AppSec War Stories: A Fun Discussion of In-the-Trenches Warfare

AppSec War Stories: A Fun Discussion of In-the-Trenches Warfare
Presentation Session: 11am-2:30pm
Happy Hour: 2:30pm-4:00pm

The theme of this meeting is to focus on AppSec War Stories: Lesson’s Learned and Opportunities. Industry experts will talk about key AppSec challenges and how these were overcome by leveraging technology, best practices, innovation and teamwork. There will be multiple presentations highlighting different challenges and lessons learned.

Featured Presentations

Securing Today, Safeguarding Tomorrow: A Guide to App and AI Security - Andrew Gordon, Sr. Sales Engineer, Snyk
This talk challenges the traditional, reactive approach to application security, where developers get stuck fixing issues weeks after they're created. We’ll show how new tools and processes can empower developers to integrate security directly into their workflow, making it an efficient part of the development process.

Finally, we'll look at the emerging security challenges presented by AI. We'll discuss the new "war stories" we anticipate seeing, and what developers need to know to secure both today's applications and the AI-powered systems of tomorrow.

Lessons Learned in Application Security from Log4j: A Wake-Up Call for the Industry - Chris Young, Product Manager, OpenText
To explore key takeaways from the Log4j vulnerability (Log4Shell) and how it reshaped the approach to application security, particularly in open-source and enterprise software environments.

Agentic AI for Threat Modeling - Joseph Gregorio, VP Application Security, Frost Bank
This session explores how agentic AI systems can be applied to threat modeling, enabling more autonomous, adaptive, and scalable approaches to identifying and analyzing security risks. Attendees will learn how these emerging technologies can complement traditional methods and enhance overall risk management.

Security Panel: AppSec Futures – Opportunities and Challenges
Topics of discussion will cover Agentic AI, defending against AI-powered attacks (deepfakes, phishing, social engineering, etc.), securing the expanded attack surface for APIs and Microservices, emerging threats from Quantum Computing, and preventing Supply Chain attacks.

Featured panelists:

• Eddie Contreras - CISO - Frost Bank
• John Dickson - CEO - ByteWhisper
• Chris Young - Product Manager - OpenText
• Facilitator: Joseph Gregorio

Additional Meeting Details

• Lunch Provided
• Location: Scuzzi’s Italian Restaurant - 4035 N Loop 1604 W #102, San Antonio, TX 78257
• HAPPY HOUR & DEMO LAB networking after session!!!

Happy Hour - Sponsors

• Opentext
• Snyk
• Bytewhisper
• Wallarm

Join Zoom Meeting
https://ftsc.zoom.us/j/86538235312?pwd=bU4nwzuPmmaqrA3o3qREn56bXpL8TZ.1&from=addon
Meeting ID: 865 3823 5312
Passcode: 429796
We encourage everyone to attend in person. We will have door prizes and excellent food for all to enjoy, as you take advantage of this excellent networking opportunity!
Please feel free to pass this information on to your peers and team members.
Please reply “ONSITE” if you plan on attending in person so we can finalize headcount for food and room attendance 😊

Future Presentation Topics To Vote On

• ASPM
• Bug Bounty Programs: Successes and Failures
• Pentest
• Ransomware
• DevSecOps - Security as Code
• Security Controls for AI