Skip to main content
CodeBytes - The Curious Engineer
  1. Posts/

NDC Security 2026

·410 words·2 mins
Speaking NDC Security Conferences Cybersecurity MITRE ATT&CK
Chris Ayers
Author
Chris Ayers
I am a Principal Software Engineer at Microsoft, father, nerd, gamer, and speaker.
Table of Contents
NDC Security 2026 - MITRE ATT&CK for Developers

I’m excited to be speaking at NDC Security 2026 in Oslo, March 2-5! I’ll be presenting MITRE ATT&CK for Developers — showing how developers can go beyond the OWASP Top 10 and use the ATT&CK framework to think like attackers and build stronger defenses.

About NDC Security
#

NDC Security is a dedicated security conference for software developers, held at the Radisson Blu Scandinavia Hotel in Oslo. With 66 sessions and over 60 speakers, it bridges the gap between development and security — designed for developers who want to build secure software and security professionals who want to understand modern development practices.

This year features an all-new OWASP x NDC Security track, bringing OWASP content directly into the conference lineup.

My Talk: MITRE ATT&CK for Developers
#

Wednesday, March 4 at 10:20 — Room 3

Most developers know the OWASP Top 10, but fewer know the MITRE ATT&CK framework. In this talk, I’ll cover how ATT&CK complements OWASP, walk through real attack chains with code examples in Python, C#, and JavaScript, and show practical detection patterns you can implement in your applications. The goal: think like an attacker, build like a defender.

For a preview, check out my blog post on MITRE ATT&CK for Developers: Beyond OWASP.

Conference Highlights
#

Keynote
#

Michael Howard opens the conference with 25 Years of the Microsoft SDL — a look back at how the Security Development Lifecycle has shaped how we build secure software.

Workshops (March 2-3)
#

The conference kicks off with two days of hands-on workshops:

  • Bulletproof APIs: Hands-On API Security — Philippe De Ryck
  • Hack Yourself First: How to Go on the Cyber-Offence — Scott Helme
  • Identity and Access Control for Modern Applications using ASP.NET 10 — Anders Abel
  • Building and Deploying Secure AI: Practical Strategies for Developers — Jim Manico
  • Attack and Secure AI Apps - Wargame Edition — Davide Cioccia
  • Full-Stack Pentesting Laboratory — Dawid Czagan

Notable Sessions
#

A few talks I’m looking forward to:

  • Prompt Injection Attacks in LLM-Powered Applications — Magno Logan
  • ASP.NET Core Meets OWASP Top 10 2025 — Anders Abel
  • Securing Model Context Protocol (MCP) — Jim Manico
  • Getting Authorization Right in .NET — Michele Leroux Bustamante
  • Beyond the Commit: Weaponizing and Hardening GitHub Actions — Niek Palm
  • Your Website Is Running Code You’ve Never Seen — Scott Helme

See You There
#

If you’re attending NDC Security, come say hello! You can check out the full agenda and grab tickets at ndcsecurity.com.

Related

MITRE ATT&CK for Developers: Beyond OWASP

·839 words·4 mins
Security Security MITRE ATT&CK OWASP Cybersecurity Application Security
Most developers know the OWASP Top 10, but fewer know MITRE ATT&CK. OWASP tells you what can break. ATT&CK tells you how attackers actually operate. Together, they give you a complete picture of application security. I’ll be presenting this topic at NDC Security 2026 in Oslo, March 2-5. If you’re attending, come check out my talk — MITRE ATT&CK for Developers — on Wednesday, March 4 at 10:20.

Aspiring .NET & Resilience @ NDC Oslo 2025

·1102 words·6 mins
Speaking Ndc-Oslo Azure Reliability OpenAI Ollama Chaos-Engineering Dotnet
As I’m flying from Oslo to Amsterdam, I’m still buzzing with energy and inspiration from NDC Oslo 2025. It was an incredible week of learning, sharing, and connecting with some of the brightest minds in technology. From thought-provoking keynotes that challenged our assumptions to the epic The Linebreakers concert at Brewgata, every moment reinforced why each NDC conference but NDC Oslo remains one of the premier developer conferences in the world.

Aspiring .NET & Resilience @ Techorama Belgium 2025

·398 words·2 mins
Speaking Techorama Azure Reliability OpenAI Ollama Chaos-Engineering
I’m thrilled to announce that I’ll be delivering two sessions at Techorama Belgium 2025! Join me as we explore the cutting edge of .NET, AI, and cloud resilience with actionable strategies, demos, and real-world insights. Techorama Belgium is a premier tech conference that brings together developers, architects, and IT professionals to share knowledge and network with industry leaders. This year, I’m excited to be part of the lineup!

Resilient by Design @ NDC Oslo 2025

·456 words·3 mins
Speaking Ndc-Oslo Azure Reliability Chaos-Engineering
I’m excited to preview my upcoming NDC Oslo talk, “Resilient by Design”, where I’ll share how to architect Azure systems that not only survive failure but continue running smoothly when disruptions occur (NDC). Join me on to explore core resilience principles, Azure-native tools, and proven best practices for maintaining high availability in real-world scenarios (Microsoft Azure, Microsoft Learn). Whether you’re new to Azure or looking to optimize an existing environment, this session will equip you with actionable strategies to anticipate, mitigate, and recover from failures (Microsoft Learn).