The 5 AppSec Sessions Not to Miss at RSAC 2023

The flowers are blooming, the sun is shining, and the birds are chirping which means one thing… spring is here! Or in the world of cybersecurity, RSAC is upon us! As an annual tradition, we put together the top 5 AppSec sessions we are looking forward to participating in at RSA 2023. 

‍

The Application Security State of the Union with Chris Romeo

This session is the perfect way for an AppSec professional to kick off RSAC. We love Chris’s no nonsense and practical approach to AppSec, and look forward to hearing his predictions of ten future-looking areas for examination. As AppSec program builders, we’re always interested in learning from his AppSec strategies and his approach to building a solid foundation in an AppSec program- something easier said than done. 

‍Monday, Apr. 24, 2023, 1:10 PM - 2:00 PM PT

Check out the session here

‍

The Convergence of AppSec, Cloud Security and DevSecOps with Abhay Bhargav

Who hasn’t heard about convergence in 2023? We look forward to seeing Abhay lead a discussion on the brewing convergence of AppSec, Cloud Security and DevSecOps. There are lots of opinions on the matter, so we appreciate Abhay hosting this session in an open way, allowing for free exchange of information and learning. The areas of intersection for these 3 categories are numerous with lots of different timelines for if and when the full convergence will be upon us, so we are interested to hear the debate from a practitioner perspective rather than the usual analyst perspective. 

Wednesday, Apr. 26, 2023, 9:40 AM - 10:30 AM PT

Check out the session here 

‍

The Psychology of DevSecOps? With Jennifer Czaplewski and Kathryn Pimblett

We’re so excited about all the sessions this year that focus on AppSec program building and management, especially those with a twist! Jennifer and Kathryn’s session will describe how to harness the power of psychology to propel AppSec programs forward, and build a culture where developers are highly productive and security-minded. This is one of the main AppSec challenges so we are eagerly waiting for Jennifer and Kathryn’s insights. 

Tuesday, Apr. 25, 2023, 9:40 AM - 10:30 AM PT

Check out the session here

‍

Software Supply Chain: Panel on Threat Intel, Trends, Mitigation Strategies

The software supply chain remains as popular this year as it was in 2022, so it is not surprising that it is one of the top featured subject matters on this year’s agenda. This panel will explore ways to secure  the software supply chain, focusing on threat intelligence, recent trends, and mitigation strategies. Experts will discuss challenges, provide insights, and offer tips on improving supply chain security. Full disclosure: Enso’s Head of Research Omer Yaron is in this panel, so we are definitely biased and proud! 

Wednesday, Apr. 26, 2023, 12:15 PM - 1:05 PM PT

Check out the session here

‍

OWASP: Application Security Pipeline on 14 Cents a Day

AST tools are a crucial part of any AppSec program and there are amazing commercial tools out there. That being said, they are incredibly expensive and for starter or midsize AppSec programs these scanners can take a bulk of the budget, reducing AppSec teams to chasing vulnerabilities rather than managing a program. This is why we love that OWASP is putting on a session this year about leveraging amazing, cost and budget effective, open source options. Speakers include Vandana Verma, Matt Tesauro, Grant Ongers and more! 

Wednesday, Apr. 26, 2023, 8:30 AM - 12:30 PM PT

Check out the session here

‍

These are our top 5 AppSec sessions for RSA 2023! If you plan to attend and want to get a coffee and talk some AppSec, please get in touch with me at julia@enso.security.

‍

About Enso Security

Enso is transforming application security by empowering organizations to build, manage and scale their AppSec programs. Its Application Security Posture Management (ASPM) platform easily deploys into an organization’s environment to create an actionable, unified inventory of all application assets, their owners, security posture and associated risk. With Enso Security, AppSec teams gain the capacity to manage the tools, people and processes involved in application security, enabling them to build a simplified, agile and scalable application security program without interfering with development.

‍