The 5 AppSec sessions not to miss at RSA 2022

The cybersecurity event of the year is upon us!  RSA 2022 has recently published the full agenda for its upcoming conference, and we are very pumped to accidentally brush shoulders with strangers at large gatherings again! So to get us focused for what will invariably be exciting and stimulating discussions, we put together the 5 top AppSec sessions we are looking forward to participating in at RSA 2022. 

‍

‍Transforming Security Champions, by Tanya Janca 

We love Tanya’s no-nonsense approach to explaining AppSec to practitioners and executives alike. We look forward to hearing Tanya tackle one of the biggest issues in security today– the lack of human resources. This is especially relevant to the AppSec space, where security teams are usually outnumbered 100 to 1 by developers. Establishing a strong and viable champion program has never been more important. 

Monday, June 6, 2022, 8:30 AM - 9:20 AM PT

Check out the session here

‍‍

Product Security at Scale: Lessons from Comcast by Sandra Cavazos

Who doesn’t like a good “down in the trenches” war story, especially from one of the largest organizations in the world? We are super excited to hear from Sandra Cavazos, Vice President, Product Security and Privacy at Comcast about how she enables secure development at such a large-scale, complex organization. 

Wednesday, June 8, 2022, 2:25 PM - 3:15 PM PT

Check out the session here 

‍

Can AppSec be Fixed? by Brook S.E. Schoenfield

This is the question that defines our mission as AppSec leaders– not “can”, but “how” AppSec can be fixed. We are obviously very interested in seeing how Brook approaches this topic and his methodology to fixing the complex, multi-dimensional problem space that is AppSec, and hearing his field-tested solutions. 

Thursday, June 9, 2022, 10:50 AM - 11:40 AM PT

Check out the session here

‍

‍Is a Secure Software Supply Chain Even Possible, Let Alone Feasible? by Steven Lipner & Tony Sager

Can you guess the cybersecurity buzzword of the year? It starts with an “S” and ends with “upplychain” (so maybe two words?). Buzzwords aside, this really is one of the biggest security challenges of our times, and it is no coincidence that it is one of the top featured subject matters in the RSA agenda this year. This session with Steven and Tony shows us how to apply alternative models, standards, testing and enforcement from other “material” industries to our digital supply chain today. 

Monday, June 6, 2022, 2:20 PM - 3:10 PM PT

Check out the session here

‍‍

HackAlong: Application Security Testing by Flake Redmond, Sam Levin & Joshua Meyer

Last but not least, an interactive, hands-on session run by three expert instructors where attendees will learn how to identify potential vulnerabilities and exploit vulnerabilities, as well as engage in discussions on mitigating them. Nothing like an early morning hack session to get the blood flowing and remind our fellow AppSec practitioners why we do what we do. 

Tuesday, June 7, 2022, 9:40 AM - 11:40 AM PT

Check out the session here

‍

These are our top 5 AppSec sessions for RSA 2022! If you plan to attend and want to get a coffee and talk some Application Security Posture Management, please get in touch with me at julia@enso.security.

‍