Save $350 on Cyber Security Training at SANS Anaheim 2019. Ends 12/19!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Application Security on the Go! SANS Survey Results, Part 1

  • Tuesday, October 24th, 2017 at 1:00 PM EST (17:00:00 UTC)
  • Eric Johnson, Alfred Chung, Colin Domoney and Apoorva Phadke

Sponsor

  • Tenable Network Security

You can now attend the webcast using your mobile device!

Overview

Agile and DevOps development life cycles are making it possible for developers to serve up applications faster than ever. Given the rapidly increasing number of application deployments to the cloud and mobile devices, application security managers have more to defendand less time to mount their defensesthan ever before.

SANS conducted a survey of IT and development professionals to learn how security teams are keeping up with the fast-paced deployment cycles in these new and challenging environments. Webcast attendees will learn about survey results as we explore:

  • Rapid delivery cycles in Agile and DevOps and how they affect security and compliance
  • Tools and techniques that are most effective in securing appsand why
  • Effects of containerization (such as through Docker) on security and risk assessments of applications
  • Who's bridging the gaps between InfoSec, software engineering and compliance and whether such actions improve the security of applications

The second part of the webcast, held on Wednesday, October 25, at 1 p.m. Eastern, drills down to the threats, how they spread, and what to do about them. Click here to register for the Part 2 webcast.

Register for this webcast and be among the first to gain access to the associated survey results whitepaper developed by Jim Bird, editor of the SANS Software Security Blog and co-author of DEV534: Secure DevOps: A Practical Introduction.

View the associated whitepaper here.

Speaker Bios

Eric Johnson

Eric is a co-founder and principal security engineer at Puma Security focusing on modern static analysis product development and DevSecOps automation. His experience includes application security automation, cloud security reviews, static source code analysis, web and mobile application penetration testing, secure development lifecycle consulting, and secure code review assessments.

Previously, Eric spent 5 years as a principal security consultant at an information security consulting firm helping companies deliver secure products to their customers, and another 10 years as an information security engineer at a large US financial institution performing source code audits.

As a Certified Instructor with the SANS Institute, Eric authors information security courses on DevSecOps, cloud security, secure coding, and defending mobile apps. He serves on the advisory board for the SANS Security Awareness Developer training program, delivers security training around the world, and presents security research at conferences including SANS, BlackHat, OWASP, BSides, JavaOne, UberConf, and ISSA.

Eric completed a bachelor's degree in computer engineering and a masters degree in information assurance at Iowa State University, and currently holds the CISSP, GWAPT, GSSP-.NET, and GSSP-Java certifications.


Alfred Chung

Alfred Chung is a solutions marketing professional at Rapid7. He studied software engineering at Columbia University and business at USC. After nearly a decade of working as a developer, building websites, mobile apps and enterprise Java applications, he hung up his debugger to pursue deeper interactions with customers. This led him to a five-year stint in product management in the endpoint security space, specializing in endpoint detection and response. Today, Alfred is thrilled to be a member of the Rapid7 marketing team, using his application development and security background to tell the story of how Rapid7 can help customers understand and reduce their application security risk.


Colin Domoney

Colin Domoney, senior principal transformation consultant, is responsible for thought leadership and domain expertise focused on Application Security and Secure DevOps. He works with organizations worldwide on DevOps strategy with an emphasis on the security technologies and techniques, and has a particular interest in the deployment of technology to facilitate the widespread and frictionless automation of all aspects of security assessments. As an evangelist of DevSecOps at CA Veracode, Colin has spoken at numerous industry conferences, and presented multiple webinars on security challenges within DevOps, in addition to being an advisor to many Fortune 500 companies in their transition to DevSecOps.


Apoorva Phadke

Apoorva Phadke is a Senior Security Consultant at Synopsys. She works with customers to adopt secure development processes and practices. Apoorva comes from a development background and advocates that security and development go hand in hand.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.