Webinar:

Lessons learned from building AppSec programs

Sponsored by: Checkmarx/Ackcent

Focused on:

  • Application Security

Date: 1 October

24

Time: 6PM Madrid/5PM London

Practical Application Security approaches that work

*This webinar will be held in Spanish*

Are you planning (or currently working) to implement an AppSec program? Whether you are planning to incorporate security measures during the development lifecycle or you are in the process of implementing it, this webinar will provide useful insights on the different technical approaches and issues/solutions that Ackcent finds when helping our customers to adopt an AppSec program.

The aim of this webinar is to share Ackcent’s know-how and learned lessons on what are the goals of an AppSec program, its benefits, the different technical and procedural approaches, as well as the common stoppers that influence the mature adoption of security measures during the application development process.

This webinar talks about used architectural CI/CD approaches to early detection of security vulnerabilities, as well as on how to manage and control the remediation process. Besides the CI/CD architectural approaches, the webinar will deal with common issues such as:

· When should we audit application code from a security point of view?
· How to address audit results to the right actors to make the remediation process effective and auditable?
· Who should manage and control the remediation process?
· What is the role of Development and Architecture Depts within the AppSec program?
· How to govern the AppSec program?

If you are working on an AppSec program or already have one and would like to review it, this webinar will provide you with useful insights and learned lessons from Ackcent’s practical experiences on implementing AppSec programs

Presented by

Daniel Cruz,

Chief Delivery Officer

Daniel Cruz is a Technical Engineer in Management Computing (Universitat Politècnica de Catalunya- UPC) and he also has a Master in Computer Security Technologies from esCERT-UPC. He has more than 15 years of experience in the Information Security sector in Cybersecurity projects, designing plans and security strategies in complex organizational environments, nationally and internationally. In addition, he has extensive experience in directing and executing technical audit projects in critical environments.

Currently, he is Chief Delivery Officer and member of the Ackcent Cybersecurity Management Committee. He is also professor of the module on compliance and risk analysis of the Master in Cybersecurity Management at the UPC. In addition, he has been professor at the Master's Degree in Security (Universitat Oberta de Catalunya – UOC), at the ICT Security Master's Degree at the Universidad de Deusto and at the Master's Degree in Digital Law and the Information Society (Universitat de Barcelona – UB). He has various certificates such as the CISA (2006), CISM (2008), BS 7799-2 Principal Auditor by the BSI (British Standard Institute) and Expert Auditor of Information Security Management Systems on UNE-71502 by APPLUS CTC.

Luis Manuel García,

Senior Security Specialist

Luis Manuel García is currently a Senior Security Specialist at Ackcent Cybersecurity, mainly focused in AppSec program consultancy and SecDevOps (S-SDLC, SAST/SCA and CI/CD integrations). He is in charge of helping customers defining and implementing a fruitful approach to combine Static Application Security Testing (SAST) and Software Composition Analysis (SCA) to strengthen their software security program.

Key Learning Objectives

  • Key factors designing an application security program
  • Application security at the speed of digital business (CI/CD approaches)
  • Finding and fixing application security vulnerabilities
  • Lessons learned from practical experience

Audience

  • Directors of DevOps
  • Application Security
  • DevSecOps
  • Architecture
  • C-levels
  • CIOs
  • CTOs
  • CISO
  • CEOs