- 2025-01-29
- -
- 05:00 PM
- ->
- 06:00 PM
- Online?
- yes
- Location
- Online Event
Join Phoenix Security ASPM for an exclusive webinar on elevating your application security strategy through the power of security champion programs and Application Security Posture Management (ASPM). Discover the metrics that truly matter in vulnerability management, how to prioritize security issues into a single backlog, and the psychology behind influencing development teams to adopt proactive security behaviors.
📅 Webinar Date: November 20th
🕔 Time: 5:00 PM UK | 9:00 AM Pacific | 11:00 AM Central | 12:00 PM Eastern
Our special guest, Dustin Lehr, Co-founder and Chief Product & Technology Officer at Katilyst, will share insights on building successful security champion programs and scaling application security across your organization. Don’t miss out on this opportunity to enhance your security initiatives and improve team communication.
🔗 Register now to reserve your spot and transform your application security posture!
In this session, you’ll learn:
• How ASPM helps prioritize and manage vulnerabilities across your code-to-cloud environment.
• Key metrics that matter in security champion programs for driving success in vulnerability management.
• The psychology behind influence: how security champions can effectively drive behavior change in development teams.
• Best practices for communicating security initiatives and ensuring they are actionable and impactful.
We’re thrilled to have Dustin Lehr, Co-founder and Chief Product & Technology Officer at Katilyst, as our special guest speaker. Dustin has a wealth of experience in building successful security champion programs that encourage proactive security behaviors and strengthen overall security posture.
Security champion programs can be effective when you use the right metrics. Phoenix recently released a new feature ONE BACKLOG, promoting and visualizing the right metrics for the right teams
Phoenix Security offers a transformative solution leveraging its Actionable Application Security Posture Management (ASPM), powered by AI-based Contextual Quantitative analysis to deliver the right metrics to the right teams.
This innovative approach correlates runtime data with code analysis to deliver a single, prioritized list of vulnerabilities. This list is tailored to the specific needs of engineering teams and aligns with executive goals, reducing noise and focusing efforts on the most critical issues.
1. One Unified Backlog for Targeted Vulnerability Management
The One Backlog feature consolidates vulnerabilities from different sources—manual findings, threat modeling, or automated scans—into a single prioritized list. This feature helps teams manage vulnerabilities more efficiently by ensuring that each vulnerability is directed to the appropriate team, whether it involves application security, cloud security, or a combination of both.
Use Case:
A security team managing both on-premise and cloud environments can now use Phoenix Security’s One Backlog to streamline their vulnerability management, ensuring that vulnerabilities are accurately assigned and managed without confusion.
2. Contextual Attribution for Effective Vulnerability Management
Phoenix Security’s One Backlog allows for dynamic team attribution. Each vulnerability is automatically assigned to the correct team based on parameters like code repositories or cloud environments. This ensures comprehensive coverage and timely remediation.
Use Case:
A DevOps team can have their threat model findings automatically added to their backlog, ensuring the vulnerabilities are addressed early in the development lifecycle.
3. Precise Asset and Vulnerability Visibility
The Dynamic Attribution System within Phoenix Security ASPM allows teams to filter vulnerabilities based on their specific assets and areas of responsibility, providing granular control over which vulnerabilities are visible to each team.
Use Case:
A cloud security team can adjust its backlog to reflect only vulnerabilities that affect its specific cloud infrastructure, filtering out unrelated issues.
By leveraging Phoenix Security, you not only unravel the potential threats but also take a significant stride in vulnerability management, ensuring your application security remains up to date and focuses on the key vulnerabilities.
Derek Fisher – Head of product security at a global fintech. Speaker, instructor, and author in application security.
Derek is an award winning author of a children’s book series in cybersecurity as well as the author of “The Application Security Handbook.” He is a university instructor at Temple University where he teaches software development security to undergraduate and graduate students. He is a speaker on topics in the cybersecurity space and has led teams, large and small, at organizations in the healthcare and financial industries. He has built and matured information security teams as well as implemented organizational information security strategies to reduce the organizations risk.
Derek got his start in the hardware engineering space where he learned about designing circuits and building assemblies for commercial and military applications. He later pursued a computer science degree in order to advance a career in software development. This is where Derek was introduced to cybersecurity and soon caught the bug. He found a mentor to help him grow in cybersecurity and then pursued a graduate degree in the subject.
Since then Derek has worked in the product security space as an architect and leader. He has led teams to deliver more secure software in organizations from multiple industries. His focus has been to raise the security awareness of the engineering organization while maintaining a practice of secure code development, delivery, and operations.
In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.
Jeevan Singh is the Director of Security Engineering at Rippling, with a background spanning various Engineering and Security leadership roles over the course of his career. He’s dedicated to the integration of security practices into software development, working to create a security-aware culture within organizations and imparting security best practices to the team.
In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.
James Berthoty has over ten years of experience across product and security domains. He founded Latio Tech to help companies find the right security tools for their needs without vendor bias.
Chris Romeo is a leading voice and thinker in application security, threat modeling, and security champions and the CEO of Devici and General Partner at Kerr Ventures. Chris hosts the award-winning “Application Security Podcast,” “The Security Table,” and “The Threat Modeling Podcast” and is a highly rated industry speaker and trainer, featured at the RSA Conference, the AppSec Village @ DefCon, OWASP Global AppSec, ISC2 Security Congress, InfoSec World and All Day DevOps. Chris founded Security Journey, a security education company, leading to an exit in 2022. Chris was the Chief Security Advocate at Cisco, spreading security knowledge through education and champion programs. Chris has twenty-six years of security experience, holding positions across the gamut, including application security, security engineering, incident response, and various Executive roles. Chris holds the CISSP and CSSLP certifications.
Jim Manico is the founder of Manicode Security, where he trains software developers on secure coding and security engineering. Jim is also the founder of Brakeman Security, Inc. and an investor/advisor for Signal Sciences. He is the author of Iron-Clad Java: Building Secure Web Applications (McGraw-Hill), a frequent speaker on secure software practices, and a member of the JavaOne Rockstar speaker community. Jim is also a volunteer for and former board member of the OWASP foundation.
Get all the latest news, exclusive deals, and feature updates.