Securing Your Applications with Keto AppSec Sponsored by Contrast Security

CSNP - Chicago CyberSecurity
CSNP - Chicago CyberSecurity
Public group


222 W Merchandise Mart Suite 875 · Chicago, il

How to find us

Take the elevator to the 8th floor and look for glass doors. Suite 850

Location image of event venue


***This Event is FREE***
***CPE Certificates will be given post event***
***You MUST bring a government issued ID to attend this event***

Please RSVP at EventBrite!

Join us this evening to network and learn about securing your applications with Keto AppSec and how Allstate continuously deliver secured application Sponsored by Contrast Security.

5:30-6:10PM – Networking & Socializing (Food & Drinks Provided)

6:10 – 6:20PM - Introduction from Organizers and Sponsors

6:20 - 7PM - Guest Speaker from Contrast Security: David Lindner
Session Title: KetoAppSec: It's all about the FATS
Q&A + Short Break

7:10 - 7:30PM - Guest Speaker: Patrick O'Laughlin
Session Title: Preventing sensitive data from being pushed to Git with The OWASP/SEDATED℠ Project
Q&A + Short Break

7:35-8PM - Guest Speaker: CSNP President, Abdel Sy Fane
Session Title: Secured Application Delivery at Allstate

8:00PM - Networking

Speaker Bio:
David Lindner is the Director of Application Security at Contrast Security. As an experienced application security professional with over 18 years of experience in the computer security industry, Lindner has worked within multiple disciplines in the security field, from application development, network architecture design and support, IT security and consulting, security training and application security. Over the past 10 years, he has specialized in all things related to mobile applications and securing them. Lindner has supported many different clients including financial, government, automobile, healthcare and retail. In his spare time, he hones his mobile and IoT testing skills by participating in numerous bug bounties.

Abstract: The Ketogenic diet has taken form over the past few years and it actually works. So how can we apply something similar to our application security practices? Application security traditionally focuses on tools or manual testing. We traditionally do “static (SAST)” or “dynamic (DAST)” tool assessments and label them as a “full” or “time-boxed” assessment. The driving force is usually budget or lack thereof, so how do we trim down our assessment methodologies yet be efficient, precise and beneficial? There are many ways to be more efficient in the way we AppSec to get the most benefit out of the time we have. Whether it be making risk-based decisions, looking for patterns, understanding frameworks and their built-in protections, we can make intelligent choices and guesses. David Lindner will walk through some tips and tricks that will help consultants and internal testers alike focus on the fat of applications in a shortened timeframe.

Speaker Bio:
Patrick O’Laughlin is an Application Security Engineer at Allstate. Having previously worked as a developer, Patrick attended an intensive 6 month, Department of Defense Cyber Security Bootcamp, learning to reverse engineer malware and develop tools to identify malware based on heuristics. His interests include DevSecOps and Machine Learning as well as a healthy dose of hacking. Patrick holds the OSCP certification.

The OWASP/SEDATED℠ Project (Sensitive Enterprise Data Analyzer To Eliminate Disclosure) focuses in on preventing sensitive data such as user credentials and tokens from being pushed to Git.

***See EventBrite for more details

Speaker Bio:
Abdel Sy Fane is an Application Security Manger at Allstate and president of the CyberSecurity NP (Non-Profit).

***See EventBrite for more details

Abstract: How Allstate is using the Keto AppSec strategy to secure code from day one. A walkthrough of Allstate's DevSecOps process.

Visit our website: