Open Security Conference

Keynotes

Building an AppSec Program from Scratch - Mireia Cano

Mireia has shoulder-long dark brown hair and dark brown eyes, and light skin. She wears blue jeans with a black belt, a black tailored shirt, and a loose open shirt with thin white and blue stripes over it. A small black bag hangs diagonally over her upper body. Mireia smiles widely into the camera. She leans casually against an old wall with her arms resting on the top of the wall. In the background you can overlook a European-looking city showing houses with red roofs and green-leaved trees, under a clouded sky with the sun lightening up the clouds.

In today’s digital landscape, application security is crucial for safeguarding sensitive data and maintaining user trust. Without a robust AppSec program, or with one poorly implemented, chaos can ensue, leading to vulnerabilities and breaches. This talk explores several journeys establishing an AppSec program from the ground up. I will share the valuable lessons learned along the way, detailing the obstacles and cultural challenges that a company might need to overcome. Join me as I present real-world examples and best practices, offering practical guidance to help you navigate similar challenges and build a strong foundation for your AppSec program.

About Mireia

I am a security engineer focused on application security, with over 7 years of experience. I have helped companies build their application security programs both as a consultant and as an in-house security engineer. I am passionate about fostering collaboration between development and security teams to enhance organizational security posture and resilience.

History repeating itself - Bianca Kastl

Headshot of Bianca Kastl. Bianca has light blonde long hear and wears it openly. She has light skin and wears glasses with a black frame. Her head rests on her left hand, she smiles and looks slightly to the side of the camera.

The IT sphere is full of always new technology and hyped buzzwords - be it AI, quantum, VR and what not. From a security perspective new doesn’t always mean new problems and attack vectors. This talk tries to look into current security problems and their root causes, how they could be prevented by applying basic security principles and what this means for a more secure future.

About Bianca

Bianca is currently working at the public health department of Frankfurt / Main in Germany. Her role right now is main product owner of the software project GA-Lotse. She has been part of various software projects with a security and privacy focus in the german administration and healthcare, mainly in the field of public health. In her spare time she is also involved in ethical hacking, for example hacking the luca App in the year 2021 or the recent breach of the german electronic health record - ePA für alle.