Day 1 AM

9.00

Introduction to the Conference

Chair for day one:
John Walker, Secure Bastion

Keynote 1

9.15

Secure System Development – what does it mean, and why should the Business care?
Speaker: Lord Toby Harris

9.45

10.30

Coffee Break

11.00

A Survey of Application Vulnerabilities

Speaker: John Smith, IBM Rational

11.45

The Business Case for Secure Coding

Speaker: Stuart Okin, Comsec Consulting UK

Secure Coding or Quality Engineering

Speaker: Ian Bryant, SSDP

12.30

Panel Session:
Why don’t we do what we need to do to achieve secure development?

Day 1 PM

1.00

Networking Lunch

2.00

The Secure Development Life-Cycle

Speakers: Geoffrey Hill, Microsoft

2.30

Managing Legacy Application Development

Speaker: Jon Arnold, Coverity

Threat Modelling in the 'Real World'

Speaker:
John Walker, Secure Bastion

3.15

Coffee Break

3.45

Outsourcing Secure Development

Speaker: David Harper, Fortify

Static and Dynamic Code Analysis 

Speaker: Dinis Cruz, OWASP

4.30

Building Security into Acquired Software

Developing Secure Components for Embedded Systems

Speaker: Prof Jim Norton, Independent Director Policy Adviser and Public Speaker

5.15

Panel Session:
Starting at the Top – Making Secure Coding Policies work

DAY TWO

Chair for day two: Peter Wood

Day 2 AM

9.15

9.45

Standards and Secure Systems Development

Speaker: Mike Nash 

User experience of selecting and using Code Analysis

Speaker: Duncan Phillips, Travelex

10.15

Secure Coding Metrics

Speaker: Andrew Brown, OrbisIP Ltd

Securing Java in Oracle Using Database Application Monitoring as part of a Secure SDLC

Speaker: Paul Wright, Security Researcher, Oracle Security 

10.45

Coffee break

11.15

Managing Business Processes for Secure Software Development

Speaker: Matt Bartoldus, Gotham Digital Science

Breaking SSL: Why leave to others what you can do yourself

Speaker: Ivan Ristic, Author

12.00

Panel Session:
Certifications / Training

Panellists include (ISC)2, SANS, and two University under and post graduate courses

Andrew Kays, Nexor

12.30

Networking Lunch

Day 2 PM

1.30

Developing your own Testing Tools for Secure Development

Speaker: Michael Jordon, Context Information Security

2.15

Architecting Access (Business Rules) in Development
 

Speaker: Peter Trommler

Creating a Fuzzing Feeling

Speaker: Ari Takanen, author of “Fuzzing for Software Security Testing and Quality Assurance”

3.30

Tips & Tricks for Reto-fitting Secure Code

Speaker: Justin Clarke, Author of 'SQL Injection Attacks & Defence'

Software Assurance

Speaker: Peter Wood, Firstbase Technologies

3.30

Panel Session:
Where to next – Resources everywhere?

4.00

Finish