KetoAppSec: It’s All about the FATS

Presented at Kernelcon 2020 Virtual, March 27, 2020, 1:30 p.m. (60 minutes)

The Ketogenic diet has taken form over the past few years and it actually works. So how can we apply something similar to our application security practices? Application security traditionally focuses on tools or manual testing. We traditionally do “static (SAST)” or “dynamic (DAST)” tool assessments and label them as a “full” or “time-boxed” assessment. The driving force is usually budget or lack thereof, so how do we trim down our assessment methodologies yet be efficient, precise and beneficial? There are many ways to be more efficient in the way we AppSec to get the most benefit out of the time we have. Whether it be making risk-based decisions, looking for patterns, understanding frameworks and their built-in protections, we can make intelligent choices and guesses. David Lindner will walk through some tips and tricks that will help consultants and internal testers alike focus on the fat of applications in a shortened timeframe.


Presenters:

  • David Lindner - Contrast Security
    David Lindner is the Director of Application Security at Contrast Security. As an experienced application security professional with over 18 years of experience in the computer security industry, Lindner has worked within multiple disciplines in the security field, from application development, network architecture design and support, IT security and consulting, security training and application security. Over the past 10 years, he has specialized in all things related to mobile applications and securing them. Lindner has supported many different clients including financial, government, automobile, healthcare and retail. In his spare time, he hones his mobile and IoT testing skills by participating in numerous bug bounties.

Links:

Similar Presentations: