LeanAppSec Live

Does your CISO understand the value of your AppSec program?

Special guest Sri Manda, CISO of Peloton, will give insider insights on how to communicate better with your CISO.  Learn actionable strategies to establish the value of AppSec, including:

• Identify business problems with data
• Build a business case to change tooling
• Use metrics to drive decision making and track progress
• Emerging metrics

Are your developers using LLMs? (That’s a rhetorical question)

We’ll hear from someone who literally wrote the book on LLM security: Steve Wilson, Chief Product Officer of Exabeam. He’s the project leader for OWASP Top 10 for Large Language Model AI Application and author of The Developer’s Playbook for Large Language Model Security.

In his session, Steve will talk about 6 things you can to ensure devs are safely leveraging AI:

• Limiting your domain
• Knowledge management
• Zero trust
• Managed supply chain
• Building an AI red team
• Continuous monitoring

Do you dream about developers doing the right thing for product security?

At Relativity, Raphael Theberge (Director of Security Enablement) and his team made that dream a reality. Hear about how they created a process to empower developers to block vulnerabilities before code is deployed, and they automated validation of those decisions. Better security, less toil. In his session, Raphael will share:

• How they confirm that a risk is ok to accept
• When to engage to make sure a risk remediated appropriately
• How to create organization-wide accountability for product security