Unsolved Problems in Application Security

Date: Wednesday, August 28th at 10am PT / 1pm ET

The discipline of application security has evolved tremendously since the founding of OWASP in 2001. As software development methodologies, languages and ecosystems have advanced, AppSec has often struggled to keep pace with innovation, leading to a persistent gap between the velocity of software and the ability to understand and mitigate the risk it introduces. Some foundational issues, like reliable software composition analysis (SCA), have now been largely solved by the industry. Others, such as runtime-based reachability detection, are on the cusp of providing a tremendous leap forward to AppSec practitioners. But certain thorny problems, like software attestation, risk-based prioritization, SAST accuracy, and DAST correlation, remain elusive.

Join Snyk, the leader in Developer Security, for a wide-ranging discussion of the current state of application risk management and the unsolved issues that still limit the full potential of developer-focused security, including:

  • How the original principles of AppSec have evolved to keep pace with the changing landscape of software, and the persistent gaps that still limit the discipline’s potential
  • The promise of near-term innovations, such as AI-based analysis of runtime signals, to solve some longstanding issues and open the door to a paradigm shift
  • A realistic look at “what’s next” in the evolution of AppSec and how vendors and practitioners can work together toward a more honest conversation about capabilities and limitations

Register now!

About the presenter:

Clinton Herget, Field CTO, Snyk

Clinton Herget is Field CTO at Snyk, the leader in Developer Security, where he focuses on crafting and evangelizing our strategic vision for the evolution of DevSecOps. A seasoned technologist, Clinton spent his 20-year career prior to Snyk as a web software developer, DevOps consultant, cloud solutions architect, and engineering director. Clinton is passionate about empowering software engineers to do their best work in the chaotic cloud-native world, and is a frequent conference speaker, developer advocate, and technical thought leader.

Duration: 1 hour


Your e-mail address is used to communicate with you about your registration, related products and services, and offers from select vendors. Refer to our Privacy Policy for additional information.