Skip to content Skip to sidebar Skip to footer
Home Resources Community Presentations Application Security 2022

Application Security 2022

For the fourth time, the Cyber Security Coalition had the honour to collaborate with SecAppDev and to organize a joined experience sharing event on application security.

In June 2022, the 16th edition of the yearly SecAppDev course took place in Leuven. As usual, experts from industry and academia (The SecAppDev Course) taught about various aspects of secure application development. At SecAppDev, developers, architects, and technical managers got a unique deep-dive into current best practices for security.

For the fourth time, the Cyber Security Coalition had the honour to collaborate with SecAppDev and to organize a joined event at the same venue during half a day.

On Thursday morning June 16th, the following renowned speakers gave a summary presentation of their lectures:

  • Jim Manico, Founder and Secure Coding Educator @Manicode Security. Topic: From the OWASP Top 10 to the OWASP ASVS (Application Security Verification Standard)
  • Stefaan Van daele, Executive Security Architect @IBM. Topic: Enterprise security architecture and app development
  • Mykyta Petik, Researcher, CiTiP @KU Leuven. Topic: Implementing GDPR in software projects
  • Griet Verhenneman, Data Protection Officer – Research Fellow, University Hospitals Leuven, KU Leuven – CiTiP. Topic: Privacy and ethics in secondary use of sensitive data

In the afternoon, Cyber Security Coalition members zoomed in on one of the themes of SecAppDev, namely web security and explained how a holistic approach can be realised.

Next to security by design and development, testing is obviously always needed. The first step is the traditional pen-testing, but this is limited in scope and in time. Stijn Jans (founder & CEO @Intigriti) explained and demonstrated how continuous testing can be performed via a bug bounty ethical hacking platform.

After this demo, Bruno De Legher (Information Security Officer @Telenet) elaborated on a specific customer case on how to use the bug bounty platform to improve the security posture.

The bug bounty programme solves the problem of “limited in time testing” but it is still defined for a specific scope. To solve the scope challenge, the external attack surface needs continuous mapping and monitoring. Stijn Vande Casteele (founder & CEO @Sweepatic) elaborated several methodologies how to cope with this.

To conclude our afternoon programme, Axel Legay (professor @UCL) presented concrete cyber security projects that can be realised thanks to the CyberWal initiative.

Application Security 15-06-23
Join our podcast
Please choose your preferred listening platform and language

Spotify

EN

FR

NL

Apple

EN

FR

NL

Join our newsletter

Cyber Pulse keeps you up-to-date on the latest cybersecurity news, community actions and member stories.