- A CDN that can not XSS you – Using Subresource Integrity, Frederik Braun
- Agile Security Testing – Lessons learned, David Vaartjes and Cengiz Han Sahin
- Application Security of the Belgium electronic voting system, Rob van der Veer
- Bringing Security Testing to Development: How to Enable Developers to Act as Security Experts, Achim D. Brucker, Stephen Hookings and Dimitar Yanev
- Can Saas ever be Secure?, Helen McLaughlin
- E-banking transaction authorization – common vulnerabilities, security verification and best practices for implementation, Wojtek Dworakowski
- Facing Security Monitoring: Hype, Challenges, Solution, Alexios Fakos and Johannes Schönborn
- Finding Bad Needles on a Worldwide Scale, Dmitry Savintsev
- From Zero to Hero – or how OWASP saved my holiday, Tobias Gondrom
- Hard knock lessons on bug bounties, Jonathan Cran
- Identification of potentially harmful requests directed at web sites, Marek Zachara
- Issues and Limitations of Third-party Security Seals, Tom Van Goethem
- Lessons from DevOps: Taking DevOps practices into your AppSec Life, Matt Tesauro
- Maliciously monetizing AppSec “Features” – It’s all about the $money, Or Katz and Ezra Caltum
- Naxsi, a web application firewall for NGINX, Thibault Koechlin
- OWASP Top 10 Privacy Risks, Florian Stahl and Stefan Burgmair
- PDF – Mess with the Web, Alex Inführ
- Rise Of The Machines – How automated processes overtook the Web, Yossi Daya
- Security and “Modern” Software Deployment, Rory McCune
- Security and Insecurity of HTTP Headers, Dirk Wetter
- Security DevOps – staying secure in agile projects, Christian Schneider
- Security Touchpoints When Acquiring Software, Carsten Huth, Nadim Barsoum and Dawid Sroka
- So, you want to use a WebView?, Andrew Lee-Thorp
- The API Assessment Primer, Jason Haddix and Greg Patton
- The Node.js Highway: Attacks are at Full Throttle, Maty Siman and Helen Bravo
- WebRTC, or how secure is p2p browser communication?, Lieven Desmet and Martin Johns
- Windows Phone App Security for builders and breakers, Luca De Fulgentis
- ZAP 2.4.0 and beyond…, Simon Bennetts
