DSC London

Empowering DevSecOps: A Journey of Risk-Driven Security & Weaving Application Security’s Scale

Register

Date

October 19th, 2023

Time

6pm BST

Location

Snyk London office, 97 Hackney Rd, London E2 8ET

Questions? Join the conversation on Discord channel #devsecon-discussions-🗣

Share

About the event:

DevSecCon London is thrilled to announce its upcoming October event, where industry-leading experts and enthusiasts will come together to explore the latest trends and innovations in the world of DevSecOps. Mark your calendars for an engaging and enlightening experience!

Location (hybrid):

In-person: Snyk London office, 97 Hackney Rd, London E2 8ET
Remote: https://www.youtube.com/live/ul1w0I9uQG0

Agenda:
6:00 PM: in-person doors open
6:30 PM: Session kicks off + Live stream (Virtual viewers join in)

The North Star: Risk-driven security by Jonny Tyers
Weaving Application Security’s Scale by Elie Saad

8:00 PM: That’s a wrap, more drinks and networking for those attending in person
9:00 PM: In-person event ends, doors closed

The North Star: Risk-driven security by Jonny Tyers
In this session I’ll show how to get ahead of the curve on security. I’ll show our audience how to find risks and vulnerabilities in the code they write and the architectures they build.
I’ll introduce risk-first threat modelling, using business risk as the north star to drive out the threats that really matter.
The end result? A clear understanding of your most important weaknesses and where to focus on next, and a model that you can take to anyone in the business to get buy-in, funding, and support for your risk-reduction efforts.
Threat modelling is quick, easy to pick up, and provides lasting security benefits for your team and your systems, and is practical to introduce at any point in the lifecycle of a system.
At the end of this session the audience will be equipped with a modern, flexible and simple method for finding and reducing security risks, connected to the business and easily explainable to other teams, and they’ll know how they can get started.

Weaving Application Security’s Scale by Elie Saad
Application Security has been on a high growth journey with various brandings and ways of working. A challenge that is always encountered is the scaling problem across an organization. Companies, as expected, go through the consultants shift, turning AppSec engineers into mise-en-place subject matter experts, detaching them from engineering and other departments’ dynamics. In this talk, I’ll discuss a different version of scaling, a version where AppSec acts as the enabler for the wider business through weaving partnerships. Before getting to this, the talk will take the audience through AppSec’s growth journey.

Join the Community!
If you haven’t joined the Discord community, please do so! You can find us on Discord at: https://devseccon.io/discordcommunity

Jonny Tyers

Pragmatic cloud security for tech businesses

About Jonny Tyers

As a former teenage hacker, Jonny has always had a keen interest in security. He’s worked in software since the 2000s, as engineer, project lead, security architect and advisor to CISOs and CTOs.

He has worked with major UK brands including banking, e-commerce, internet-of-things, medical research and UK Defence. The data in his care has spanned from national secrets to the nation’s payment plumbing and his clients’ most sensitive intellectual property assets.

Jonny works with tech businesses who prize pragmatic security. A fan of keeping things “as simple as possible, but as complex as necessary,” Jonny applies simplicity to all his work to aid teaching and communicating.

He’s also no stranger to detail, keeping his hands dirty with his own coding daily and can speak authoritatively on the technical nitty-gritty of security as well as the high-level business view.

Elie Saad

Application Security Engineer at Auth0

About Elie Saad

Elie Saad, a seasoned Application Security (AppSec) engineer, is known for his leadership in the cybersecurity field. He has led and co-authored multiple projects for the Open Web Application Security Project (OWASP), establishing himself as an industry expert. Elie’s unique focus is on the human element in security, recognizing its critical role in safeguarding digital environments.

Beyond his professional achievements, Elie is an enthusiastic gym-goer and a passionate home chef, always seeking to turn his kitchen creations into delightful culinary experiences. His multifaceted approach to life mirrors his dedication to strengthening cybersecurity while savoring life’s simple pleasures.

Browse all events