Raiders of the Lost AppSec
Remember the Indiana Jones movies? For those in infosec and security trying to navigate these days seems a lot like those movies. For instance, right from the very start of the series, we are shown how defense-in-depth is not enough - or have you forgotten that Indy escaped with the idol? Or how about how many of us, trying to keep up with threats, can relate to Indy, when going after a truck, said “I don’t know, I’m making this up as I go!”? And can't we ALL relate to trying to find the Security Holy Grail to help manage and mitigate risk – and felt the pain and scars from someone who “chose poorly”? But how does application security relate? In this session we will talk about why defense-in-depth is not enough, making better data-driven decisions instead of guessing, metrics and measures that matter, building resiliency and "choosing wisely". We invite you to join us on this quest to drive trust and confidence for those customers that are looking at how you handle their data and the methods you use to protect it, because they expect you to handle it responsibly.
Currently an Application Security Sales Evangelist for HCL. Prior to this, was with IBM for14 years. Rob has worked with clients all over the world to help address their challenges in ways that bring a positive impact to the business bottom line. Rob has spoken most recently at DevOps Skillup Days, DevSecOps Days Boston, ADDO 2020 and the Agile+Techwell 2020 DevSecOps Summit. Prior to IBM, Rob spent 13 years with 5 different companies working as a configuration management specialist. Rob graduated from the University of Southern California, and is an avid fan of college football. When not at work, Rob enjoys spending time with family, serving with his church, running and cycling. You can connect with Rob via facebook, linkedin and instragram but the best ways are by joining the “Robservatory” on twitter using the handle @Robservatory.