Modernizing AppSec for a Cloud-Native World
Live discussion with Bridgecrew, KSOC, and ManiCode featuring:
When we think of AppSec, most of us still associate it with OWASP, pen-testing, SAST, firewalls, bug bounties, and threat modeling. But is that enough for today’s cloud-native organizations leveraging agile development methodologies, microservices, and new, codified and complex technologies?
In this talk, we’re gathering some of the most opinionated voices at the intersection of application, Kubernetes, and infrastructure security to discuss the convergence of application security and infrastructure security—from tools and technologies to people and patterns.
- What does the security world look like in 5 years? How should we adapt now?
- What does the transition to Cloud-Native mean for Application Security? Is the old AppSec model falling flat?
- How do you measure the success of your Infra or AppSec strategy, and what exactly are the risks of it failing?
- Do Kubernetes and Cloud-Native adoption provide a net benefit for the security community?
Get the on-demand recording
More about your hosts
Co-founder & CTO, KSOC
Jimmy Mesta is an application security leader that has been involved in Information Security for nearly 10 years. He is the chapter leader of OWASP Santa Barbara and co-organizer of the AppSec California security conference. Jimmy has spent time on both the offense and defense side of the industry and is constantly working towards building modern, developer-friendly security solutions. Jimmy’s core focus has been in application and cloud security with an emphasis on secure architecture, automated testing, developer training, and defensive techniques.
Founder and CEO, ManiCode
Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also the co-founder of the LocoMoco Security Conference and is an investor/advisor for Nucleus Security, BitDiscovery, Secure Circle and Inspectiv. Jim is a frequent speaker on secure software practices and is a member of the JavaOne rockstar speaker community. He is the author of “Iron-Clad Java: Building Secure Web Applications” from McGraw-Hill.
Developer Advocate, Bridgecrew
Steve is a Developer Advocate with Bridgecrew by Prisma Cloud specialising in cloud and infrastructure security automation. Steve started his cybersecurity life by being kicked out of his high school computing class for privilege escalation on the school linux system and changing all passwords to “peaches” (his friend’s dog’s name). But that was a long time ago. Since then he has worked as a Solution Architect for StackRox and Aqua Security, specialising in container and Kubernetes security, and has spent time with Synopsys establishing DevSecOps best practices for enterprise CI/CD pipelines.