The first edition of sec4dev conference + bootcamp was hosted at TU Campus Gußhaus from February 25 -27, 2019 and welcomed more than 100 participants. After two all day bootcamps on Monday, the single track conference was kicked off on Tuesday morning with a keynote from Markus Sabadello on Decentralized Identifiers. The first day of the main track then featured Philippe De Ryck (Pragmatic Web Security) pointing out common API Security Pitfalls, Maha Sounble (A1) explaining the right way of storing and masking data and Tobias Zillner (Alpha Strike Labs) providing insights into the story of 500.000 recalled pacemakers. In the afternoon of the first day, Fefe (Fefes Blog) introduced “Trusted Computing Base”, Alexander Schatten (SBA) animated to question the complexity of today´s software systems, Martin Pirker (St. Pölten University of Applied Sciences) explained how to correctly pase input data, Stefan Vogl (Austrian State Printing House) introduced the security development process of the Austrian State Printing House and Philipp Krenn (Elastic) spoke about scalable auditing. The official conference dinner was hosted at the oldest Austrian “Heurigen”, 10er Marie. The second day of the main track started out with a round of Protection Poker conducted by Martin Gilje Jaatun (SINTEF). The rest of the agenda was packed with both technical and legal advice on how to achieve higher security. Christian Trummer (Bitpanda) took the audience on the journey on how Bitpanda has handled security challenges over time, Markus Dörfler (Kanzlei Höhne, In der Maur & Partner) proved that GDPR does not have to be a dry topic, Mathias Tausig (FH Campus Wien) gave a Crash Course on Crypto and Martin Reinhard (Holisticon) explained how to continuously get more secure. The afternoon featured Barbara Ondrisek (Women&Code) speaking about Privacy and Data Security of Chatbots, Pascal Schulz (Dynatrace) introducing a successful Bug Bounty Program and Florian Bogner (Bee IT Security) demonstrating how Exploit Developers work. The closing note on User Account Security 2019 was held by organizer Thomas Konrad (SBA Research).
The received feedback was throughout very positive and definitely confirms the existing demand for more application oriented conferences such as sec4dev. After the successful kick off the second edition of sec4dev will take place from February 24 – 27, 2020.