Hacking Stuttgart - from SAST to DAST to Penetration Testing and Bug Bounties

Join us for an enlightening evening dedicated to exploring the full spectrum of the Secure Software Development Lifecycle (SSDLC) from inception to deployment and beyond. This exclusive meetup, tailored for program and application security managers, will bring together leading experts in the field of cybersecurity to delve into advanced strategies that ensure software resilience and security.

This meetup is designed not only to inform but also to foster a dialogue among cybersecurity professionals about integrating and balancing various security practices. It’s an opportunity to learn how SAST, DAST, Penetration Testing, and Bug Bounties can coexist within a robust application security program, each offering unique benefits and addressing different aspects of the security lifecycle.

Agenda (6pm -9pm):

• Welcome
• "Demystifying SAST and DAST" - Mathias Conradt
• "Rewarding Resilience: The Critical Role of Crowdsourced Defense Through Bug Bounties" - Laurie Mercer
• Networking

Details below.

• Welcome & Lightning talk - "Demystifying SAST and DAST"
  Mathias Conradt, Principal Solutions Engineer at Snyk, OWASP Member, CCC Supporter

In this session, we delve into the operational distinctions and integration challenges of Static and Dynamic Application Security Testing within CI/CD pipelines. Our discussion will not only clarify the effectiveness of these tools in various development stages but also how Dynamic Application Security Testing differentiates itself from traditional penetration testing. DAST's role in automated, continuous security assessments highlights its unique position in preemptive application defense compared to the more sporadic nature of penetration tests.
Participants will gain insights into how these methods complement predictive and reactive security measures and what factors to consider to align them effectively with their organizational security needs. Join us to refine your strategic approach to application security, ensuring well-informed decisions on employing SAST and DAST in your security arsenal.

• "Rewarding Resilience: The Critical Role of Crowdsourced Defense Through Bug Bounties"
  Laurie Mercer, Field CTO for EMEA at HackerOne

How can organizations utilize the global security community's expertise to eliminate vulnerabilities? In this session, Laurie explores the growing role of crowdsourcing and bug bounty programs as a cornerstone of robust cybersecurity strategies. Drawing from real-world examples, he explores the impactful role independent security researchers have made in enhancing cybersecurity from code to cloud. He will discuss how to engage with security researchers to identify and eliminate vulnerabilities, including how to integrate with traditional security measures like SAST and DAST.
The session will highlight the benefits, challenges, and key strategies for working with the global security researcher community. Attendees will leave with a deeper understanding of how crowdsourced security can significantly bolster cyber defenses and promote a culture of transparency and collaboration within the industry, from engaging the hacker community to measuring program success and the ROI of bug bounties and more.

There'll be a raffle to win a Skullcandy headset and enough time to network and chat.

Who Should Attend?
This event is ideal for Application Security Managers, Program Managers, and IT professionals eager to enhance their understanding of comprehensive security strategies within the software development lifecycle.
Whether you are looking to refine your existing security processes or to discover new tools and practices, this meetup will provide you with the knowledge and connections to advance your application security initiatives.
Secure your spot today and join us for an evening of insightful discussions, networking, and learning from the foremost experts in the field. Together, let’s build a more secure future for our software environments.

Contact & Questions
In case of questions: Mathias +491792976974 or [mathias.conradt@snyk.io](mailto:mathias.conradt@snyk.io)