June 23, 2025: Please have patience as we are building the conference web! New talks, speakers and workshops will turn up as we get all the data from the speakers!
| Wednesday Oct 1st | Thursday Oct 2nd | Friday Oct 3rd |
|---|---|---|
| Workshops in two tracks | Conference, track one, track two | Conference, track one, track two |
Venue
Workshops Wednesday Oct 1st
- Workshop: Cyber Resilience Act 101
- Workshop: Software Bill of Materials 101
- Workshop: Vulnerability management 101
Talks Thursday Oct 2nd and Friday Oct 3rd
- A lightweight methodology for continuous software process compliance
- Beyond SBOMs – Essential Tools for Software Supply Chain Security
- Breaking the illusion of coverage in AppSec Testing
- Continuous compliance through automated audits
- CVD, CRA and EUVD from the perspective of a national CSIRT
- Designing User Security Controls in SaaS Shared Security Model
- Enhancing artifact security with GitHub Artifact Attestations
- From Regulation to Realization: A Practical Path for Aligning Products with CRA and RED DA
- Games as tools for securing your apps
- How Erlang/OTP and the EEF Contribute to the Ecosystem
- How to talk to your lawyer about open source software and security
- ISMS for Strengthening Resilience and Compliance – Practical Cybersecurity Support for Small and Medium-Sized Enterprises
- Meeting EU CRA Obligations: A Practical Guide to Cybersecurity Risk Assessment
- Navigating product security compliance with OWASP SAMM
- OWASP SAMM at Scale: Enabling Cyber Resilience Across Diverse Teams
- PKI Maturity as a Path to Cyber Resilience: Preparing for the EU CRA
- PURL: The naming of packages is a difficult matter
- Supply chain security – pave for security best practices
- The AI Revolution in Software Development – Are you balancing speed and security?
- The CI/CD Damn Vulnerable Project: Learning Pipeline Security Through Magic
- The ingredients for CRA compliance for SME with the open source OCCTET project
- You got a SBOM! But is it the right one?
Registration
Speakers
- Admir Abdurahmanovic, Keyfactor
- Andreas Bielk, SBOM Observer
- Anthony Harrison, APH10
- Baldvin Gislason Bern, Axis Communications
- Daniel Stenberg, Curl
- Eetu Korhonen, Netskope
- Fatin Sirat, Security Researcher
- Fredrik Skogman, Github
- Harald Fischer
- Jimmy Ahlberg, Ericsson
- Johan Sydseter, Owasp
- Kiko Fernandes-reyes, Ericsson
- Krasen Parvanov, QRTECH
- Louise Tranborg, Decerno
- Magnus Eklund, Red Hat
- Maxim Beale, Toreon
- Pär Olsson, Bosch
- Per Gustavsson, Stratsys
- Peter Jonegård, CERT-SE, Myndigheten för samhällsskydd och beredskap
- Rickard Carlsson, CEO of Detectify
- Simon Wendel, Decerno
- Stewart Kowalski, Norwegian University of Science and Technology
Explore the conference agenda
