Loading…
The Open Web Application Security Project (OWASP) Los Angeles Chapter has teamed up with the Orange County, Inland Empire, San Diego, and San Francisco Bay Area chapters to bring you another great AppSec California. Join us and your peers for amazing talks and networking on January 22-25, 2019!
Friday, January 25 • 2:00pm - 2:50pm
Lessons Learned from the DevSecOps Trenches (Panel)

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
The adoption of agile development practices and DevOps has enabled companies to iterate more quickly, allowing them to be more responsive to customer needs and deliver features in a fraction of the time. While this rapid release cycle has a number of benefits for the engineering team, it can tax already time- and person-limited security teams, who are usually outnumbered by engineers 100:1 or more.

To keep up with growing engineering teams and the rapid pace of development, security teams have begun investing heavily in tools, processes, and policies that more efficiently and effectively amplify their efforts.

Join us for a candid panel discussion of how several companies have worked to scale their AppSec program, including senior security team members from Dropbox, Netflix, Datadog, DocuSign, and Signal Sciences.

We’ll discuss a number of relevant topics, including:
* What are some initial, high ROI minimal security engineering efforts that are valuable to pursue first?
* Which security tools, processes, or libraries have been the biggest wins at your company?
* What are three things you’d do in any organization you join?
* What are three spectacular failures you’ve had?

Attendees will leave with specific, practical and actionable lessons they can apply immediately to their organizations. We’ll leave extra time for questions at the end to ensure we answer the audience’s most pressing needs.

Moderators
avatar for Clint Gibler

Clint Gibler

Research Director, NCC Group
Clint Gibler (@clintgibler) is a senior security consultant and research director at NCC Group, a global information assurance specialist providing organizations with security consulting services. By day, he performs penetration tests of web applications, mobile apps, and networks... Read More →

Speakers
avatar for Devdatta Akhawe

Devdatta Akhawe

Security Engineer, Dropbox
Devdatta heads the Product Safety Organization at Dropbox. Before that, he received a PhD in Computer Science from UC Berkeley. His graduate research focused on browser and web application security, during which time he also collaborated with the Firefox and Chrome teams. He is a... Read More →
avatar for Doug DePerry

Doug DePerry

Director, Product Security, Datadog
Doug DePerry is the Director of Product Security for Datadog. Prior to his current position, Doug lead the bug bounty program at Yahoo. Much of his 10+ years of experience in the security industry is on the offensive side, as a security researcher and consultant at Leaf SR and iSec... Read More →
avatar for Divya Dwarakanath

Divya Dwarakanath

Security Engineering Manager, Snap
Divya leads the Application Security team at Snap, focusing on developing frameworks and tools to prevent vulnerabilities, assessing the security of products and educating developers. Prior to Snap, Divya has worked as a security consultant and software engineer.
avatar for John Heasman

John Heasman

Deputy CISO, DocuSign
John Heasman is the Deputy CISO at DocuSign, focused on proactive approaches to securing software. Prior to DocuSign, he spent 10 years working as a consultant for the NCC Group. John has released numerous security advisories in widely used software and has presented original research... Read More →
avatar for Astha Singhal

Astha Singhal

Engineering Manager, Application Security, Netflix
Astha Singhal leads the Application Security team at Netflix that secures all the applications in Netflix's cloud infrastructure. Prior to this, she managed the AppExchange Security Review on Salesforce Product Security. She is a security engineer by qualification who is passionate... Read More →


Friday January 25, 2019 2:00pm - 2:50pm
Sand and Sea Room