Improving Web & Mobile Application Security

Presented by

Jason Steer, EMEA Solutions Architect, Veracode

About this talk

As companies grow to recognise the threat posed by insecure web and mobile applications to their security posture – through recent incidents of ‘hacktivism’ and data breach, application security programs designed to eliminate risk earlier in the development lifecycle, or to mitigate 3rd party risk have grown in importance. This session will examine the common threats and flaws in web and mobile applications, look at the different testing methodologies deployed to identify and remediate, and share findings from Veracode’s analysis of current state of software security based on real-world data. Attendees will learn how the development of an Application Risk Management (ARM) program can assist in improving their internal development cycles through the adoption of an SDLC approach, or the introduction of a 3rd-party scanning program to assess risks in their supply chain. Speaker Bio: Jason has been part of the information security industry for over 15 years, working in the fields of email security, encryption, public key infrastructure and authentication. As EMEA Solutions Architect at Veracode he manages technical and future development of their cloud-based application risk management platform across Europe. Prior to Veracode, Jason has held senior technical roles at Cisco, Ironport and Clearswift. Jason has also participated in a number of industry associations, involved in research and speaking at groups including the Open Web Application Security Project (OWASP), the Cloud Security Alliance (CSA), the Information, MAAWG (Messaging Anti Abuse Working group), Systems Security Association (ISSA). Jason holds a BSc in Information Systems from Edith Cowan University, Western Australia.

Related topics:

More from this channel

Upcoming talks (18)
On-demand talks (3531)
Subscribers (182225)
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.