OWASP AppSec California 2016 – Benchmarking AppSec Across Industries – Chris Eng

Every industry faces the challenge of securing software, so why do some industries “get it” while others struggle to manage the problem at scale? In this session, we will share data drawn from over 200,000 application assessments performed via Veracode’s cloud platform over an 18-month period. This is the largest data set of its kind, and it provides unique insight into the state of software security. Attendees can use this information to benchmark their AppSec program against peers, answering key questions such as:
Do I have more serious vulnerabilities than my peers?
What percentage of vulnerabilities do my peers remediate? How many of our applications should pass the OWASP Top 10 when initially assessed?
What are the most common vulnerabilities in our vertical?
How do coding vulnerabilities manifest across different programming languages?
Chris Eng
Veracode
Chris Eng has over 15 years of application security experience. As Vice President of Research at Veracode, he leads the team responsible for integrating security expertise into Veracode’s technology. Throughout his career, he has led projects breaking, building, and defending web applications and commercial software for some of the world’s largest companies.
Chris is a frequent speaker at premier industry conferences, such as BlackHat, RSA, OWASP, and CanSecWest, where he has presented on a diverse range of application security topics, including cryptographic attacks, agile security, mobile application security, and security metrics. Chris holds a B.S. in Electrical Engineering and Computer Science from the University of California.
For More Information Please Visit:- https://2016.appseccalifornia.org/

Source: SecurityTube.Net @ February 19, 2017 at 11:54PM

0
Share