SafeStack Academy logo

Seminars

Included in all our Secure Development memberships, our monthly online seminars are designed to add to your learning and help you build a community of like-minded people you can share challenges and approaches with.

Sign up for our next seminar or to be notified when it’s coming up, share topics you’d like us to cover, and check out our past seminars below.

Join our next seminar

Watch this space

Check back soon for information and a registration link for our next monthly seminar in October.

In the meantime, why not watch a seminar or two at the links below?


Sign up for seminar notifications

Don’t miss out on our monthly seminars and your learning and security community. Sign up below to get notified of upcoming seminar topics and reminders.


Have a topic idea?

Our seminars are designed to be relevant to what you’re learning in SafeStack Academy, as well as any secure development challenges you’d like some help and inspiration to work through.

We’d love to hear your topic suggestions! Share them below and we’ll be in touch with any questions.

Watch past seminars on Crowdcast

Preventing Product Security Nightmares: Account Takeover
With SafeStack Academy COO Erica Anderson
September 2021

Attackers and scammers are always looking for ways to “take over” accounts. Once they assume an identity, they could create havoc in your name. When they do this at scale, they can cause nightmares for your team and leave your organisation with a massive product misuse problem. Providing easy, accessible and secure access for your users’ legitimate needs is an important part of a modern software product or service. In this seminar, we explain how these “account takeover attacks” work and how your teams can prepare for this inevitable nightmare to make it a lot less scary.

Breaking Down the Software Supply Chain
With SafeStack Academy COO Erica Anderson
August 2021

We are starting to see a lot of news and incidents relating to supply chain-related attacks – incidents relating to network management software like SolarWinds, to virtual administrative tools like Kaseya, even Microsoft have accidently signed (or “verified a file as safe”) for a malicious driver or two. In this seminar we talk about where in your lifecycle or workflow supply chain risk can crop up, how to vet this software before we use it, and how you can prepare yourself in case that software pops up in advisories or headlines.

Security Culture in Business
With SafeStack Academy CEO Laura Bell
July 2021

Join us as we walk through how to introduce and grow a thriving security culture. During the session, you will have an opportunity to discuss specifics about security culture in your organisation, reflect on your understanding of it, and think about possible improvements to your processes.

Get your SAST on
With SafeStack Academy CTO Jigar Patel
June 2021

Sometimes, despite our best efforts to avoid them, security vulnerabilities still make their way into our applications. Perhaps you accidentally hard-coded credentials in your code, or maybe your JSON parser is susceptible to denial of service attacks. Static Application Security Testing (SAST) tools can automatically analyse your code to find these (and more) known security vulnerabilities, before they get deployed.

In this seminar, we highlight the need for SAST in software development, talk through SAST tools you can use to help find security flaws and how some of these tools can be adopted into a typical software development life cycle, and identify things to consider when adopting SAST as a team.

In Dependencies We Trust
With SafeStack Academy Product Owner Toni James
May 2021

As developers, testers, and tech enthusiasts, we depend heavily on code we didn’t write and applications we have no control over. Supply chain attacks and security issues through third party applications are a genuine threat that need our focus and attention.

In this seminar, we highlight common security issues the development world is facing today, introduce ways to investigate and analyse Software of Unknown Provenance (otherwise known as SOUP), and highlight dependencies that may be overshadowed by more prominent third party applications.

OWASP — Beyond the Top Ten
With SafeStack Academy Product Owner Toni James
April 2021

You’ll hear us talk about the OWASP Top Ten a few times in our courses, but what else does the Open Web Application Security Project have to offer and how can it help you? In this seminar, we highlight resources, community chapters, online conferences, and other ways you can get involved.

Can You Keep A Secret?
With SafeStack CTO Jeremy Stott
March 2021

Intuitively, the best way to keep a secret — such as a password or a key — is never to tell it to anybody. Perhaps this is why we’re often unprepared when we actually need to share one. In this seminar, we go through some coping mechanisms to safely share secrets with your applications, servers, and pipelines.

The Alphabet of Cloud Security
With SafeStack COO Erica Anderson and CTO Jeremy Stott
February 2021

Do you find yourself ‘lost in the clouds’ when it comes to cloud solution security? Maybe you’re in a complicated cloud migration at the moment, or you’re thinking of moving to the cloud in the future and you want to know more about it. It can all be a little overwhelming regardless of where you are in the process. If you could do with some advice and guidance, check out this seminar covering the shared responsibility model, identity and access management, multi-factor authentication, resource monitoring, host-based security, and layers (like WAF, VPN, CDN, and SIEM). Plus, a special appearance from Count von Count.

Capture the Fun in your Security Program
With SafeStack CTO Jeremy Stott and Security Advisor Toni James
December 2020

Whether you’re just starting your security journey or you’re well beyond the basics, there’s always time for fun when it comes to security learning. Capture the Flag (CTF) is a friendly competition where you search for ‘flags’ hidden in security flaws or application code. We cover what CTFs are, how to create your own CTF program, some resources for further learning, and an overview of our CTF-style labs, which are included in every SafeStack Development Academy membership.

An AppSec Guide to Incident Response
With SafeStack COO Erica Anderson and CEO Laura Bell
November 2020

What is Incident Response? How do we do it? Why do we need to know? Secure code, strong auth, added logging, and practicing social engineering scenarios are all things that can both help mitigate incidents and add a level of preparedness for when the bad things do happen. We go through what Incident Response is, and how and why development teams can help.

Level Up Your Personal Security
With SafeStack COO Erica Anderson
October 2020

From work and personal devices to neat third party applications, we walk through achievable actions to take you to the next level with your personal security and OpSec.