concept statements companies organizers bring it
A PUBLIC CHALLENGE ABOUT APPLICATION SECURITY

YOUR APPSEC SUCKS!

A debate-first format designed to provoke engineers into real security conversations. Minimal setup. Maximum signal.
Bring it See statements
No slides. No rehearsed answers. Always a practical takeaway.

I accuse your security of being mostly compliance.

Sit down. Argue it. I’ll close with decisions you can ship, not “best practices” you’ll forget.

THE CONCEPT

Not a talk. A public challenge.

I place a provocative statement in the room. People react. We debate with code, architecture and production constraints. Every round ends with a concrete takeaway: a pattern, a guardrail, or a decision you can implement.

3 rules

1) No moral lectures.
2) No vague “best practices”.
3) Every debate ends with an actionable decision.
  • Technical debate. Respect. Code of conduct.
  • If you ship software, you’re qualified to join.

Your “secure design” fails at the first attacker.

Let’s test assumptions in public. Faster than a month of internal meetings.

STATEMENTS

Pick one. Get triggered. Debate.

These are the “sign on the table” starters. Shuffle for the next round.

now challenging
1/8

Use this on a banner, on stage, or as a hallway debate starter.

If it’s not in your design, it won’t appear in your patch.

Security is decided before the first line of code. Let’s argue what you’re missing.

FOR COMPANIES

Turn security theater into engineering decisions.

Works as consulting because it exposes blind spots fast, aligns dev and security, and produces an action plan. You leave with decisions teams can implement.

What you get

  • Prioritized risky assumptions tied to code paths, services and workflows.
  • Guardrails: patterns, checklists and “never again” rules teams actually follow.
  • Action plan: quick wins + structural fixes (people, process, pipeline, design).
FOR EVENT ORGANIZERS

An attraction that creates a crowd and real technical conversation.

Designed for conference floors and dev meetups. High engagement, low production cost, and great content moments.

Setup (minimal)

  • Table: 2 chairs + small table + banner/sign + timer. Mic optional.
  • Stage: host mic + 2 participant mics + one slide with the statement.
  • Time: 30–45 min (stage) or 2–4 hours (table, rotating debates).
  • Rules: technical debate + respect + code of conduct.
COMPANY
Bring it inside.
Run a high-impact internal session. Expose blind spots. Align teams. Leave with an action plan.
Email about a company session
EVENT
Bring it on stage.
Table or stage format. Creates a crowd. Sparks debate. Generates content moments.
Email about bringing it to an event