LASCON2018 2018 Oct. 25, 2018 to Oct. 26, 2018, Austin, USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote: Jayson Street Jayson E. Street N/A
Secure Configuration in the Cloud Muein Siddiqui Category: Devops + Security Abstract: While the pervasive use of PaaS for application deployment in ...
Failing at Auth* by succeeding at Microservices Lashidhar Chennupati DevOps, MicroServices , Auth , What could go wrong?MicroServices are awesome, so are DevOps & ...
Rethinking Role-Based Security Education Kat Sweet How do we scale a deeper level of security awareness training without sacrificing efficacy? This ...
Year[0]: AppSec at a Startup Leif Dreizler Have you wanted to be on the application security team at a startup, but were ...
Practical DevSecOps – the simple free pipeline anyone can create Jeff Williams DevSecOps is so much more than forcing developers to use legacy tools. In this talk, ...
SML-Based Detection Engine of Device/Network Attacks for IIOT Gateway Mark Szewczul Mark will articulate the security architecture of a typical IIOT Gateway that uses embedded linux ...
Vulnerability Management: You're doing it wrong Digitalgrease • Mauvehed Threat and vulnerability management (TVM) is a core aspect of every information security program. Many ...
DevSecOps without DevOps is Just Security Kevin Wallace The best DevSecOps practices are built alongside strong DevOps practices. However, DevSecOps processes and tooling ...
Building Products People Trust: Designing Privacy, Consent, & Security into Your Products Taylor Mccaslin Building security software is hard. Making it easy to understand and designing security software with ...
Pentesting for Developers Chris Cornutt While secure development practices are an important part of keeping your application and its data ...
10 Reasons Your AppSec Testing Might Not Be Working Igor Matlin Is your application security solution working for you? A nightmare scenario for any security leader ...
Be Prepared - Things you can do today for the breach you hope never comes Bankim Tejani When a company goes through a data breach, its like a major traffic accident where ...
Invited Speaker: Robert Hansen Robert J. Hansen N/A
Running at Light Speed: Cloud Native Security Patterns Brian Mannino No matter how fast you ship software, a good design is critical to security. Cloud ...
Orchestrating Security Tools with AWS Step Functions Jules Massey Increasingly frequent deployments make it impossible for security teams to manually review all of the ...
Bridging GDPR from your Application to your Cloud Anton Taban When GDPR became a law recently, it became the most wide-ranging and stringent data protection ...
The White Hat’s Advantage: Open-source OWASP tools to aid in penetration testing coverage Ken Prole White hat penetration testers are generally at a disadvantage compared to the malicious attackers they ...
How to Assess the Maturity of your Security Program Jaffa Ochel We are continuously improving our security programs and controls – to protect against new threats, ...
Conducting Table Top Exercises to Get Your Team Battle Ready Josh Sokol For this session, we will be conducting a live Security Table Top Exercise (TTX). We ...
Don't @ Me - Hunting Twitter Bots at Scale Olabode Anise Automated Twitter accounts have been making headlines for their ability to spread spam and malware ...
Keynote: Heather Hinton Heather Hinton N/A
Keynote: Shannon Lietz Shannon Lietz N/A
Invited Speaker - Wendy Nather Wendy Nather N/A
Making Continuous Security a Reality with OWASP's AppSec Pipeline Matt Tesauro You’ve probably heard many talks about DevSecOps and continuous security testing but how many provided ...
The FaaS and the Curious Bryan Mcaninch Function as a Service (FaaS) platforms facilitate application deployment and event-driven execution with minimal cloud ...
The Road Less Travelled: Use-cases, Challenges, and Solutions of Homomorphic Encryption Trupti Shiralkar In this hyper-connected and data-driven world, information can be highly valuable. User data can be ...
Cryptography may or may not protect you - how it is used matters Karen Lu In today’s inter-connected IT environment, Internet applications, services, and devices are heavily dependent on cryptography, ...
Eisenhower and the Internet Damon Small The speaker researches the history of one large, government-funded infrastructure and compares it to another. ...
Poking Holes in the Cloud: Auditing AWS Security David Lister This talk covers the tools and techinques I have learned over the past year in ...
The Mitre ATT&CK Framework is for all of us, and it is time to pay attention to it Michael Gough Mitre has created the “Adversarial Tactics, Techniques & Common Knowledge” (ATT&CK) base to help security ...
Evolving Your Security Mindset to Embrace DevSecOps Bankim Tejani What is DevSecOps? It is not one thing, but multiple journeys integrally embedded together - ...
It takes a village to get security right: Building collaborative IAM solutions Asad Hutchinson We have seen two evolutionary trends in the Identity and Access Management (IAM) industry. The ...
Microservices Security Landscape Prabath Siriwardena The microservices architecture expands the attack surface with multiple microservices communicating with each other remotely. ...
Building An AppSec Program From The Ground Up: An Honest Retrospective John T. Melton This talk will cover the lessons learned from a 2-year journey starting an appsec program ...
Data Protection at Scale Naga Kumaraswamy In the era when everybody, including “well established” companies, have decided that Agile is way ...
How To Kick Butt in InfoSec Blogging! Kate Brew Blogging in InfoSec is a great way to improve your visibility and reinforce your personal ...
Invited Speaker - James Wickett James Wickett N/A
Empathy & Vulnerability in SecOps Joe Parker Security Operations can be challenging work, but it’s often made more so by a lack ...
Red TeamPen Testing Panel Discussion David Hughes N/A
Securing the Future of TLS - What's new in TLS 1.3 Carl Mehner TLS has had many changes and updates throughout the past two decades, TLS 1.3 is ...
Securing Legacy Applications Chris Cornutt It’s common to hear people preach “plan in security from the start” and in an ...
Adapting Your AppSec Brian Glas In the ever-evolving, fast-paced development world, application security has not scaled well. Incorporating application security ...
Threat Modeling for IoT Systems Dan Cornell The Internet of Things (IoT) is an exciting and emerging area of technology allowing individuals ...