Webinar

Unsolved Problems in Application Security


Thursday, September 12, 2024

2:00 - 3:00 PM EST

60 minutes, including Q&A


The discipline of application security has evolved tremendously since the founding of OWASP in 2001. As software development methodologies, languages and ecosystems have advanced, AppSec has often struggled to keep pace with innovation, leading to a persistent gap between the velocity of software and the ability to understand and mitigate the risk it introduces. Some foundational issues, like reliable software composition analysis (SCA), have now been largely solved by the industry. Others, such as runtime-based reachability detection, are on the cusp of providing a tremendous leap forward to AppSec practitioners. But certain thorny problems, like software attestation, risk-based prioritization, SAST accuracy, and DAST correlation, remain elusive.

Join Snyk, the leader in Developer Security, for a wide-ranging discussion of the current state of application risk management and the unsolved issues that still limit the full potential of developer-focused security, including:

  • How the original principles of AppSec have evolved to keep pace with the changing landscape of software, and the persistent gaps that still limit the discipline’s potential
  • The promise of near-term innovations, such as AI-based analysis of runtime signals, to solve some longstanding issues and open the door to a paradigm shift
  • A realistic look at “what’s next” in the evolution of AppSec and how vendors and practitioners can work together toward a more honest conversation about capabilities and limitations

Sponsored by:

Snyk

Speakers

Clinton Herget

Field CTO

Snyk

Clinton Herget is Field CTO at Snyk, the leader in Developer Security, where he focuses on crafting and evangelizing our strategic vision for the evolution of DevSecOps. A seasoned technologist, Clinton spent his 20-year career prior to Snyk as a web software developer, DevOps consultant, cloud solutions architect, and engineering director. Clinton is passionate about empowering software engineers to do their best work in the chaotic cloud-native world, and is a frequent conference speaker, developer advocate, and technical thought leader.


Terry Sweeney

Moderator

Contributing Editor, Black Hat

Terry Sweeney is a Los Angeles-based writer and editor who's covered business technology for three decades. He's written about cyber security for more than 15 years and was one of the founding editors of Dark Reading. Sweeney has covered enterprise networking extensively, as well as its supporting technologies like storage, wireless, cloud-based apps and the emerging Internet of Things. He's been a contributing editor to The Washington Post, Crain’s New York Business, Red Herring, Information Week, Network World, SearchAWS.com, and Stadium Tech Report.

Sustaining Partners