NOTE: This will be hosted virtually due to ongoing COVID-19 health concerns. You’ll get the meeting’s link after you RSVP. Also note, this month’s meeting is on Thursday not the usual Wednesday
-SFOWASP updates/announcements, upcoming events, etc.
-SFISSA updates/announcements, upcoming events, etc.
-Earliest timeline for in-person meetings
-Talk by Jeff Williams, Co-founder and CTO Contrast Security
-Virtual Happy Hour – Networking
Speaker: Jeff Williams, Co-founder & CTO Contrast Security
Title: Thinking INSIDE the Box – Fast and Accurate AppSec with IAST and RASP
Abstract: Software is incredibly hard to secure because it’s a black box. We’ve spent decades struggling to verify software from the outside by analyzing the source code, scanning, fuzzing, pentesting, etc… But we can get INSIDE the box and directly measure the security of software while it’s running (in development, test, and even production). In this talk, you’ll learn about Interactive Application Security Testing (IAST) and also Runtime Application Self-Protection (RASP). You’ll learn how to use the free and open source Java Observability Toolkit (JOT) project to easily create your own powerful security instrumentation without coding. We’ll analyze security defenses, identify complex vulnerabilities, create custom sandboxes, and enforce policy at runtime. Ultimately, IAST and RASP enable Dev, Sec, and Ops teams to work together in harmony, so your teams can focus on delivering value at high velocity.
Speaker’s Bio: Jeff brings more than 20 years of security leadership experience as co-founder and Chief Technology Officer of Contrast Security. Previously, Jeff was co-founder and CEO of Aspect Security, a successful and innovative application security consulting company acquired by EY. Jeff is also a founder and major contributor to OWASP, where he served as Global Chairman for 10 years, and created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet, and many more popular open source projects. Jeff has a BA from Virginia, an MA from George Mason, and a JD from Georgetown. Please connect on LinkedIn: https://www.linkedin.com/in/planetlevel/
***Virtual Happy Hour***
BYOB – Bring Your Own Beverage. The session is open to the attendees to discuss any current events or other InfoSec topical issues.