Loading…

The Open Web Application Security Project (OWASP) Los Angeles Chapter is teaming up with the Orange County, San Diego, SF Bay Area, and the Inland Empire chapters to bring you the FIFTH Annual AppSec California. The event is a one of a kind experience for information security professionals, developers, and QA and testing professionals, as they gather at the beach from around the world to learn and share knowledge and experiences about secure systems and secure development methodologies.

One and Two-day training sessions on various subjects by expert trainers kick off the conference on January 28th. World renown speakers follow on days three and four.

There will be four concurrent tracks throughout the day on both January 30 and 31, addressing a variety of topics to enhance knowledge.

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Keynote [clear filter]
Tuesday, January 30
 

9:00am

Welcome Address
Speakers
avatar for Richard Greenberg

Richard Greenberg

Global Board of Directors, OWASP
Richard Greenberg, CISSP, AppSec California C0-Chair, is a well-known Cyber Security Leader and Evangelist, CISO, Advisor, and speaker.Richard brings over 30 years of management experience and has been a strategic and thought leader in IT and Information Security. His Project Management... Read More →



Tuesday January 30, 2018 9:00am - 9:10am
Sand and Sea Room

9:10am

Diamond Sponsor Greetings
Tuesday January 30, 2018 9:10am - 9:25am
Sand and Sea Room

9:25am

Opening Keynote - Flipping the script: Fighting Advanced Threats at their Software Roots
Abstract
For almost two decades, software security practitioners have successfully defined advanced techniques and tools that can effectively be applied to develop secure software. Yet, all recent major security breaches can be linked to a software vulnerability - either left unpatched or a zero day – that made the attacker's job easier. Today, with tens of millions of developers creating code for all kinds of software-enabled devices, mobile apps and cloud services, it is time to expand the fight against advanced threats and focus on how to scale software security. 
Scaling software security will require expanding the security conversation beyond developers. This talk will challenge the entire software ecosystem to play their part in building more secure software and deliver software security at scale. Learning from the collected real-world experience of SAFECode's members, we will review short term strategies for development organizations to adopt a secure software development process. For the longer term, we will discuss the drastic changes required in how we teach, develop, test, govern and purchase software-based products to permanently change the software culture and deliver software security at scale.

Speakers
avatar for Eric Baize

Eric Baize

Chairman, SAFECode
Eric Baize – Chairman of SAFECode and Vice President, Product Security, Dell EMC Throughout his career, Eric Baize has been passionate about building security and privacy into systems and technology from design to deployment. He currently leads Dell EMC’s Product Security Office... Read More →



Tuesday January 30, 2018 9:25am - 10:15am
Sand and Sea Room

5:20pm

Closing Keynote - Digital Disease: How Healthcare Cybersecurity Challenges Can Claim -or Save- Lives
Abstract
Old “data security first” and HIPAA compliance paradigms in healthcare can’t address the patient safety concerns of a hyper-connected healthcare future built (currently) on the back of insecure software. Healthcare devices and infrastructure are generally poorly secured and are rapidly advancing towards the potential to harm or kill patients if compromised (if they haven't already). New healthcare security paradigms must include diverse and novel team members including clinicians working closely with software developers to identify risks to patient privacy and safety.

Speakers
avatar for Christian  Dameff

Christian Dameff

Doctor, Hacker, Researcher, UC San Diego
Dr. Christian Dameff is an Emergency Medicine physician and researcher. He is currently a Clinical Informatics fellow at the University of California San Diego. Published clinical works include post cardiac arrest care including hypothermia, novel drug targets for acute myocardial... Read More →



Tuesday January 30, 2018 5:20pm - 6:10pm
Sand and Sea Room
 
Wednesday, January 31
 

9:00am

Opening Remarks
Speakers
avatar for Richard Greenberg

Richard Greenberg

Global Board of Directors, OWASP
Richard Greenberg, CISSP, AppSec California C0-Chair, is a well-known Cyber Security Leader and Evangelist, CISO, Advisor, and speaker.Richard brings over 30 years of management experience and has been a strategic and thought leader in IT and Information Security. His Project Management... Read More →



Wednesday January 31, 2018 9:00am - 9:05am
Sand and Sea Room

9:05am

OWASP Executive Director Greeting
Speakers
avatar for Karen Staley

Karen Staley

Executive Director, OWASP



Wednesday January 31, 2018 9:05am - 9:10am
Sand and Sea Room

9:10am

Keynote - Prove It! Quantitatively Confronting Security With Data
Abstract:
What would you see occurring that would let you know that your security capabilities are improving while the business scales? Scale meaning more staff, more systems, more software, more cloud platforms/apis, more third parties and more regions/markets all growing with more speed. This talk will focus on methods of measurement, with code, that will help you answer these questions.

Speakers
avatar for Richard Seiersen

Richard Seiersen

SVP/CISO, Lending Club
Richard is a security executive with ~20 years experience ranging from start-ups to global organizations. He currently is the SVP/CISO of Lending Club.  Previously he was the CISO and VP of Trust for Twilio as well as the VP & GM Cybersecurity & Privacy for GE Healthcare... Read More →



Wednesday January 31, 2018 9:10am - 10:00am
Sand and Sea Room

4:20pm

Closing Keynote - A free, fair and open internet is a process, not a product.
Abstract
We're never going to be finished with the great work of securing the internet, and we will never be finished with the great work of making sure that it is a force for freedom, privacy, human rights and human flourishing. 
These are processes, not products, and surrender is not an option. It's tempting to just say, "Not my dumpster, not my fire," and walk away, but even if you stop caring about the internet, it's not going to stop caring about you. 
There's no winning and there's no losing. There's only the fight, and you're on the front lines.

Speakers
avatar for Cory Doctorow

Cory Doctorow

Science Fiction Author, Activist and Journalist
Cory Doctorow (craphound.com) is a science fiction author, activist, journalist and blogger — the co-editor of Boing Boing (boingboing.net) and the author of WALKAWAY, a novel for adults, a YA graphic novel called IN REAL LIFE, the nonfiction business book INFORMATION DOESN’T... Read More →



Wednesday January 31, 2018 4:20pm - 5:10pm
Sand and Sea Room