The Elephant in AppSec Conference
The Elephant in AppSec Conference
Powered by
about 1 month ago
Replay

Track 2: AppSec Tools

About

This track is perfect for those who want to hear speakers' specific takes on different AppSec tooling.

You can expect roasts of tools’ features, examples of nonsensical marketing, and of course, several mentions of how XYZ is dead.

Explore all the abstracts here 👉 https://www.theelephantinappsec.com/schedule

📆 Track 2 "AppSec Tools" Schedule:

9:00 AM - 9:05 AM PST: Opening Word

9:05 AM - 9:35 AM PST: James Berthoty - "A future of Security free from CNAPP"

9:40 AM - 10:10 AM PST: Expert panel: Sandesh Mysore Anand, Antoine Carossio, and Amit Bismut- "Can we actually measure the effectiveness of AI in cybersecurity?"

10:15 AM - 10:45 AM PST: Ron Nissim - "Is PAM Dead?! Long live Just-in-time Access!"

10:50 AM - 11:20 AM PST: Swan Beaujard - "DAST is dead, or is it?"

11:25 AM - 11:55 AM PST: Tristan Kalos - "We have been doing API security wrong"

12:30 PM - 1:00 PM PST: Jeevan Singh - "Most Security Tools are expensive paperweights: How to get your money’s worth"

1:05 PM - 1:35 PM PST: Kyle Kelly - "Roast of Software Supply Chain Security"

1:40 PM - 2:10 PM PST: Munawar Hafiz - "Our SAST Tools Have Failed Us"

2:15 PM - 2:45 PM PST: Anmol Agarwal - "AI in AppSec: Why We Need To Prioritize Security"

Speakers

James Berthoty

James Berthoty

Builder of Latiotech @ Former Cloud Security Engineer @PagerDuty

James Berthoty has been in technology for over 10 years in across engineering and security. An early advocate for DevSecOps, he has a passion for driving security teams as contributors to product. He lives in Raleigh, NC with his wife and three children, and is pursuing a PhD in philosophy.

Sandesh Mysore Anand

Sandesh Mysore Anand

Co-founder @ Seezo.io. Former Head of Security @ Razorpay

As the co-founder of Seezo, Sandesh is trying to solve Cyber Security challenges using Gen AI. Before this, Sandesh spent a decade in various cybersecurity roles including as the head of Security at Razorpay.

Amit Bismut

Amit Bismut

Head of Product @ Backslash Security

Amit Bismut is the Head of Product Management at Backslash Security, leveraging extensive cybersecurity experience. Amit's focus is on cloud and application security, having held previous product management roles at Aqua Security and Radware. In his spare time, Amit enjoys playing the guitar, spending time with his family, and baking.

Antoine Carossio

Antoine Carossio

CTO & Co-founder @Escape

Antoine is cofounder & CTO of Escape. Antoine is a former French National Secret Agency and Apple security engineer and penetration tester. He is an active contributor to multiple open-source projects and one of the maintainers of Clairvoyance.

Ron Nissim

Ron Nissim

CEO and Co-founder @ Entitle

Ron Nissim is the CEO and Co-founder of Entitle. Prior to founding Entitle, Nissim served in 8200, the elite intelligence unit of the Israeli Defense Forces. Ron is an entrepreneur in spirit with a passion for identity security and software engineering.

Jeevan Singh

Jeevan Singh

Director of Security Engineering @ Rippling

Jeevan Singh is the Director of Security Engineering at Rippling, where he is embedding security into all aspects of the software development process. Jeevan enjoys building security culture within organizations and educating staff on security best practices. Jeevan is responsible for a wide variety of tasks including architecting security solutions, working with development teams to resolve security vulnerabilities and building out security features. Before life in the security space, Jeevan had a wide variety of development and leadership roles over the past 15 years.

Tristan Kalos

Tristan Kalos

CEO @ Escape

Tristan Kalos, co-founder and CEO at Escape, draws from a background as a software engineer and Machine Learning Researcher at UC Berkeley. Motivated by firsthand experience witnessing a client’s database stolen through an API in 2018, he has since become an expert in API security, helping security engineers and developers worldwide building secure applications. He is an experienced keynote and conference speaker, presenting at Forum InCyber, Platform Summit, APIdays, GraphQL conf, and other international software development and cyber security conferences.

Anmol Agarwal

Anmol Agarwal

Senior Security Researcher @ Nokia

Dr. Anmol Agarwal is a senior security researcher that specializes in AI security. She works on using AI for security as well as securing AI. Dr. Agarwal is also an active speaker and has spoken at numerous events and conferences to educate the public about cybersecurity and data science concepts. She holds a doctoral degree in cybersecurity analytics where her research focused on attacking machine learning models. In her free time, she enjoys mentoring others in the community and traveling.

Kyle Kelly

Kyle Kelly

Tech Lead - Semgrep Supply Chain Security Research @ Semgrep

Kyle is the Tech Lead for Supply Chain Security Research at Semgrep and the founder of the CramHacks newsletter. With a background in consulting and research, he specializes in supply chain security, using his expertise to shape the insights he shares. Through CramHacks, Kyle is dedicated to empowering readers to actively engage in improving the cybersecurity landscape and deepening the analysis of software security within supply chains.

Swan Beaujard

Swan Beaujard

Security Software Engineer @ Escape

Swan is a security software engineer at Escape, specializing in DAST and Threat Intelligence. He is a core contributor to open-source projects focused on GraphQL security and reverse engineering. Swan is also passionate about machine learning and reverse engineering.

Munawar Hafiz

Munawar Hafiz

CEO @ OpenRefactory

Munawar Hafiz is the founder and head of innovations of OpenRefactory, Inc., an application security company that intends to improve the way developers write secure, reliable and compliant code. Munawar had a body of work on automated bug fixing in academia which lays the foundation for OpenRefactory. He is a champion of pushing SAST bug detection tools for better precision and introducing code rewriting capabilities to fix bugs automatically.