dark Side of No Code

39:01

DevSecOps Worst Practices

44:31

Fixing Broken Access Control

44:42

Everything-as-Code: Pushing the boundaries of SAST

44:35

Automated Security Testing with OWASP Nettacker

46:51

AI Red Teaming LLM: Past, Present, and Future

27:36

Refactoring Mobile App Security

29:11

Could Passwordless be Worse than Passwords?

35:47

Hacking & Securing Android Applications

49:34

Metrics, metrics everywhere - from which ones I should be scared?

29:39

Discovering Shadow Vulnerabilities in Popular Open-Source Projects A Journey Through Reverse-Fuzzing

43:12

ASVS Testing: You Keep Using Those Words

01:33

What is OWASP and OWASP Membership

43:10

Zero Trust Threat Modeling

42:55

Scaling Content Security Policy: Enterprise Compliance and Third Party Resource Management

41:44

OSC&R - Open Software Supply Chain Attack Reference

49:13

Policy-as-Code: Across the Stack

40:58

Ignoring the Hype: How to Design Your Cloud Architecture Regardless of Your Cloud of Choice

53:51

Obfuscation Nation: Detecting Malicious Dependencies at Scale with Static Analysis

43:23

Fishing for Security: Reeling in Phishing Attacks Across a Global Organization

44:56

Reflections on Trust in the Software Supply Chain

32:21

Using an Application Performance Monitoring (APM) Environment for Security Insights

35:15

The evolution of exploiting memory vulnerabilities in Linux

45:18

Keynote: Unsafe at Any Speed - Lisa Plaggemier

59:57

Keynote: Profiling Socially-Motivated Cyber Criminals - Jackie Singh

54:55

Breaking and Fixing Web Application Security - Antara Mane

51:28

Cross-Tenant Request Forgery Attack in Multi-Tenancy Environments - Albert Yu & Alan Bishop

53:55

ATOR (Authentication Token Obtain and Replace) Burp Plugin - Manikandan Rajappan & Ashwath Kumar

55:47

Keynote: Defining and Embracing The Software Fragility - Bernard Tan

48:52

Keynote: Global AppSec: Beyond Boundaries - Brook S.E. Schoenfield

40:37

Keynote: 22 Years of Application Security – Where did it get us? - Alyssa Miller

52:52

Enterprise Application Risk Profiling - Alex Mor

54:36

API Security Assurance via E2E Testing - Alex Mor

49:11

Enhancing CI/CD Secrets Security: The 3Rs Approach - Bobby Lin

44:55

Large-Scale Application Attack Surface Management - Fariskhi Vidyan

55:07

CVE Overload: Scaling Container Vulnerability Scans - Lucas Ferreira

52:55

OWASP Coraza: Open Source WAF for Cloud Native Service Mesh - Zufar Dhiyaulhaq

52:32

Lessons Learned: A Retrospective on Application Security Failures - Iqbal Singh