Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
AppSecUSA 2015 - Buy ticket at http://2015.appsecusa.org/buy/
 
View analytic
Friday, September 25 • 1:00pm - 1:55pm
Doing AppSec at Scale: Taking the best of DevOps, Agile and CI/CD into AppSec.

Sign up or log in to save this to your schedule and see who's attending!

How many applications are in your company’s portfolio? What’s the headcount for your AppSec team? Whatever your situation is, I am sure the numbers are not in your favor. Its not time to find a new career, it's time to up your game. This talk will cover how to take your small merry band of AppSec professionals and scale it up to a virtual army. By taking the best of DevOps, Agile and CI/CD, you can iteratively up your AppSec game over time and begin your ascent out of the security hole you are in.

The talk covers real world experiences running AppSec groups at two different companies. Rackspace with approximately 4,000+ employees and Pearson with 40,000+. Both have an international presence and far more apps and developers that AppSec staff. The talk covers the key principles to speed and scale up AppSec programs as well as practical examples of these practices put into use. Start early and begin to buy down the technical security dept which feels inevitable with more traditional AppSec program thinking.

Speakers
avatar for Aaron Weaver (Cengage Learning)

Aaron Weaver (Cengage Learning)

Application Security Manager, Cengage Learning
Aaron Weaver is the Application Security Manager at Cengage Learning. Prior to that he was at Protiviti where he built out their secure coding practice. Aaron has managed application security programs at large organizations and leads OWASP Philadelphia. Aaron speaks frequently at OWASP, AppSec USA/EU, Infragard, ISSA, ISACA, IIA and Velocity. When he has time Aaron likes to make sawdust in his workshop.


Friday September 25, 2015 1:00pm - 1:55pm
Room D