Building Security In ? *
Everybody *wants* to write secure code, and yet it’s hard to find a dev team that truly owns application security. Instead, a small and external security team is tasked with keeping the constant and large amount of produced functionality secure. As we can see in daily headlines, this approach is not working, and is breaking down further in the face of high efficiency continuous deployment.
How can we fix it?
In this panel, three experts who deal with this problem on a daily basis will debate the ways dev teams can step up and build security in, touching best practices, tools, where to get started and much more.
Guy Podjarny (@guypod) is a cofounder at Snyk.io, focusing on securing open source code. Guy was previously CTO at Akamai and founder of Blaze.io, and worked on the first web app firewall & security code analyzer. Guy is a frequent conference speaker, the author of "Responsive & Fast”, “High Performance Images” and the upcoming “Securing Open Source Code”.
John Steven’s expertise runs the gamut of software security—from threat modeling and architectural risk analysis to static analysis and security testing. He has led the design and development of business-critical production applications for large organizations in a range of industries. Since joining Cigital as a security researcher in 1998, Steven has provided strategic direction and built security groups for many multi-national corporations, including Coke, EMC, Qualcomm, Marriott and Finra. His keen interest in automation continues to keep Cigital technology at the cutting edge. Presently, he serves as internal CTO of Cigital and CTO of Codiscope. He has served as co-editor of the Building Security In department of IEEE Security & Privacy magazine, and as the leader of the Northern Virginia OWASP chapter. He speaks regularly at conferences and trade shows. Follow John on Twitter @m1splacedsoul
Omri Iluz is the CEO and cofounder of PerimeterX. After spending a decade and a half building and securing web scale infrastructure at companies such as Akamai, Cotendo and iPlay, Omri decided to focus on ridding the web from Bots and other automated threats. With experience that spans everything from writing code and malware reversing to modern web architecture, Omri provides a unique point of view on the current state of affairs of web security.
*note: no need to RSVP via Eventbrite
• Doors will open at 5:30 for a 30-minute networking happy half-hour! The food, beer and drinks are provided by Bellagios and New Relic.
• The presentation will begin right at 6p.
• NOTE: after the event, everyone is invited to continue networking at a special happy hour opportunity, one story up at Portland City Grill.
› FutureTalks is brought to you by New Relic (http://www.newrelic.com/) in collaboration with TAO (http://www.techoregon.org/).