Shift Left - A discussion of AppSec Best Practices

Shift Left - A discussion of AppSec Best Practices
11am-2pm for session
2pm-3pm for happy hour

Details
Topics- See abstracts below

• Strategies for Aligning Programs with Modern Expectations-Frost Bank
• Cultivating Developer Adoption in the era of Artificial Intelligence-Snyk
• The radical future of app and API security is in production-Contrast Security
• Shift Left: Design for Security and Quality-CheckMarx

Lunch Provided
Scuzzi’s Italian Restaurant - 4035 N Loop 1604 W #102, San Antonio, TX 78257

HAPPY HOUR networking after session!!

ZOOM link provided below for remote attendees
**https://optiv.zoom.us/j/91529424588?pwd=bgMmGiqvaLkEn9GeX8tISW9lcmPoFc.1&from=addon**

We encourage everyone to attend in person. We will have door prizes and excellent food for all to enjoy, as you take advantage of this excellent networking opportunity!
Please feel free to pass this information on to your peers and team members.

Please reply “ONSITE” if you plan on attending in person so we can finalize headcount for food and room attendance 😊
Presentations will include:

I. Strategies for Aligning Programs with Modern Expectations
Vipul Gupta-SVP Frost Bank
In this talk, Vipul plans to share his experience with building and scaling an Application Security program. He will share why engaging with development and business teams is essential for the Shift Left journey.

II. Cultivating Developer Adoption in the era of Artificial Intelligence-Snyk
In today’s fast-paced, AI-driven development landscape, securing developer adoption is key to integrating security seamlessly into workflows. This presentation explores practical strategies to overcome challenges like trust, tooling complexity, and unclear ownership. By focusing on people, processes, and tools, we demonstrate how to empower developers, reduce friction, and scale security effectively. Attendees will gain actionable insights to foster a collaborative culture where security becomes a natural part of development.
One of the biggest challenges that organizations face when shifting left is getting developers to actually adopt the “shift left" tools. This presentation speaks to how to overcome that.

III. Development Team Transformation -Contrast Security
The lines between proactive and reactive cyber defenses are somewhat arbitrary. If you blur those lines, you can some serious advantages. A SAST or SCA tool finding is a theoretical vulnerability that may or may not be exploitable, but if you can see that a vulnerability is within the blast radius of active probes or attacks, it suddenly becomes real. What might have been labeled as "critical" in pre-prod suddenly becomes "super-critical". On the other hand, things that are not exploitable in a production context due to compensating control, can be deprioritized preserving the limited attention of development for things that really matter. Join DevSecOps pioneer, Larry Maccherone, for this thought-provoking discussion on going right to shift left

IV. Shift Left: Design for Security and Quality-CheckMarx
This presentation will discuss the elements of design phase security, highlighting the critical role of design decisions in achieving a secure and high-quality software product.