Managing Applications Securely: A SANS Survey
- Wednesday, April 27th, 2016 at 1:00 PM EDT (17:00:00 UTC)
- Johannes Ullrich, Amit Ashbel, Tim Jarrett and Ryan O\'Leary
You can now attend the webcast using your mobile device!
Applications and software components, particularly web and mobile apps, have proven difficult to manage and secure, according to the SANS 2015 survey on application security. This year's survey explores how organizations are improving their application security practices, and what they still need help with.
Webcast attendees will gain insight into best practices and get advice about managing the security of their applications. Specifically, they will learn:
- What applications introduced the most risk into respondents' environments in 2015
- What percentage of their breaches resulted from badly-coded applications versus how many came from configuration-induced vulnerabilities
- How frequently organizations test the security of their applications in production
- What tools are most useful in protecting applications in production
- Management challenges around commercial third-party applications and applications hosted in the public cloud.
Be among the first to receive the associated whitepaper written by Johannes Ullrich, SANS dean of research
View the associated whitepaper here.
Johannes Ullrich, dean of research at the SANS Technology Institute, is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. His research interests include IPv6, network traffic analysis and secure software development. In 2004, Network World named Johannes one of the 50 most powerful people in the networking industry, and SC Magazine named him one of the top five influential IT security thinkers for 2005. Prior to working for SANS, Johannes served as a lead support engineer for a web development company and as a research physicist.
Amit Ashbel, a cyber security evangelist at Checkmarx, has been with the security community for over a decade and has taken on multiple tasks and responsibilities, including technical and senior product lead positions. Amit has experience with a wide range of security solutions including network, endpoint, fraud detection, and application security. This, in addition to his familiarity with emerging threats, allows him to address multiple aspects of an organization's security portfolio while constantly studying how organizations can adapt to the ever changing landscape. Amit speaks at high-profile events and conferences such as Blackhat, Defcon, OWASP and others.
Tim Jarrett is senior director of enterprise security strategy at Veracode. A Grammy-award winning product professional, he joined Veracode in 2008 and obsesses about how to make the world safe for—and from—software. He can be found on Twitter as @tojarrett.
Ryan O'Leary joined WhiteHat Security as a hacker in 2007 and has since developed a breadth of experience finding and exploiting web application vulnerabilities and configuring automated tools for testing. He swiftly rose through the ranks to become the vice president of WhiteHat Security's Threat Research Center in 2013. Ryan now manages a team of over 150 security engineers in three locations over two continents. He is also responsible for overseeing the delivery of WhiteHat Sentinel, which services over 10,000 customer websites. Under Ryan's leadership, the team has built a one-of-a-kind database that combines details of more than 26 million vulnerability patterns with proprietary algorithms to assess the threat level.