BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: Agility Broke AppSec. Now It's Going to Fix It.\n When: Friday\, Aug 12\, 10:00 - 11:15 PDT\n Where: Flamingo - Twilight B allroom - AppSec Village - Main Stage -\n [1]Map\n Speakers:Roy Erlich \,Emil Vaagland\,Seth Kirschner\,Jim Manico\n\n SpeakerBio:Roy Erlich\n Roy Erlich is the CEO and Co-founder of Enso Security. He is the\n for mer Head of Application Security at Wix.com\, where he gained\n critical insight into the AppSec lifecycle. Roy commanded an elite\n cybersecuri ty team in the IDF 8200 unit.\n\n SpeakerBio:Emil Vaagland\n Emil is r unning an AppSec Program for 200 Software Engineers divided\n on 35+ tea ms. Previously he has experience from being a part of\n Engineering Team s developing products to doing Security Engineering\n work creating serv ices for appsec at scale.\n\n SpeakerBio:Seth Kirschner\n Seth Kirschn er is the Application Security Manager for DoubleVerify\, a\n publicly t raded AdTech company (NYSE:DV). Previously with Deloitte and\n MUFG Secu rities. Co-founded Mira Therapeutics\, Inc in PTSD/Trauma.\n Stevens Ins titute of Technology Alumni.\n\n SpeakerBio:Jim Manico\n No BIO availa ble\n\n Description:\n In today's high-tech industries\, security is s truggling to keep up\n with rapidly changing production systems and the chaos that agile\n development introduces into workflows. Application se curity (AppSec)\n teams are fighting an uphill battle to gain visibility and control\n over their environments. Rather than invest their time in critical\n activities\, teams are overwhelmed by gaps in visibility and tools to\n govern the process. As a result\, many digital services rema in\n improperly protected. To catch up\, AppSec must adopt a model of\n agility that is compatible with software development.\n\n The agile pr ocess continuously integrates small changes and collects\n meaningful fe edback along the way\, allowing an ever-progressing\n evolution of softw are. With small steps\, you pay less for mistakes and\n learn a lot alon g the way. This approach\, powered by continuous\n integration/continuou s deployment (CI/CD)\, source code management\n (SCM)\, and an amazing a rray of collaboration tools\, makes the software\n industry fast and pow erful.\n\n AppSec teams are charged with making sure software is safe. Y et\, as\n the industry's productivity multiplied\, AppSec experienced sh ortages\n in resources to cover basics like penetration testing and thre at\n modeling. The AppSec community developed useful methodologies and\n tools — but outnumbered 100 to 1 by developers\, AppSec simply cannot \n cover it all.\n\n Software security (like all software engineering) is a highly complex\n process built upon layers of time-consuming\, det ail-oriented tasks. To\n move forward\, AppSec must develop its own appr oach to organize\,\n prioritize\, measure\, and scale its activity.\n\n In this talk\, we plan to address and discuss the current state of\n A ppSec\, and point out a few common failure points. Afterwards we plan\n to discuss what agile AppSec looks like\, and how a reorganization\, and\n a shift in management strategy could greatly transform the field\, and\ n allow business to truly address the risk of under-protected software.\ n\n '\n\n 1. https://defcon.outel.org/consolidated_page.html#FlamingoT hirdFloor\n\n\n DTEND:20220812T181500Z DTSTART:20220812T170000Z LOCATION:APV - Flamingo - Twilight Ballroom - AppSec Village - Main Stage SUMMARY:Agility Broke AppSec. Now It's Going to Fix It. END:VEVENT END:VCALENDAR