Welcome to OWASP AppSec 2018 USA we look forward to seeing you in San Jose, CA

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Imperial Room [clear filter]
Thursday, October 11


(in)Security is eating the world; speed and autonomy is our only hope for defense
Technology has transformed nearly every segment of our lives and will continue to dramatically impact the future. From transportation, to medicine, to communication, technology underpins every aspect of how we interact with the world, and with each other. However, every day we see examples of critical security failures impacting technology, and ultimately our lives. The fundamentals of security may be simple, but the implementation is far from it. There is a massive interconnection of technologies, an explosion of data, time to market drivers, and human interpretation is mixed throughout. The solution to this chaos is not to employ more humans toiling for security. Automate or die. The future of security is a dramatic shift to autonomy, scale and speed. Join me as we journey through a talk of controversial stances and hard realities to uncover a strategy for securing the future of technology.

avatar for Michael Coates

Michael Coates

Co-founder and CEO, Altitude Networks
Michael Coates is the CEO & co-founder of Altitude Networks. Previously, Michael was the Chief Information Security Officer at Twitter. Michael has also served for six years on the OWASP global board of directors, three of those years as the chairman.Prior to Twitter, Michael was... Read More →

Thursday October 11, 2018 9:00am - 9:45am
The Fairmont
Friday, October 12


Defensible Application Security for the Artificial Intelligence Era
From the very beginning of the Internet, humans have struggled with how to trust in the digital world. Neuroscience studies are gradually uncovering clues as to how our brains process digital cues, and how we adapt to an increasingly extensive digital presence around us. As the scale of that presence increase exponentially so is the complexity of applications that process, represent, and protect the digital transactions, the identities, and the actions that we undertake every day. Today application security is a race against bad actors. We have fairly effective tools to separate humans from digital entities and test trustworthiness of certain actions, but we are wholly unprepared for a world when a digital entity passes the Turing test. This talk takes us through the concept of trust, how our brains process trust, and how we may arrive to decision making based on trust in the digital realm. We will examine how the infusion of machine learning and AI impact design principles for application security. Why we must design applications and systems with real-time controls that operate at scale and respond automatically to dynamic and intelligent adversaries.

avatar for Chenxi Wang

Chenxi Wang

Founder, Rain Capital
Dr. Chenxi Wang is the Founder of the Jane Bond Project, an independent security research and advisory firm. Wang also serves on the boards of various startups and VC funds. Previously,Wang was the Chief Strategy Officer at Twistlock. Wang is the 2016 and 2017 program Co-Chair for... Read More →

Friday October 12, 2018 9:00am - 9:45am


Making Security Approachable for Developers and Operators
Security is a complex topic filled with jargon and subtle nuances. The "weakest link" challenge in security means we must be concerned with every threat vector and apply best practices universally. This becomes challenging when we need to bring developers and operators into the fold, since our infrastructure and applications are critical to the our security posture. Instead of expecting everybody to become an expert in security, we need to make security more approachable for these audiences. In this talk, we discuss how to apply best practices and make them accessible to developers and operators through APIs, secure by default platforms, and policy as code.

avatar for Armon Dadgar

Armon Dadgar

Co-Founder and CTO, HashiCorp
I have a passion for security and distributed systems and their application to real world problems. As a co-founder and CTO of HashiCorp, I bring both those interests into the world of DevOps tooling. As a former practitioner and proponent of open source software, I have helped design... Read More →

Friday October 12, 2018 3:30pm - 4:15pm
The Fairmont