BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: Sold Out - Supercharge SAST: Semgrep Strategies for Secure\n Software\n When: Thursday\, Aug 8\, 09:00 - 12:59 PDT\n Whe re: Springhill Suites/Dunes - [1]Map\n\n Description:\n Before the Tra ining: Attendees are expected to have a basic\n understanding of program ming concepts and syntax in a programming\n language such as JavaScript\ , Python\, Go\, or C#/Java. While familiarity\n with common security vul nerabilities (e.g.\, OWASP Top 10) is\n beneficial\, it is not a prerequ isite.To ensure a smooth and productive\n experience\, participants shou ld come equipped with a laptop that has\n administrative access for soft ware installation. A pre-training\n checklist\, including software insta llation guides (Semgrep and a\n preferred text editor/IDE)\, will be pro vided to all registered\n attendees to prepare them for the workshop.\n Participants will: - Gain an understanding of SAST and its importance\n in the AppSec ecosystem. - Learn to navigate Semgrep’s rule syntax\n and create custom rules tailored to their specific security needs. -\n Engage in hands-on exercises to apply Semgrep on real-world code\n snipp ets and projects\, enhancing their learning through practical\n applicat ion. - Explore the Semgrep Playground for testing and refining\n rules i n an interactive environment. - Delve into advanced Semgrep\n features a nd techniques for a comprehensive security strategy. -\n Understand how Semgrep findings can be leveraged for LLM-based code\n analysis\, taking code security to the next level.\n Supercharge SAST: Semgrep Strategies for Secure Software" is a\n meticulously designed workshop aimed at int roducing participants to\n the world of Static Application Security Test ing (SAST) through the\n lens of Semgrep\, a cutting-edge tool that comb ines the simplicity of\n syntax with the power of complex analysis.\n Technical Level and Tools Used: This workshop is tailored for beginner\n to intermediate skill levels\, focusing on practical\, actionable\n ins ights that participants can immediately apply to their projects.\n The p rimary tool used will be Semgrep\, supplemented by the Semgrep\n Playgro und for online rule testing. Instructions for installing\n necessary sof tware and accessing online resources will be provided\n ahead of the wor kshop.\n What You Will Learn: This workshop is structured to guide atten dees\n from the foundational concepts of SAST and application security t o the\n practical application of Semgrep for identifying and mitigating\ n security risks in codebases.\n Speakers:Arjun Gopalakrishna\,Gautam Peri\,Marcelo Ribeiro\n\n SpeakerBio: Arjun Gopalakrishna\, Senior Soft ware Security Engineering\n Manager\, Azure Security at Microsoft\n\n Arjun Gopalakrishna is a Senior Software Security Engineering Manager\n in Azure Security with more than a decade of experience at Microsoft.\n His work has been instrumental in fortifying Microsoft's Azure\n platfor m against a myriad of cyberthreats. His expertise lies in\n developing a nd implementing robust security measures to protect\n cloud-based system s and data. Arjun has presented at DEFCON in 2021\,\n in addition to num erous security talks internally at Microsoft.\n Arjun's commitment to co ntinuous learning and development\, coupled\n with his passion for cyber security\, continues to drive his\n contributions to the field.\n\n Sp eakerBio: Gautam Peri\, Senior Security Engineer\, EPSF SERPENT Team\n at Microsoft\n\n Gautam Peri is a Senior Security Engineer in EPSF SERPE NT (Service\n Pentest) team at Microsoft. He has over 8 years of experie nce as a\n security professional in multiple organizations including Mic rosoft\n and Citibank N.A. He started his career as a software developer and\n became a security professional. Currently\, Gautam focuses on sec uring\n in Azure Edge & Platform & Devices services at Microsoft. He is\ n passionate about identifying vulnerabilities at scale. Gautam\n pres ented at multiple internal events and got accepted to OWASP BASC\n (Bost on Application Security Conference) 2024. Gautam holds CISSP &\n GCPN ce rtifications\, he is committed to continuous learning and\n development and drives internal knowledge share events.\n\n SpeakerBio: Marcelo Rib eiro\, Senior Offensive Security Engineer in\n Azure Security at Microso ft\n\n Marcelo Ribeiro is a Senior Offensive Security Engineer in Azure\ n Security with over 20 years of experience in various organizations\,\n including Microsoft\, IBM\, and the Brazilian Navy. As a former Navy\n Officer\, Marcelo was instrumental in establishing the Brazilian Navy's\ n Cyber Security capacity. He also played a pivotal role in building\n IBM's DFIR (Digital Forensics and Incident Response) practice in Latin\n America. Currently\, Marcelo focuses on enhancing the security of\n Mi crosoft's Azure platform against the constantly evolving cyber\n threats landscape. Always seeking new challenges\, Marcelo's commitment\n to le arning keeps his passion for cybersecurity alive. Marcelo holds\n severa l certifications\, including CISSP\, CISM\, OSCP\, CEH\, GXPN\, GPEN\,\n GWAPT\, GAWN\, GPYC\, GREM\, GISP\, GICSP\, GRID\, GNFA\, GCIH\, GCIA\, G SEC\,\n and MCSE\, among others. In 2023\, Marcelo was inducted into the \n EC-Council's CEH Hall of Fame in recognition of his outstanding caree r\n achievements.\n\n '\n\n 1. #Springhill_Full\n\n\n DTEND:20240808T195900Z DTSTART:20240808T160000Z LOCATION:WS - Springhill Suites/Dunes SUMMARY:Sold Out - Supercharge SAST: Semgrep Strategies for Secure Software END:VEVENT END:VCALENDAR