Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I will discuss digital transformation in the enterprise, how it impacts cloud native applications developed using agile methodologies and as a result, an oscillating application risk rating, which then triggers prioritized security-related activities by application security engineers.. Key topics will include: Creating a baseline application risk profile Dynamic characteristics of application risk factors Significant changes that trigger security reviews

Greatly reduce vulnerabilities using Snyk's advanced container analysis. This session focuses specifically on the Base Image Management capabilities. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

Hear from Snyk's DevRel and Community Team as they share their security horror stories.

Andrew Betts shares his security horror story of how the Financial Times was hacked by the Syrian Electronic Army.

All things OWASP

How do you become a secure python developer? Following best practices, and learning about application security from experts! In this session we will explore and explain explain how Python manages dependencies, the requirements.txt file, and other aspects of 3rd-party open source software. We will gently touch upon an intro to the different package managers, such as pipenv, and poetry.

In honor of 31 Days of Security and Halloween, Jim Manico shares his security horror story.

Snyk Founder Guy Podjarny shares his career journey and advice for those in the security industry or those looking to break into it.

Which comes first, security or the app? As development teams adopt and embrace the shift left mindset we see broader the wider software development lifecycle starting to ask the question of how soon is too soon to bring in security.