SECDES brought together webinars, workshops and partner events focused on secure software development for SaaS teams. The live program concluded on January 21, 2026, but the archive remains available here together with links to recordings and supporting materials.
Date: January 21, 2026
Location: Sirris, Heverlee
Speakers: Nick Boucart, Pieter Philippaerts and Jonas Van de Vyver
The closing event brought together lessons from the project, a session on building secure applications in the age of AI, an interactive exchange between participants and a look at support instruments for SMEs.
Archive overview
Most sessions focused on specific secure software topics such as threat modeling, OAuth, API security, pentesting and secure development maturity.
The program also included user group meetings and partner events that helped connect research with industry needs.
The recordings and slide decks remain relevant if you are building up a security by design practice inside a software team.
Events are listed in reverse chronological order, beginning with the closing event in January 2026 and tracing back to the first user group sessions in 2024.
Location: Online seminar
Speaker: Mathias Selleslach
A practical guide for SaaS teams on preparing for pentests, aligning expectations with testing partners and turning findings into improvement plans.
More informationLocation: Ghent
Speaker: Nick Boucart
Nick Boucart connected product thinking and application security, showing how small SaaS teams can shift security concerns left without derailing product delivery.
More informationLocation: Mechelen
A broader cybersecurity event where the SECDES partners met researchers, practitioners and policy stakeholders to discuss applied impact and collaboration opportunities.
More informationLocation: Louvain-la-Neuve
Speaker: Nick Boucart
A second PR_D_CT Day session focused on how product management can help smaller SaaS companies bring security concerns into roadmap decisions earlier.
More informationLocation: Online seminar
Speaker: Aram Hovsepyan
An introduction to OWASP SAMM as a way to assess and improve secure development maturity.
Location: Online seminar
Speaker: Koen Vranckaert and Eyup Kun
A high-level briefing on new EU cybersecurity rules and what they mean for software, hardware and process design in smaller organizations.
Location: Online seminar
Speaker: Philippe De Ryck
A session on using OpenAPI specifications as a practical input for audits, testing and security tooling.
Location: Online seminar
Speaker: Tatiana Galibus and Laurens Sion
A practical overview of what threat modeling tools can and cannot do, including a closer look at SPARTA.
Location: Ghent
Speaker: Tatiana Galibus
An in-person workshop centered on security mindset, data flows, assets and reasoning about threats before systems are deployed.
Location: Mechelen
Speaker: Nick Boucart, Tatiana Galibus and Roeland Delrue
A user group meeting focused on supply-chain security, NIS2 and software security testing tools.
Location: Online seminar
Speaker: Pieter Philippaerts
A webinar on current OAuth security guidance and the practical implications for API authorization.
Location: Online seminar
Speaker: Nick Boucart
A talk on how product management can drive earlier security prioritization in smaller SaaS teams.
Location: Online seminar
Speaker: Koen Yskout
A foundational session introducing threat modeling in the secure software development lifecycle.
Location: Leuven
Speaker: Nick Boucart and Pieter Philippaerts
The first user group meeting introduced the project and explained why secure design, testing and governance need to become part of everyday software delivery.
