Looks like the slides are up for most of the OWASP conference presentations over here
A couple that I thought were particularly interesting were
Alex Lucas on the Microsoft SDL which gave some good insight on all the work that Microsoft are putting into improving the security of Vista. I've never been a huge Microsoft fan but they're definately moving in the right direction on the security issue.
Also Brian Chess on static source code review. This one gives some good insight into what static source code analysis can and can't do for a security review. It looks to me like Fortify and Ounce will be moving into the same kind of space that SPI, Cenzic and Watchfire are in for web application testers. No-one thinks you can just run those tools and call it a day, but they're pretty valuable in improving the coverage of the test and catching certain classes of vulnerability, leaving the tester to focus on things like business logic flaws that automated tools can't find.


Security Geek, Kubernetes, Docker, Ruby, Hillwalking