Sebastien Deleersnyder will share his practical threat modeling experience. He specializes in Application Security, combining both his software development and information security experience. Sebastien has led engagements in the domain of ICT-security, Web and Mobile Security with several customers including BNP Paribas Fortis, Atos Worldline, KBC, Nationale Nederlanden (ING), Isabel, Fluxys, OLAF, EU Council, TNT Post , Flemish Community, Agfa-Gevaert and ING Insurance International. In the last 15 years he has performed several successful secure development lifecycle projects in the financial and utility sector, started up software security groups, supported customers in selecting and implementing Web Application Firewalls (WAF), delivered web application security training and closed a lot of audit findings regarding application security :-). Sebastien started the Belgian OWASP Chapter Leader, was a member of the OWASP Foundation Board and performed several public presentations on Web Application and Web Services Security. He also co-founded the yearly security & hacker BruCON conference and trainings in Belgium. Sebastien has achieved CISSP, CISM, CISA and Prince2 Practitioners certifications. Specialties: Application Security, Secure Development Lifecycle, ICT security product management, Business Development and Security Project Management