Application Security in a DevOps, Cloud and API World

CISO Dinner

October 5, 2022 - Boston, MA

Visionaries

Matt Tesauro
Distinguished Engineer/Director Security Evangelist - Global
Noname Security

Dinner

Matt Tesauro is a Distinguished Engineer at Noname Security. When not writing automation code in Go, Matt Tesauro is pushing for DevSecOps everywhere by contributing to open source projects, presenting, training and continuing to co-opt new technologies. Prior to joining Noname, he rolled out AppSec automation at a major financial institution and founded 10Security. Other experience includes the Director of Community and Operations at the OWASP Foundation, Senior AppSec Engineer building an AppSec Pipeline and continuous security program for Duo Security, a Senior Software Security Engineer at Pearson and the Senior Product Security Engineer at Rackspace. He is also an Adjunct Professor for the University of Texas Computer Science department teaching the next generation of CS students about Application Security. Matt is a broadly experienced information security professional of 20+ years specializing in application and cloud security. He has also presented and provided training at various international industry events including DHS Software Assurance Workshop, OpenStack Summit, SANS AppSec Summit, AppSec US, EU and LATAM. His work has included security consulting, penetration testing, threat modeling, code reviews, training and teaching at the University of Texas and Texas A&M University. He is a lead for OWASP AppSec Pipeline & DefectDojo projects. The AppSec Pipeline project brings lessons from DevOps and Agile into Application Security while DefectDojo is an application that is the source of truth for DevSecOps activities and ingests output from 100 different security tools. He holds two degrees from Texas A&M University and several security and Linux certifications.
Alex Cunningham
CISO
Advisor360

Dinner

Alex leads the strategic direction and execution of Advisor360°'s information security, risk, governance, and audit programs. Previously, he was the CISO at Commonwealth Financial Network, and have served in information security leadership roles both in the US and UK within the financial services, market research, and military sectors. Alex has a MS degree in information security leadership from Brandeis University and a BS degree in information technology with a minor in business from the University of Massachusetts Lowell. His information security certifications include CISSP, CISM, and CRISC.
Tony Parrillo
VP, Enterprise IT Global Head of Security
Schneider Electric

Dinner

Experienced and passionate cybersecurity leader. Responsible for all facets of cyber security to Schneider Electric's enterprise IT, encompassing approximately 140,000 employees in 100 countries, including 220 factories, 35 distribution centers, and 1,200 sites
October 5, 2022

Attend this event

Not available on October 5, 2022?
View other dates for the Dinner

Agenda

All times Eastern Time
5:30 PM-9:00 PM
Application Security in a DevOps, Cloud and API World
Security teams are challenged to modernize application security practices in light of accelerating shifts to DevOps delivery models and rapid adoption of cloud-native application designs. Applications built on microservices (e.g. serverless, containers, APIs) and delivered continuously are outpacing application security teams ability to secure them. CISOs need to consider new skills, new touch points and new platforms to maintain a strong security posture in light of these trends and the speed at which they are re-shaping IT.
Tony Parrillo
VP, Enterprise IT Global Head of Security
Schneider Electric
Experienced and passionate cybersecurity leader. Responsible for all facets of cyber security to Schneider Electric's enterprise IT, encompassing approximately 140,000 employees in 100 countries, including 220 factories, 35 distribution centers, and 1,200 sites
Alex Cunningham
CISO
Advisor360
Alex leads the strategic direction and execution of Advisor360°'s information security, risk, governance, and audit programs. Previously, he was the CISO at Commonwealth Financial Network, and have served in information security leadership roles both in the US and UK within the financial services, market research, and military sectors. Alex has a MS degree in information security leadership from Brandeis University and a BS degree in information technology with a minor in business from the University of Massachusetts Lowell. His information security certifications include CISSP, CISM, and CRISC.
Matt Tesauro
Distinguished Engineer/Director Security Evangelist - Global
Noname Security
Matt Tesauro is a Distinguished Engineer at Noname Security. When not writing automation code in Go, Matt Tesauro is pushing for DevSecOps everywhere by contributing to open source projects, presenting, training and continuing to co-opt new technologies. Prior to joining Noname, he rolled out AppSec automation at a major financial institution and founded 10Security. Other experience includes the Director of Community and Operations at the OWASP Foundation, Senior AppSec Engineer building an AppSec Pipeline and continuous security program for Duo Security, a Senior Software Security Engineer at Pearson and the Senior Product Security Engineer at Rackspace. He is also an Adjunct Professor for the University of Texas Computer Science department teaching the next generation of CS students about Application Security. Matt is a broadly experienced information security professional of 20+ years specializing in application and cloud security. He has also presented and provided training at various international industry events including DHS Software Assurance Workshop, OpenStack Summit, SANS AppSec Summit, AppSec US, EU and LATAM. His work has included security consulting, penetration testing, threat modeling, code reviews, training and teaching at the University of Texas and Texas A&M University. He is a lead for OWASP AppSec Pipeline & DefectDojo projects. The AppSec Pipeline project brings lessons from DevOps and Agile into Application Security while DefectDojo is an application that is the source of truth for DevSecOps activities and ingests output from 100 different security tools. He holds two degrees from Texas A&M University and several security and Linux certifications.

In Partnership With