Loading…
DeveloperWeek 2025 has ended
Subject: Dev Security World clear filter
arrow_back View All Dates
Wednesday, February 19
 

10:30am PST

[Virtual] OPEN Session: Fix What Matters First: Bridging Code and Cloud Security
Wednesday February 19, 2025 10:30am - 10:55am PST
VIRTUAL Frontend World
Eric Carter, Sysdig, Senior Director Product Marketing

Organizations modernizing applications in the cloud find themselves drowning in vulnerabilities and security alerts. With too much noise and not enough time, teams need a better way to prioritize and address real risks to stay ahead of threats.

Join Sysdig for a discussion of how to boost your software supply chain security and address risk from development through production.

In this session we’ll cover:

-The latest cloud-native security risks and challenges

-How to better prioritize vulnerabilities and misconfigurations

-Using runtime signals to reduce AppSec noise up to 95%

-Detecting active cloud risk to protect against cyberattacks

-Improving outcomes with AppSec tools like Snyk, Checkmarx, and Docker
Speakers
avatar for Eric Carter

Eric Carter

Senior Director Product Marketing, Sysdig
Eric is Director of Product Marketing focused on cultivating Sysdig’s technology cloud and container partner ecosystem. Eric has spearheaded marketing efforts for enterprise technology solutions across various domains, such as security, monitoring, storage, and backup. He is passionate... Read More →
Wednesday February 19, 2025 10:30am - 10:55am PST
VIRTUAL Frontend World https://app.events.ringcentral.com/events/developerweek-productworld-ai-devworld-2025/reception
  Frontend World

12:30pm PST

[Virtual] OWASP Security Summit: Security At Your Service (SAUS)
Wednesday February 19, 2025 12:30pm - 12:55pm PST
VIRTUAL Dev Security World
Cam Johnson, The Cyber Crew & Entertainment Technology Leader, Founder
OWASP Certified 

Cybersecurity organizations exist because of the technical innovations driven by the businesses they protect. For security to truly serve its purpose, engineers must understand their critical role in shaping the growth and effectiveness of these organizations.


As an engineer, you are uniquely positioned to be a catalyst for meaningful change. By embracing security as part of your process, you empower your organization to grow stronger and more resilient. Security is not just a requirement—it’s an opportunity to set higher standards. Challenge the status quo and demand excellence.


Key Points:
1. You Are the Change Agent
• Cybersecurity supports the innovations you create. Own your role in leading the charge.
2. Own Security as Part of Your Job
• Embrace it as an essential element, not an external responsibility.
3. Challenge Inefficiencies
• Push for smarter, more effective ways to integrate security into workflows.
4. Inform and Engage Leadership
• Your leaders own the risk. Make them aware of the challenges and opportunities.
5. Push Back with Purpose
• Advocate for solutions that benefit both security and productivity.
6. Build Alliances
• Find allies across teams who share your vision for a stronger, more secure organization.
 
Speakers
avatar for Cam Johnson

Cam Johnson

Founder, The Cyber Crew & Entertainment Technology Leader
Wednesday February 19, 2025 12:30pm - 12:55pm PST
VIRTUAL Dev Security World https://app.events.ringcentral.com/events/developerweek-productworld-ai-devworld-2025/reception
  Dev Security World

1:00pm PST

[Virtual] OWASP Security Summit: AI and the Gaming Industry: Risks, Rewards, and the Future
Wednesday February 19, 2025 1:00pm - 1:25pm PST
VIRTUAL Dev Security World
Tanya "SheHacksPurple" Janca, SheHacksPurple, Secure Coding Trainer
OWASP Certified 
Speakers
avatar for Tanya

Tanya "SheHacksPurple" Janca

Secure Coding Trainer, SheHacksPurple
Tanya Janca, aka SheHacksPurple, is the best-selling author of 'Alice and Bob Learn Secure Coding', 'Alice and Bob Learn Application Security’ and ‘Cards Against AppSec'. Over her 28-year IT career she has won countless awards (including OWASP Lifetime Distinguished Member and... Read More →
Wednesday February 19, 2025 1:00pm - 1:25pm PST
VIRTUAL Dev Security World https://app.events.ringcentral.com/events/developerweek-productworld-ai-devworld-2025/reception
  Dev Security World

2:00pm PST

[Virtual Exclusive] OWASP Security Summit: Building a Network Telemetry Platform to minimize Security Threats
Wednesday February 19, 2025 2:00pm - 2:25pm PST
VIRTUAL Dev Security World
Siri Varma Vegiraju, Microsoft, Senior Software Engineer

Maintaining robust network security in the cloud environment is more crucial than ever. This talk explores the design and implementation of a proactive network telemetry platform that strengthens infrastructure security. The platform collects and analyzes telemetry data from virtual machines to identify and scrutinize traffic patterns deviating from industry-standard baselines. By generating actionable insights and promptly notifying relevant teams of potential issues, it enables swift problem resolution. This proactive approach significantly reduces the attack surface, minimizes exposure to network attacks, and enhances overall cloud security. 
Speakers
avatar for Siri Varma Vegiraju

Siri Varma Vegiraju

Senior Software Engineer, Microsoft
Siri Varma Vegiraju is a seasoned professional in healthcare, cloud computing, and security. Currently, he focuses on securing Azure Cloud workloads, leveraging his extensive experience in distributed systems and real-time streaming solutions. Prior to his current role, Siri contributed... Read More →
Wednesday February 19, 2025 2:00pm - 2:25pm PST
VIRTUAL Dev Security World https://app.events.ringcentral.com/events/developerweek-productworld-ai-devworld-2025/reception
  Dev Security World

2:30pm PST

[Virtual] OWASP Security Summit: API Security 101: How to Not Be Featured in a Top Ten Breaches List
Wednesday February 19, 2025 2:30pm - 2:55pm PST
VIRTUAL Dev Security World
Dan Barahona, APISec, Co-Founder

This talk will dive into the fundamentals and best practices for API Security. By understanding the 3 Pillars of API Security, encompassing governance, testing and monitoring, attendees will gain a comprehensive understanding of the essential elements required to safeguard APIs. The session will conclude with practical insights, offering best practices and valuable do's and don'ts for implementing and maintaining secure APIs.

Why are APIs under attack?
-83% of internet traffic are APIs
-APIs are under-secured

How do APIs get attacked?
Attackers look for APIs that are over-permissioned, return to much information, access unauthorized functions, and expose logic flaws. Attackers are able to bypass a web or mobile app and hit the API directly.

OWASP top 10!!
#1-#4 are the biggest issues

More compliance regulations are including testing APIs.
-PCI
-HIPPA
-GDPR
-FedRAMP
Speakers
avatar for Dan Barahona

Dan Barahona

Co-Founder, APIsec University
Dan is a 20+ year cybersecurity veteran, having held exec positions at companies including Qualys, ArcSight, Anomali and APIsec. He founded APIsec University in 2022 to offer free, non-vendor training on API security. The site has grown to over 50,000 students in its first 6 months... Read More →
Wednesday February 19, 2025 2:30pm - 2:55pm PST
VIRTUAL Dev Security World https://app.events.ringcentral.com/events/developerweek-productworld-ai-devworld-2025/reception
  Dev Security World

3:00pm PST

[Virtual] OWASP Security Summit: 30 Tips for Secure JavaScript
Wednesday February 19, 2025 3:00pm - 3:25pm PST
VIRTUAL Dev Security World
Tanya "SheHacksPurple" Janca, SheHacksPurple, Secure Coding Trainer
OWASP Certified 

In this talk, we will cover 30 tips for writing more secure JavaScript, emphasizing what to do, what NOT to do, and utilizing open-source tooling to enhance security. JavaScript is not only the most popular web programming language, but it also faces security threats like XSS and code injection, meaning we need to ensure our JavaScript is tough, rugged, and secure. We’ll touch only upon items that are specific to JavaScript, as opposed to agnostic topics that apply to all languages, such as encryption or authentication. By the end, you’ll gain insights into selecting the best framework, adopting secure coding practices, and leveraging tools for web application security, catering to both seasoned developers and beginners seeking practical guidance. 
Speakers
avatar for Tanya

Tanya "SheHacksPurple" Janca

Secure Coding Trainer, SheHacksPurple
Tanya Janca, aka SheHacksPurple, is the best-selling author of 'Alice and Bob Learn Secure Coding', 'Alice and Bob Learn Application Security’ and ‘Cards Against AppSec'. Over her 28-year IT career she has won countless awards (including OWASP Lifetime Distinguished Member and... Read More →
Wednesday February 19, 2025 3:00pm - 3:25pm PST
VIRTUAL Dev Security World https://app.events.ringcentral.com/events/developerweek-productworld-ai-devworld-2025/reception
  Dev Security World

3:30pm PST

[Virtual] OWASP Security Summit: Beyond Bounty - How Breaking Helps Building
Wednesday February 19, 2025 3:30pm - 3:55pm PST
VIRTUAL AI DevWorld Main Stage
Kevin Hemmingsen, BugCrowd, Director of Trust & Security
OWASP Certified  

Statistics and real-world examples of the benefit of collaboration between developers and security researchers
Speakers
avatar for Kevin Hemmingsen

Kevin Hemmingsen

Director of Trust & Security, BugCrowd
Wednesday February 19, 2025 3:30pm - 3:55pm PST
VIRTUAL AI DevWorld Main Stage https://app.events.ringcentral.com/events/developerweek-productworld-ai-devworld-2025/reception
  Dev Security World
 
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Monday, February 10
Tuesday, February 11
Wednesday, February 12
Thursday, February 13
Tuesday, February 18
Wednesday, February 19
Thursday, February 20
AI DevWorld Stage
AI DevWorld MAIN STAGE
CloudNative World Stage
Dev Innovation World Stage
Dev Security World Stage
DeveloperWeek MAIN STAGE
DeveloperWeek PRO Stage
DevExec World Stage
Frontend World Stage
Hyatt Regency Santa Clara
Hyatt Regency Santa Clara - Lobby
OpsWorld Stage
ProductWorld MAIN STAGE
Roundtables
Santa Clara Convention Center - Expo Hall
Santa Clara Convention Center - Main Lobby
VIRTUAL AI DevWorld Main Stage
VIRTUAL AI DevWorld Stage
VIRTUAL AI DevWorld Stage 1
VIRTUAL Cloud Native World
VIRTUAL Dev Exec World
VIRTUAL Dev Innovation World
VIRTUAL Dev Security World
VIRTUAL DeveloperWeek MAIN STAGE
VIRTUAL DeveloperWeek PRO STAGE
VIRTUAL Expo Hall
VIRTUAL Frontend World
VIRTUAL OpsWorld
VIRTUAL ProductWorld Main Stage
  • 1. Badge Pick-up & Registration
  • 2. Community Events & Experiences
  • 3. Expo Hours
  • 4. Hackathon
  • 5. KEYNOTES & FEATURED
  • AI DevWorld
  • Cloud Native World
  • Dev Exec World
  • Dev Innovation World
  • Dev Security World
  • Frontend World
  • OpsWorld
  • ProductWorld
  • Tracks & Topics
  • AI & ML Certificate
  • API Certificate
  • APIs & Microservices
  • Blockchain & Web3
  • Cloud Management Certificate
  • Data Engineering
  • Data Management and Engineering Certificate
  • Dev Career
  • Dev Leadership Certificate
  • Developer Experience (DX)
  • Developer Tools
  • DevOps
  • DevOps Certificate
  • Enterprise
  • Frontend Certificate
  • Gen AI / LLMs
  • Open Source Strategy
  • Platform Engineering
  • Product Certificate
  • Security Certificate
  • Technical Leadership & Management
  • Session Type
  • OPEN Session
  • PRO Session
  • PRO Workshop Day (Tues)
  • Conferences
  • AI & Organizational Change Management (AI DevWorld)
  • AI DevWorld
  • AI DevWorld: AI Strategy Conference
  • AI DevWorld: AI/ML Engineering Conference
  • AI DevWorld: Industry AI Conference
  • AI Ethics (AI DevWorld)
  • AI for the Enterprise (AI DevWorld)
  • AI Security & Governance & Compliance (AI DevWorld)
  • Applied AI Innovation (AI DevWorld)
  • Applied Machine Learning (AI DevWorld)
  • Bots & Language Processing (AI DevWorld)
  • Cloud Native World
  • Data Science & Predictive Models (AI DevWorld)
  • Deep AI Learning & Neural Networks (AI DevWorld)
  • Dev Exec World
  • Dev Innovation World
  • Dev Security World
  • Finance/FinTech AI (AI DevWorld)
  • Frontend World
  • Generative AI & LLMs (AI DevWorld)
  • Healthcare & HealthTech AI (AI DevWorld)
  • Marketing & Advertising AI (AI DevWorld)
  • Methodology: Agile and Rapid Prototyping and SCRUM and Beyond (ProductWorld)
  • MLOps & AIOps (AI DevWorld)
  • OPEN Session
  • OpenAPI Summit
  • OpsWorld
  • OWASP Certified
  • Product Lead / Product Manager Roundtables (ProductWorld)
  • Product Lifecycle & Case Studies (ProductWorld)
  • Product Management Tools & Software (ProductWorld)
  • Product Roadmap Strategy & Innovation (ProductWorld)
  • Product Team Management & Structure (ProductWorld)
  • ProductWorld
  • Retail & E-commerce AI (AI DevWorld)
  • Roundtables
  • Sponsor Spotlight
  • Tensorflow & PyTorch & Open Source Frameworks (AI DevWorld)
  • Virtual
  • In-Person/Virtual
  • In Person
  • Virtual
  • Virtual Exclusive