Full program

09:30 - 09:40 SecOSday

Opening session

We'll take a look on the schedule and explain the origins of the Secure Open Source day!
09:40 - 10:25 Joan van de Swaluw

Drupot - A drupal honeypot solution by Glasswall

Glasswall BV has been committed to reducing risks associated with the complexities of networking and software environments ever since its inception in 2012. We focus on a particular niche in the broader field of cybersecurity, creating security awareness and new insights.
10:35 - 11:20 Tiago Mauricio

Staying secure with(in) Open Source

In this presentation we'll take a look on how open source tools can help you secure yourself and your infrastructure across all layers, from the network to the application.
11:30 - 12:15 Drew Webber

Reverse Engineering Drupal Vulnerabilities

In this session we'll look at a number of real Drupal Security Advisories and work through the process of reverse engineering the vulnerabilities. This will require us to "think like an attacker", and should provide insight into some of the challenges of writing secure Open Source code.
12:15 - 13:00 SecOSday

Lunch break

13:00 - 13:45 Platform.sh

Beyond Twelve Factor Apps with PaaS

The original 12 factors (see 12factor.net) set a great baseline for writing secure apps that were maintainable.
13:55 - 14:40 Lawri van Buël

Securing an Unsecured app with opensource tools

Sometimes we want/need to use web applications that we can not trust. Whether this is due to not wanting to open up the application to all the evils of the internet or because we do not trust or can not use the authentication methods it has.
14:50 - 15:35 Rodrigo Panchiniak

Protected Content

Officially still unreleased but already published Protected Content is a Drupal module for client-side/end-to-end PGP encryption.
15:45 - 16:30 Balazs Janos Tatar

A Bug's Life - Drupal Application Security and Vulnerability Management

In this session, a currently Provisional member of Drupal Security Team gives a broad overview of how security bugs are present and could be prevented on Drupal projects.
16:30 - 16:45 SecOSday

Closing session

Sum up the event and talk about its details that we've learnt and could take home!