I recently decided that I would share most of my talk content with my community (everything that I am not currently applying to conferences with). By "share" I mean give my express permission for anyone, anywhere, to present content that I have written, with no need to pay anything or ask for my consent. You can even charge money to give the talk, but if you do I kindly ask you make a donation to the OWASP DevSlop Project or WoSEC.
I've had a few people ask me why I would do this, and there are a few reasons.
- To spread the word about how to secure software; it's important to me to try to make the internet and other technologies safe to use.
- To help new speakers (especially from underrepresented groups). If they have something they can present, with instructions they can follow, hopefully it will help make them more confident and skilled at presenting.
- To share knowledge with my community in general: sharing is caring, yo.
- The more people who present my talk the more people who may decide to follow me. SO MUCH WIN!
The first talk I decided to release is called "Pushing Left, Like a Boss". It's an intro to application security that I'm told is very accessible for technical and non-technical audiences alike. My mom watched me do this talk and said "I finally understand what the IT Security people are talking about at work and why they were bothering me!" You could do this talk at any almost IT meetup and they are likely to find value; it's also great for a lunch and learn at work with software developers or other IT staff. Topics covered include; threat modelling, Pentesting, code review, creating a secure system development lifecycle, and how to figure out the most secure way to do whatever you are trying to do. Talk difficulty level: 101/intro. Also, this talk is based on the Pushing Left, Like a Boss Blog series.
In efforts to ensure anyone who presents my material has a good experience I made a GitHub repo with an instructional video of what to say, a readme file with written instructions and links so you can watch me do the talk myself.
Please go forth and teach AppSec! And if you have feedback I want to hear it! More talks on the way.