Call for papers – participate in the conference!

Published by oej on

We are building the conference and still have a few days open for your contribution. Read the call for papers and submit your proposal to Olle now!

We have in-depth sessions that give you the opportunity to cover a topic fully. The conference talks is shorter, half-hour, sessions that let you introduce a topic.

How to submit

Send email to Olle E Johansson (conference chair) at oej@edvina.net with

  • Title of your talk
  • A paragraph describing the content
  • Your name, title and a short bio
  • Photograph

No later than June 15th, 2024.

Suggested topics for talks

  • Compliance – the road to CE marking your product
  • Software supply chain security
  • Horisontal standards and related work – like ISO 27001 etc
  • DevSecOps and software transparency
  • Security artefacts: SBOM, VEX, attestations
    • Formats
  • Secure by design development process
  • Secure Code Frameworks
  • Coordinated vulnerability disclosure
  • Vulnerability handling – updating, prioritising and interacting with customers
  • Tools for scanning, vulnerability checking, compliance, SBOM and artefact management
  • The EU regulation: The Cyber Resilience Act, RED-DA and NIS2 as well as the umbrella – Cyber Security Act
    • What is the current status?
    • Who will be affected?
  • EU certification: EU-CC
  • Vulnerability databases: CVE, NVD, OSV and others – including the coming EU vulnerability database
  • Process: How to modify the product development process to adopt to the regulation
  • Shift security left: How to integrate cyber security professionals early in the process
  • How does a customer manage software transparency
  • Interacting with Open Source projects – 3rd party dependencies
  • Other related topics

Topics for workshops

Workshops are 1.5 hour sessions with educational content. Ideas:

  • CycloneDX standard and tools
  • SPDX standard and tools
  • Securing your supply chain – practical advice
  • Coordinated vulnerability disclosure – how to set it up, experiences
  • Introduction to the Cyber Resilience Act for management
  • Secure by design: How do we get there?
  • Best practices for secure code
  • Stepping up in the devsecops process: How to implement security checks and SBOMs
  • Due diligence of 3rd party components – commercial and open source
  • Pentesting your software – an introduction
  • Other related topics of interest
Categories: Conference news

Related Posts

Conference news

NSSS24: Photographs

Here are some photographs from the Nordic Software Security Summit 2024. On Monday Sept 23 there was a single track and on Tuesday the conference was split up in two tracks.

Conference news

NSSS24: Summary of day two

Anthony Harrison, APH10 The second day of the Nordic Software Security Summit didn’t disappoint with more great presentations and stimulating discussions. It was great to see the community sharing knowledge in areas such as improving Read more…

Conference news

NSSS24: Summary of the first day

Anthony Harrison, APH10 What a great day at the first Nordic Software Security Summit#nsss24 organised by Olle E Johansson. Great presentations, thought provoking discussions and a great community. So what were the key takeaways from Read more…