Agenda | April 19, 2024 | 10:00AM-1:45 PM EDT
Timeline | Session Description |
---|---|
10:00 AM | Kickoff & WelcomeMoses Frost, Event Chair, SANS Instructor |
10:20 AM | Session One | Navigating the Application Security LandscapeIn an era dominated by digital innovation, application security (AppSec) stands as a critical frontier in safeguarding organizations from evolving cyber threats. Join us for a comprehensive exploration of the current AppSec landscape. We'll unpack emerging threats, common vulnerabilities, and the ever-evolving world of application security. You’ll learn practical tips to help you establish guardrails and proactively address top AppSec risks in your organization. In this webinar, you will: - Understand the wide range of AppSec risks, including everything from common vulnerabilities to sophisticated exploits. - Explore real-world scenarios to learn practical insights into overcoming common AppSec challenges. - Learn how to align security practices with agile development methodologies, ensuring security is not a bottleneck, but rather an integral part of the development lifecycle. - See how cutting-edge technologies enhance AppSec best practices and enable teams to keep pace with the dynamic nature of application threats. Stephen Giguere, Developer Advocate, Prisma Cloud by Palo Alto Networks |
10:50 AM | Session Two | Infiltration & Betrayal: When Trusted Software Turns RogueSoftware is the largest under addressed attack surface impacting enterprises, where exploiting commercial software undermines trust in essential business tools. With software supply chain attacks up over 1000%, hackers are exploiting gaps in the development of commercial, proprietary, and third-party code, impacting producers and enterprise consumers alike. This impacts software producers and their enterprise buyers alike. But despite this, organizations can protect themselves by understanding attack methods, identifying vulnerabilities in software supply chains, and enforcing stringent checks. Join us as Matt Rose, Field CISO for ReversingLabs, covers how enterprises can understand and predict the vectors of attacks, identify any weak links in software supply chains, and implement truly rigorous checks and balances. - Understand Software Supply Chain Attacks: Examine the intricacies of software supply chain attacks orchestrated and why legacy SAST, SCA, and DAST solutions won’t stop them - Investigate High-Profile Breaches: Understand the SolarWinds, 3CX, and CircleCI incidents in detail, understanding the ‘how’ and the ripple effects of these attacks. - Know When Your Software is Malware: Learn how RL Spectra Assure identifies malware and tampering software development and procurement. Joshua Knox, Sr. Technical Product Manager, ReversingLabs |
11:20 AM | Session Three | Compromised Credentials in 2024: What to Know About the World’s #1 Attack VectorCredentials, made up of passwords and usernames, serve as the keys to our online existence. According to Lastpass, professionals manage up to 200 sets of credentials on average, emphasizing the need for strong, unique passwords that are regularly updated. When credentials are compromised, cyber attackers gain frictionless entry into sensitive systems and can often move laterally to find your crown jewels. Attend this webinar to understand: - Execution methods behind compromised credential attacks - What the bad actors do with stolen identities - Preventative best practices to implement today Tim Chase, Global Field CISO, Lacework |
11:50 AM | Break |
12:00 PM | Keynote Session | Cyber Oddities: A Lighthearted Look at 2023's Most Bizarre Cybersecurity MomentsWhat's a great way to break up a conference focused on the VERY serious subject of defending against threat actors and cyber attacks? Let's laugh about them! Join Gianna Whitver and Oscar Burns as they delve into the most outlandish and ridiculous cyber news of last year. This interactive and podcast-style keynote will offer a comedic yet informative review of the year's strangest incidents, trends, and stories in the cyber world. Expect entertainment, surprising revelations, and a jaunt through the lighter side of cybersecurity! Speakers: Gianna Whitver, Co-Founder, Cyber Marketing Society Oscar Burns, Global Field Manager, GitGuardian |
1:00 PM | Session Four | Building better AppSec programs with ASPMApplication security professionals are struggling. The transition to agile, DevOps, cloud, and the growing use of AI is empowering distributed development teams to build software with greater speed and autonomy. In contrast to the remarkable strides in development methodologies, AppSec teams are still playing catchup, both outnumbered and out-resourced. Given all these challenges, is it truly possible to “master” AppSec? We will review the foundations of AppSec program building and key concepts. We will also introduce ASPM (Application Security Posture Management) its core principles, and how AppSec practitioners and leaders can apply them in order to build, manage and scale a risk-based AppSec program. Jim Armstrong, Senior Director, Product Marketing, Snyk |
1:30 PM | Closing RemarksMoses Frost, Event Chair, SANS Instructor |