OWASP AppSec California 2018
January 30, 2018 - January 31, 2018
Opening Keynote – Flipping the script: Fighting Advanced Threats at their Software Roots
Eric Baize, Chairman, SAFECode
Tuesday, January 30 • 9:25am – 10:15am
The Open Web Application Security Project (OWASP) Los Angeles Chapter is teaming up with the Orange County, San Diego, SF Bay Area, and the Inland Empire chapters to bring you the FIFTH Annual AppSec California. The event is a one of a kind experience for information security professionals, developers, and QA and testing professionals, as they gather at the beach from around the world to learn and share knowledge and experiences about secure systems and secure development methodologies.
For almost two decades, software security practitioners have successfully defined advanced techniques and tools that can effectively be applied to develop secure software. Yet, all recent major security breaches can be linked to a software vulnerability – either left unpatched or a zero day – that made the attacker’s job easier. Today, with tens of millions of developers creating code for all kinds of software-enabled devices, mobile apps and cloud services, it is time to expand the fight against advanced threats and focus on how to scale software security.
Scaling software security will require expanding the security conversation beyond developers. This talk will challenge the entire software ecosystem to play their part in building more secure software and deliver software security at scale. Learning from the collected real-world experience of SAFECode’s members, we will review short term strategies for development organizations to adopt a secure software development process. For the longer term, we will discuss the drastic changes required in how we teach, develop, test, govern and purchase software-based products to permanently change the software culture and deliver software security at scale.