The presentation explores how the OWASP Application Security Verification Standard (ASVS) can guide technical security controls throughout the software development lifecycle, from design to implementation and verification. We'll discuss how ASVS provides detailed guidance on implementing technical security controls, offering a structured approach to secure software development. With the recent release of ASVS 5.0, we’ll also review new changes, clarify the framework’s complex levels and…

Artificial Intelligence has undergone a remarkable journey—from the early days of computing when linear regression reigned supreme in statistical analysis, to today’s sophisticated architectures like transformers and CNNs. This talk traces this evolution, showing how foundational principles like regression and feed-forward networks have scaled into modern AI systems capable of processing language, vision, and complex tasks.
Using Searle's Chinese Room argument as a lens, we examine the…

This presentation explores how development teams can leverage OWASP’s Software Assurance Maturity Model (SAMM) to establish or enhance their application security programs. We'll discuss common security challenges faced by teams when introducing security into projects, and show how SAMM provides a flexible, scalable approach for evaluating, improving, and planning security initiatives. From single-product teams to organizations managing hundreds of applications, we’ll outline practical first…