Events

Appsec Unchained – Revolutionize the Application Security Event

Appsec Unchained an evening in the application and cloud security
  • Zero trust
  • Attack surface management and risk reduction
  • ASPM and modern application security
  • Threat Intelligence in Application Security
  • Product Security
Prices and awards available on the day!
Broadwalk House, 5 Appold St, London EC2A 2AG
2024-03-19
06:00 PM
  - 09:00 PM

About the Event

Broadwalk House, 5 Appold St, London EC2A 2AG
2024-03-19
06:00 PM
  - 09:00 PM

Dive into an impactful evening with “AppSec Unchained,” tailored for product security professionals focusing on application and cloud security. Join us in navigating the evolving cybersecurity landscape, where staying ahead of threats and embracing innovative strategies is key.

Key Themes:

  • Zero Trust Architecture: Revolutionize your security with a Zero Trust approach, where trust is always verified, never assumed.
  • Attack Surface Management & Risk Reduction: Learn to minimize your attack surface and manage risks using real-world examples and advanced methods.
  • Threat Intelligence in Application Security: Gain the latest insights in threat intelligence, integrating proactive strategies to anticipate and counter threats.
  • Product Security in the Modern Age: Explore the intricacies of protecting products from design to deployment in our interconnected digital world

Why Attend?

  • Networking Opportunities: Connect with peers and industry leaders, sharing experiences and insights in application and cloud security.
  • Prizes and Raffle: Showcase your OWASP and application security knowledge to win prizes.
  • Expert Insights: Learn from top cybersecurity experts.

Limited Availability:

Only 100 spots available for this exclusive event. Secure your place now and join us at the forefront of application and cloud security. Break boundaries and redefine the future of AppSec with us!

Event registration closed.

Location

Speakers

Ruta Baltiejute

DevSecOps Lead 

at Asda

Francesco Cipollone

Founder & CEO

Phoenix Security

Vlad Perelmuter

Senior Engineering Manager Security @ Monzo

Liam Nicholson

Application Security
Engineer Monzo

Agenda

Join us as we kick off “AppSec Unchained” with a warm welcome from our host. In this opening segment, we’ll set the stage for an engaging and informative evening ahead. Get ready to dive into discussions on application and cloud security, where staying ahead of threats and embracing innovative strategies is paramount. Let’s embark on this journey together as we navigate the ever-evolving cybersecurity landscape. Welcome to “AppSec Unchained”

In 2023, Monzo undertook the ambitious goal of moving away from accessing our internal tools and systems without a VPN and moving to a Zero Trust access strategy inspired by Google’s beyondcorp. This talk walks through how we achieved this in a regulated industry, from the very beginning of issuing trusted identity to our Client Devices, to rolling out the new solution to Monzonauts – and some of the challenges we faced along the way. 

Posture and Data don’t lie – risk and fact-driven approach on posture management with deep dive into exploitability, reliability and the likelihood of exploitation. 
Abstract
Posture is the art of representing complex problems in simple risk-based visualisation. Risk posture had a lot of hidden measurements and data and was treated like esoteric art. In this talk, we explore various concepts like Exploitation, the likelihood of exploitability, Context and location of an asset and how it influences the exploitability, business impact and how to involve business with risk-based driven metrics. 
Focused on data-driven research and visualisation techniques analysing what’s more exploitable from different data sources. 
We will explore the difference between a vulnerability base approach and resolution first vs a risk-based approach and success from real case scenarios. 
Find your path in this modern, challenging.  

CISA KEV: https://phoenix.security/what-is-cisa-kev-main/
Exploit in the wild: https://phoenix.security/what-is-exploitability/
OWASP/Appsec Vulnerability: https://phoenix.security/what-is-owasp-main/
CWE/Appsec Vulnerabilities: https://phoenix.security/what-is-cwe-main/
Writeup on exploitability data: https://phoenix.security/exploitability-data-visualization/ 

Writeup on CISA KEV: https://phoenix.security/cisa-kev-visualization/  

Let’s explore the transformative power of DevSecOps by reviewing how it enables organisations to embed security seamlessly into every stage of the development lifecycle. Learn practical strategies for reducing friction between your security team and your engineers, fortifying your Appsec efforts whilst bolstering resilience and safeguarding against emerging threats.

 

Win the battle against vulnerabilities on your code and your appsec

Vulnerability management is complex when you need to take into account cloud, infrastructure, laptop, operating systems, containers
Get ahead of the curve and win the battle against vulnerabilities,

We going to run an in person ruffle with question on appsec (easy) and OWASP, participate at the event to win

Winner will be announced at the end of the event

Register to Attend

Broadwalk House, 5 Appold St, London EC2A 2AG
2024-03-19
06:00 PM
  - 09:00 PM

Appsec Unchained an evening in the application and cloud security

  • Zero trust
  • Attack surface management and risk reduction
  • ASPM and modern application security
  • Threat Intelligence in Application Security
  • Product Security

Prices and awards available on the day!

Event registration closed.

Other Events

Ruta Baltiejute

DevSecOps Lead at Asda

Ruta Baltiejute is a dynamic and adaptable polyglot developer, passionate about tackling diverse challenges head-on. With expertise in Java, Kotlin, C#, and proficiency in ReactJS and React Native, she’s a true coding maven. Currently, as the DevSecOps Lead at Asda, Ruta ensures seamless migrations and fosters a security-first mindset. She’s instrumental in implementing SAST solutions, curating best practices, and optimizing CI/CD processes. Ruta’s track record includes Scrum Mastery at Lloyds Banking Group and product development at AND Digital. With a penchant for improvement, she continually reshapes the tech landscape, making her a sought-after innovator in the field.

Francesco Cipollone

Founder & CEO Phoenix Security

Francesco is a seasoned entrepreneur, CEO of the Contextual-based vulnerability management platform from code to cloud Phoenix Security, author of several books, host of multi-award Cyber Security & Cloud Podcast, speaker and known in the cybersecurity industry and recognised for his visionary views. He currently serves on the board of the UK&I Chapter of the Cloud Security Alliance. Previously, Francesco headed HSBC’s application and cloud security and was a Senior Security Consultant at AWS. Francesco has been keynoting at global conferences and has authored and co-authored several books. Outside of work, you can find me running marathons, snowboarding on the Italian slopes, and enjoying single malt whiskeys in one of my favourite London clubs.

Vlad

Senior Backend Engineer at Monzo

Vlad Perelmuter is a distinguished cybersecurity leader with extensive experience in safeguarding digital assets across the fintech and tech sectors. Currently, he spearheads security initiatives as a Senior Engineering Manager for Security at Monzo Bank in London, UK. Prior to Monzo, Vlad made significant contributions to Twilio as an Engineering Manager for Product Security and began his cybersecurity journey at Lifion by ADP, where he led as a Security Team Lead. His expertise encompasses application security, cloud security, and vulnerability management, reflecting a deep commitment to creating secure digital environments. Beyond his professional pursuits, Vlad is passionate about running, the nuanced world of whiskey, and exploring Italy’s rich culture. His career is a testament to his leadership in cybersecurity and his dedication to continuous learning and personal growth. 

Liam Nicholson

Senior Backend Engineer at Monzo

Liam is a Senior Backend Engineer and Tech Lead of Monzo’s Staff Security & Detection squad. Since joining Monzo in 2017, Liam has worked on a number of projects to improve access to Monzo systems, levelling up Monzo’s Endpoint Security using open source tooling and advocating for a Zero Trust architecture across the organisation. 

Thanks, Your event registration has been submitted successfully.​

Derek Fisher

Head of product security at a global fintech

Derek Fisher – Head of product security at a global fintech. Speaker, instructor, and author in application security.

Derek is an award winning author of a children’s book series in cybersecurity as well as the author of “The Application Security Handbook.” He is a university instructor at Temple University where he teaches software development security to undergraduate and graduate students. He is a speaker on topics in the cybersecurity space and has led teams, large and small, at organizations in the healthcare and financial industries. He has built and matured information security teams as well as implemented organizational information security strategies to reduce the organizations risk.

Derek got his start in the hardware engineering space where he learned about designing circuits and building assemblies for commercial and military applications. He later pursued a computer science degree in order to advance a career in software development. This is where Derek was introduced to cybersecurity and soon caught the bug. He found a mentor to help him grow in cybersecurity and then pursued a graduate degree in the subject.

Since then Derek has worked in the product security space as an architect and leader. He has led teams to deliver more secure software in organizations from multiple industries. His focus has been to raise the security awareness of the engineering organization while maintaining a practice of secure code development, delivery, and operations.

In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.

Jeevan Singh

Founder of Manicode Security

Jeevan Singh is the Director of Security Engineering at Rippling, with a background spanning various Engineering and Security leadership roles over the course of his career. He’s dedicated to the integration of security practices into software development, working to create a security-aware culture within organizations and imparting security best practices to the team.
In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.

James Berthoty

Founder of Latio Tech

James Berthoty has over ten years of experience across product and security domains. He founded Latio Tech to help companies find the right security tools for their needs without vendor bias.

Christophe Parisel

Senior Cloud Security Architect

Senior Cloud Security Architect

Chris Romeo

Co-Founder
Security Journey

Chris Romeo is a leading voice and thinker in application security, threat modeling, and security champions and the CEO of Devici and General Partner at Kerr Ventures. Chris hosts the award-winning “Application Security Podcast,” “The Security Table,” and “The Threat Modeling Podcast” and is a highly rated industry speaker and trainer, featured at the RSA Conference, the AppSec Village @ DefCon, OWASP Global AppSec, ISC2 Security Congress, InfoSec World and All Day DevOps. Chris founded Security Journey, a security education company, leading to an exit in 2022. Chris was the Chief Security Advocate at Cisco, spreading security knowledge through education and champion programs. Chris has twenty-six years of security experience, holding positions across the gamut, including application security, security engineering, incident response, and various Executive roles. Chris holds the CISSP and CSSLP certifications.

Jim Manico

Founder of Manicode Security

Jim Manico is the founder of Manicode Security, where he trains software developers on secure coding and security engineering. Jim is also the founder of Brakeman Security, Inc. and an investor/advisor for Signal Sciences. He is the author of Iron-Clad Java: Building Secure Web Applications (McGraw-Hill), a frequent speaker on secure software practices, and a member of the JavaOne Rockstar speaker community. Jim is also a volunteer for and former board member of the OWASP foundation.

Join our Mailing list!

Get all the latest news, exclusive deals, and feature updates.