This live meetup will be on July 19, 5pm at 114 Sansome St Suite #210 · San Francisco, CA
This meetup is sponsored by Fossa. Deepfactor CEO Kiran Kamity will be one of the speakers.
Talk #1 Quantifying Application Security
Why are application security concerns important? The security industry is increasingly using cyber risk quantification to express risks in business language. We will cover the tools, techniques, and methods used to measure risk and make informed decisions within security and the business at large. This includes an overview of Monte Carlo, Metalog Distributions, OPEN FAIR analysis, causal models, and other techniques/ tools.
Speaker: Daniel ONeil, CEO Privacy labs
Talk#2 AppSec 2.0: Reimagine AppSec With Runtime Analysis
SCA tools (container and dependency scans) generate too much noise. Runtime security tools don’t understand SCA findings, and don’t come in until production. What if you could marry SCA with runtime analysis during dev, test, and prod?
In this session, Kiran Kamity, CEO and Founder of Deepfactor, will discuss how the next generation of AppSec needs to go beyond just integrating static SCA into your CI pipeline, to analyzing insecure behaviors inside running apps and correlating that back to SCA to understand which vulnerable components are actually loaded into memory and used by your application. This new approach to AppSec will detect both known vulnerabilities/CVEs with SCA scans and unknown vulnerabilities with runtime analysis. It will then prioritize known vulnerabilities with runtime correlation of SCA findings. End result: you catch most of the key risks in your app, prioritize the key items your devs need to work on without flooding them with alerts, and remove unused components from your containers to burn down your CVE debt rapidly….and achieve the true mission of AppSec…to empower engineering and security teams to create secure applications.
Speaker: Kiran Kamity is the Founder & CEO of Deepfactor. He is a serial Silicon Valley entrepreneur with a passion for building products that meet a need and make a business impact—with Deepfactor that’s empowering engineering teams to create secure cloud native applications. Prior to Deepfactor, Kiran was the Head of Product at Cisco Cloud BU, Founder/CEO at ContainerX (acquired by Cisco), and the Founder/VP at RingCube (acquired by Citrix). Kiran is a TEDx speaker and loves nature, travel, and food.