How can OffSec change your AppSec game?

Many initiatives in application security are focused on blue team defenses and securing SDLC processes. Should offensive security tactics, such as red teaming and pentesting, play a more active role in our strategy?

In this session, we'll cover:

• How we define offensive vs. defensive security
• The difference between blue, red, and purple teaming
• Should pentesting go beyond compliance?
• Should we all learn how to pentest?

This is NOT a presentation by a distinguished speaker, but rather a topic-focused open discussion for all of us. No matter your experience level, join us to share your opinions, or just listen and learn!

We'll keep our focus on the topic, but there's no telling where the conversation will go. It's up to you to direct it through your questions and responses!

* We do not record our sessions and follow Chatham House Rules in order to protect the privacy, identities, and reputations of our participants while encouraging open and honest conversation.