Wait, Wait! Don't pwn Me!

Presented at AppSec USA 2015, Sept. 25, 2015, 1 p.m. (55 minutes)

Test your wits and current AppSec news knowledge against our panel of distinguished guests. In the past, panelists have included Joshua Corman (Sonatype), Chris Eng (Veracode), Space Rogue (The Universe), Matt Tesauro (RackSpace), Ed Burns (Oracle), Justin Woo (PayPal), Jacob West (NetSuite) and Matthew McCullough (GitHub). "Wait Wait... Don't Pwn Me!" is patterned after the NPR news quiz show where we challenge the panel and the audience with "Bluff the Listener", "This Week's Security News", "The Security Limerick Challenge" and "Lightning Fill In the Blank".

Think you know your stuff? Get selected as an audience participant and prove it! Join us for a rollicking hour as we test the panel and the audience on recent security stories in the news. Who knows? Maybe you can pwn the panel.

Presenters:

• Joshua Corman - Founder - I am The Cavalry
  Joshua Corman is a Founder of I am The Cavalry (dot org) and Director of the Cyber Statecraft Initiative for the Atlantic Council. Corman previously served as CTO for Sonatype, Director of Security Intelligence for Akamai, and in senior research & strategy roles for The 451 Group and IBM Internet Security Systems. He co-founded @RuggedSoftware and @IamTheCavalry to encourage new security approaches in response to the world's increasing dependence on digital infrastructure. Josh's unique approach to security in the context of human factors, adversary motivations and social impact has helped position him as one of the most trusted names in security. He also serves as adjunct faculty for Carnegie Mellon's Heinz College and on the 2016 HHS Cybersecurity Task Force.
• Shannon Lietz - Director, DevSecOps - Intuit
  Award winning leader in security innovation with experience developing emerging security programs for Fortune 500 companies: Intuit, ServiceNow, Sony, Sempra Energy, Savvis, Cable and Wireless, 99 Cents Only, Exodus, Bank of America, among others internationally. Received the Scott Cook Innovation Award in 2014 for developing and cultivating a world class Cloud Security Program that allows for sensitive data to be protected in AWS. Ms. Lietz is currently the Director of DevSecOps for Intuit where she is responsible for setting and driving the company's Cloud Security Strategy, Roadmap, and full-scale Program in support of corporate innovation. She has previous experience as a Master Security Architect, an Entrepreneur, and often volunteers to educate on security topics. Ms. Lietz is a passionate DevSecOps and Rugged evangelist.
• Jacob West - Chief Architect, Security Products - NetSuite
  Jacob West is Chief Architect for Security Products at NetSuite. In his role, West leads research and development for technology to identify and mitigate security threats, particularly in cloud deployments and at the software layer. West has over a decade of experience developing, delivering, and monetizing innovative security solutions beginning with static analysis research at the University of California, Berkeley and as an early researcher at Fortify Software. Prior to this role, West served as chief technology officer for Enterprise Security Products (ESP) at HP where he founded and led HP Security Research, which drives innovation through research publications, threat briefings, and actionable security intelligence. Earlier at HP, West served as chief technology officer for Fortify products and leader of Fortify Software Security Research. A world-recognized expert on software security, West co-authored the book, "Secure Programming with Static Analysis" with colleague and Fortify founder, Brian Chess, in 2007. Today, the book remains the only comprehensive guide to how developers can use static analysis to avoid the most prevalent and dangerous vulnerabilities in code. West is a member of the California Cybersecurity Task Force, co-authors the Building Security in Maturity Model (BSIMM), serves as a founding member of both the IEEE Center for Secure Design (CSD) and the (ISC)2 Application Security Advisory Council (ASAC), and is a frequent keynote speaker. A graduate of the University of California, Berkeley, West holds dual-degrees in Computer Science and French and resides in San Francisco, California.
• Mark Miller - Co-Founder and Senior Storyteller - All Day DevOps
  Some of you might know Mark Miller as the Founder and Editor of EndUserSharePoint.com, and co-producer of NothingButSharePoint, two of the world's largest SharePoint Community initiatives.In a more recent incarnation, he is the co-founder of the "All Day DevOps" live online conference with over 13,500 registrations for the conference, which included 3 simultaneous sessions, 15 hours, 15 time zones, 54 sessions. This was an extension of SharePoint Saturday EMEA, Live Online, a concept initiated seven years ago for the SharePoint Community.Mr. Miller is the Editor-in-Chief of the LinkedIn DevOps Group(56K+ members), Executive Producer of the OWASP 24/7 Podcast Series (210,000+ listens), and Producer of the DevOps tracks at: RSAC 2017/2016/2015, AppSec EU Belfast 2017, InfoSec Europe 2016, and AppSec USA 2016. Mr. Miller travels the world as the DevOps Evangelist for Sonatype, whom Java developers will recognize as the curator of the Central Repository (400,00 components, 58 billion downloads last year). And his proudest on-stage moment? Practicing a conference session in front of a group of elephant seals on the shores of Antarctica.

Links:

• https://appsecusa2015.sched.com/event/3UjJ/wait-wait-dont-pwn-me
• https://infocon.org/cons/OWASP/AppSecUSA 2015/Wait, Wait don't pwn Me.mp4

Similar Presentations:

• 30C3 (2013) / Nerds in the news: Spending a year coding in a newsroom
• AppSec USA 2012 / DevOps Distilled: The DevOps Panel at AppSec USA
• AppSec USA 2013 / PANEL: Wait Wait... Don't Pwn Me!