Art of InfoJacking: Detecting/Testing Web Network Devices –Hidden Patterns by Aditya K Sood 
Software Security: State of the Practice 2010 by Gary McGraw 
Software Security Touchpoint: Architectural Risk Analysis by Gary McGraw 
Cyber Security: Software Risk Management for Utilities by Gary McGraw 
Lifestyle Hacking: Social Networks and Gen Y Meet Security and Privacy moderated by Gary McGraw 
Building Security In Maturity Model by Gary McGraw [2009/2010]
This talk describes the observation-based maturity model, drawing examples from many real software security programs.
Software Security and the BSIMM by Gary McGraw 
Software Security and the Building Security in Maturity Model by Sean Barnum 
There is much to learn from practical experience. Use the BSIMM as a yardstick to determine where you stand and what kind of software security plan will work best for you.
Startup Lessons by Gary McGraw 
Software Security Requirements: The Foundation for Security by Paco Hope 
While not all organizations need to achieve the same security goals, all successful large scale software security initiatives share common ideas and approaches. This talk describes these practices using real data.
The Building Security In Maturity Model: Quality Assurance Perspective by Sammy Migues 
Several large organizations use a software security group (SSG) to address software security and these SSGs are actively working with QA/test groups to produce more secure software. This talk describes some of the individual activities they are performing.
10 Things Everybody Does: Successful Software Security Initiatives by Robert M. Hines 
The presentation merges BSIMM top 10 activities everybody performs with imperatives for success.
Software Security: State of the Practice 2008 by Gary McGraw 
Using the framework described in the book “Software Security: Building Security In”—built around the three pillars of software security: risk management, the touchpoints, and knowledge—Dr. McGraw describes the state of the practice based on real data from the field.
Exploiting Online Games: Cheating massively distributed systems by Gary McGraw 
This talk is about security problems associated with advanced massively distributed software. With hundreds of thousands of interacting users, today’s online games are a bellwether of modern software yet to come. The kinds of attack and defense techniques described are tomorrow’s security techniques on display today.
An Approach to Agile Automation Testing by Frank Hurley 
This presentation describes a successful approach to implementing automated QA testing into an agile environment.
From March 2010.
Gary McGraw – Cyber Security: Software Risk Management for Utilities (NRECA)
From March 2010.
Gary McGraw – Exploiting Online Games (Cal Poly Distinguished Speaker invited talk)
From Fall 2008.
Paco Hope at STARWEST 2008
Paco discusses how figuring out the right blend of testing activities can be a real challenge for some organizations.
John Steven – Practical Advanced Threat Modeling (Owasp5017)
Recorded at the Open Web Application Security Project NYC Conference on September 25, 2008.
Gary McGraw on Secure Software Development (SearchSecurity.com)
In this interview with Executive Editor Dennis Fisher, McGraw discusses the progress the industry is making on software security and how much farther most vendors have to go. From June 2008.
Gary McGraw – Software Security: Building Security In (OnSecurity)
Gary discusses the need for security to be built into the Software Development Lifecycle. From fall 2007.
Gary McGraw – Exploiting Online Games (USENIX Security ’07 invited talk)
This talk frankly describes controversial security issues surrounding MMORPGs such as World of Warcraft. This no-holds-barred approach is fully loaded with code examples, debuggers, bots, and hacks, of interest whether you are a gamer, a game developer, a software security person, or an interested bystander. Presented at USENIX Security ’07 on August 9, 2007.
Gary McGraw – Online Gaming and Criminality (InformIT.com)
Dr. Gary McGraw discusses security issues in online gaming in July 2007.