Application Security in a DevOps, Cloud and API World

CISO Dinner

November 2, 2022 - Dallas, TX

Visionaries

Gregory Ericson
Global CIO
Pontoon Solutions

Dinner

Adept at harnessing technology to unlock a company’s full commercial ambition, Greg is a transformative hands-on CIO who brings a proven track record of delivering shareholder value. Greg has led organizations from 25 to over 500 direct and indirect staff in a multinational/ multicultural environment. He brings an approachable transparent leadership style of building cross-functional collaboration and strengths in the following areas: 1. Vision to see opportunities where human-centered “Digital” technology can create and extend customer loyalty with improved COGS and SG&A, 2. Strong Big Data and predictive analytics experience that can activate performance improvement through meaningful insights, 3. Skilled in creating a diverse high-performance results-driven IT culture aligned with the commercial ambition and elevating the fundamentals of IT in a transparent, engaging and fun environment, 4. Adept at modernizing legacy systems under a business-oriented framework, balancing (cost, functionality gap, risk, timing, talent), 5. Purpose-driven and passionate around linking the corporate mission and sustainability intent to daily activities, 6. Laser focus and proficient in securing and protecting the enterprise from cyber terrorism.
Robert Cowans
Manager
American Airlines

Dinner

Experienced Information Security Leader with over 8 years working in Cyber Security, Digital Forensics and Risk Management. Robert embraces challenge, thrives under pressure, think outside the box, and drives improvement. Having talent for building new capabilities, introducing innovation, leadership, and forward thinking. Experience showcasing effective leadership of multidisciplinary teams which successfully defined, developed and delivered cyber security, investigation and risk management solutions.
Rachel Ortega
Manager, Cyber Security Incident Response Team
Live Nation

Dinner

Cyber Security professional with 16+ years of experience obtained through military, government and financial technology regulated industries. Leader and innovator from security strategy to transformation coaching and executive training dedicated to providing innovative solutions forged in collaborative team environments. She champions business requirements, compliance and cybersecurity best practice is best performed in unison thereby lending itself to a highly effective method for ensuring the safety of business assets. Professional business acumen rooted in military discipline and technical expertise gained from approximately ten years of experience working for Lockheed Martin’s Computer Incident Response Team.
Sam Satyanathan
Director of Cyber Security
Freddie Mac

Dinner

► A seasoned leader in Product, Application, Data and Cloud Security, IAM, and IT Risk Management with extensive hands-on experience in Software Development and Architecture. ► Proven leadership skills managing both technical and business teams in complex and matrixed organizations while working with executive leaders to build and execute strategy ► A hands-on leader in Application/Product Security and DevSecOps with experience leading security testing (SAST/DAST/SCA etc.), threat modeling, SDL/SSDLC, Security Champions, Vulnerability Management, as well as encryption and key management strategy and implementation. ► Web and Mobile Application Security development experience, specifically in SSO, MFA, and Identity and Access Management ► ITIL V3 Foundation Certified with development experience in using DevOps and Agile methodologies with SCRUM, UP/RUP, XP, etc. ► Experience integrating with various iPhone and Android Mobile applications and Mobile Wallet/Payment applications. ► Experience spanning various industries including Banking, Financial Services (Mortgage/Credit Card/Auto Finance), Telecommunications, and Insurance.
Matt Tesauro
Distinguished Engineer/Director Security Evangelist - Global
Noname Security

Dinner

Matt Tesauro is a Distinguished Engineer at Noname Security. When not writing automation code in Go, Matt Tesauro is pushing for DevSecOps everywhere by contributing to open source projects, presenting, training and continuing to co-opt new technologies. Prior to joining Noname, he rolled out AppSec automation at a major financial institution and founded 10Security. Other experience includes the Director of Community and Operations at the OWASP Foundation, Senior AppSec Engineer building an AppSec Pipeline and continuous security program for Duo Security, a Senior Software Security Engineer at Pearson and the Senior Product Security Engineer at Rackspace. He is also an Adjunct Professor for the University of Texas Computer Science department teaching the next generation of CS students about Application Security. Matt is a broadly experienced information security professional of 20+ years specializing in application and cloud security. He has also presented and provided training at various international industry events including DHS Software Assurance Workshop, OpenStack Summit, SANS AppSec Summit, AppSec US, EU and LATAM. His work has included security consulting, penetration testing, threat modeling, code reviews, training and teaching at the University of Texas and Texas A&M University. He is a lead for OWASP AppSec Pipeline & DefectDojo projects. The AppSec Pipeline project brings lessons from DevOps and Agile into Application Security while DefectDojo is an application that is the source of truth for DevSecOps activities and ingests output from 100 different security tools. He holds two degrees from Texas A&M University and several security and Linux certifications.
November 2, 2022

Attend this event

Not available on November 2, 2022?
View other dates for the Dinner

Agenda

All times Central Time
5:30 PM-9:00 PM
Application Security in a DevOps, Cloud and API World

Security teams are challenged to modernize application security practices in light of accelerating shifts to DevOps delivery models and rapid adoption of cloud-native application designs. Applications built on microservices (e.g. serverless, containers, APIs) and delivered continuously are outpacing application security teams ability to secure them. CISOs need to consider new skills, new touch points and new platforms to maintain a strong security posture in light of these trends and the speed at which they are re-shaping IT.

Matt Tesauro
Distinguished Engineer/Director Security Evangelist - Global
Noname Security
Matt Tesauro is a Distinguished Engineer at Noname Security. When not writing automation code in Go, Matt Tesauro is pushing for DevSecOps everywhere by contributing to open source projects, presenting, training and continuing to co-opt new technologies. Prior to joining Noname, he rolled out AppSec automation at a major financial institution and founded 10Security. Other experience includes the Director of Community and Operations at the OWASP Foundation, Senior AppSec Engineer building an AppSec Pipeline and continuous security program for Duo Security, a Senior Software Security Engineer at Pearson and the Senior Product Security Engineer at Rackspace. He is also an Adjunct Professor for the University of Texas Computer Science department teaching the next generation of CS students about Application Security. Matt is a broadly experienced information security professional of 20+ years specializing in application and cloud security. He has also presented and provided training at various international industry events including DHS Software Assurance Workshop, OpenStack Summit, SANS AppSec Summit, AppSec US, EU and LATAM. His work has included security consulting, penetration testing, threat modeling, code reviews, training and teaching at the University of Texas and Texas A&M University. He is a lead for OWASP AppSec Pipeline & DefectDojo projects. The AppSec Pipeline project brings lessons from DevOps and Agile into Application Security while DefectDojo is an application that is the source of truth for DevSecOps activities and ingests output from 100 different security tools. He holds two degrees from Texas A&M University and several security and Linux certifications.

In Partnership With