Date: February 22, 2022
Time: 9 a.m. MST/8 a.m. PST/5 p.m. CEST/9:30 p.m. IST
Topic: How Enterprises Can Secure Their Web Application Against Attacks
Abstract:
To effectively protect your organization’s web applications against cyberattacks, it is necessary to take a multidimensional approach. In this webinar, a panel of industry experts will discuss key measures that enterprises can take to mitigate web application security risks, including incorporating DevSecOps from design through implementation, using web application penetration testing to plug vulnerabilities, and improving incident detection and response.
Enterprises can adopt DevSecOps as a methodology and integrate cybersecurity practices such as secure coding into the development life cycle (design, development, testing, release, and maintenance). This ensures that there is no delay in mitigating cybersecurity risks, since secure application rollouts are less susceptible to threats like hacks by malicious actors.
Expert penetration testing professionals test applications to find vulnerabilities and ensure that cybersecurity loopholes can be plugged before malicious hackers can exploit them. Penetration testing can be conducted on applications before rollout and on live applications to continuously improve their security. Every web application should have a sound incident detection and response plan with clear security policies, effective tools, and steps that can be taken to recover from an attack as soon as possible.
Key takeaways:
- Integrate security management into your web application development life cycle
- Use penetration testing to address web application vulnerabilities
- Implement an effective incident detection and response plan
- Get insights into industry standards, best practices, and processes for web application security
Moderator :
Dragan Pleskonjic, Senior Director of Application Security at IGT (formerly GTECH)
Bio: In his current role, Dragan Pleskonjic directs, coordinates, and oversees application security efforts at the global level. Dragan is a well-known expert and influential strategic thinker in the fields of information security, privacy, machine learning (ML), and artificial intelligence (AI). He is an experienced leader who has held top positions at international companies. He has worked with clients and partners around the world in a variety of sectors, including finance and banking, technology, telecommunications, gaming, education, and government. In addition to his extensive experience creating and managing startups and overseeing new business development, he has a proven history of leadership and talent in creating, managing, and organizing successful teams.
Dragan has also served as an adjunct professor of cybersecurity and computer science and is the author of 10 books, including university textbooks on cybersecurity, operating systems, and software. In addition to being an inventor with patents granted by the USPTO, CIPO, EPO, and WIPO, he has published over 80 papers in scientific and technical journals and conferences.
His research and development efforts focus on intelligent predictive security (INPRESEC) and exploring the paradigm shift in information security and privacy with AI and ML. Dragan is the initiator and founder of many products, solutions, and research projects, including the INPRESEC project, Glog, and Security Predictions.
Panelists :
David Kosorok, Director of Application Security at Hyland Software
Bio: David Kosorok is responsible for application security at Hyland Software. He has over 25 years of experience in software and security testing and over 13 years of experience in security specifically. Before joining Hyland, David led application security and vulnerability management teams at DocuSign and pioneered application security programs at Align Technologies, SAP Concur, the Church of Jesus Christ of Latter-day Saints, and several startups.
David holds several professional security certifications, including C|HFI and C|EH, as well as a Master of Science in information security and assurance. He has also been a volunteer beta editor for PenTestMag for several years and recently joined EC-Council’s Global Advisory Board for Certified Application Security Engineer (CASE). When he’s not reading great sci-fi and fantasy novels or struggling to write one with his brother, David enjoys volunteering in his community, hiking, camping, and generally enjoying the outdoors.
Rory McEntee, Vice President of Application Security at Protego Trust Bank
Bio: Rory McEntee has been a security professional for over 13 years and lives in the Pacific Northwest. He spent five years in the Army, including a couple of tours to Iraq. He then completed a Bachelor of Science in computer science at Evergreen State while being an active member of the competitive cyber defense team the GNU-E-Ducks. After college, he worked as an intern on an application security team and has been hooked on AppSec ever since. Rory has managed application security programs at SAP Concur and DocuSign. Rory has two cats, Taco and Rocco, who fight crime and sometimes commit it. He plays golf and enjoys traveling.
*Examples, analysis, views and opinion shared by the speakers are personal and not endorsed by EC-Council or their respective employer(s)
