AppSecUSA 2015

It is becoming clear that the traditional methods of application security, such as the research-vuln-patch loop and developer education, are not scaling to the demands of the modern world. As more populations come onto the internet for the very first time, and as more aspects of our lives become dependent on software, we need to change our assumptions and adjust our security model to address networks, devices, and uses that may look very different than what we have protected in the past. The manner in which we respond to this shift will define the future of modern application security and the safety of billions online.

The Department of Homeland Security is a critical leader in our nation’s cybersecurity. By helping enable industry to protect themselves and to build stronger cyber technologies and services, and fostering trust and partnership to create a robust environment for cyber threat information sharing, DHS is at the forefront of a rapidly evolving landscape of collaboration in cybersecurity.

 

The AppSec industry is enormously diverse and it only continues to diverge as we put more software into more things with more connections. It’s an industry that’s fluctuating between the sophisticated to the absurd, the intelligent to the primitive and the scary to the outright hilarious. There’s valuable lessons to be taken away from these events and applied in our future security efforts.

In this talk, Troy is going to cover a broad spectrum of what’s happening in our industry – an entire 50 shades of it in only 45 minutes – and you’ll get a sense of just how challenging it’s becoming for those of us working in AppSec to keep ahead of the attacks. Troy will cover everything from the social aspects of hacking through to some of the more obscure attacks and the increasing challenges we have as defenders.