OWASP’s AppSec California goes beyond “security for security’s sake”, bringing application security professionals and business experts together with the objective of sharing new information that helps get the right work done faster, so organizations are better able to meet their goals.
You can expect the brightest lights in the information security industry at the podium and in the seats around you. AppSec Cali draws California’s prodigious information security and management talent as well as expertise from around the globe. Senior executives, technical experts, information security practitioners and students attend AppSec Cali for the information and personal connections the event offers.
AppSec California is held at the Annenburg Community Beach house, just meters from the Pacific Ocean. The venue is intentionally modest in size to maximize opportunities for networking and sharing information with industry peers and experts. When you are not learning and making new connections, you have plenty of opportunities for beach photos to make your colleagues back in the office jealous. We expect around 400 attendees this year.
Alex Stamos is Yahoo’s Vice President of Information Security and Chief Information Security Officer. Alex leads all aspects of information security at Yahoo, including the team of Yahoo “Paranoids”, charged with making Yahoo’s products as secure as possible. This is a broad role which includes implementing top-to-bottom security for products and systems but also to lead the company and the industry in not just how security works today but how it needs to work in the future. Alex has spent his career building and improving secure, trustworthy systems and is a well-known expert on Internet infrastructure, cloud computing and mobile security. Most recently, he served as the CTO of Artemis and co-founded iSEC Partners. He has been a keynote speaker at FS-ISAC, was a key organizer of TrustyCon, and is frequently requested to present at conferences such as BlackHat, DEF CON, Microsoft Blue Hat and Infragard. He holds a BSEE from the University of California, Berkeley.
Charlie Miller is a security engineer at Twitter. Back when he still had time to research, he was the first with a public remote exploit for both the iPhone and the G1 Android phone. He is a four-time winner of the CanSecWest Pwn2Own competition. He has authored three information security books and holds a PhD from the University of Notre Dame. He has hacked browsers, phones, cars, and batteries. Charlie spends his free time trying to get back together with Apple, but sadly they still list their relationship status as, “It\’s complicated.”
Katie Moussouris is the Chief Policy Officer of HackerOne, where she oversees the company’s philosophy and approach to vulnerability coordination and disclosure, advises customers and researchers, and works toward the public good to legitimize and promote security research to help make the Internet safer for everyone. Katie Moussouris’ Microsoft work encompasses industry-leading initiatives such as Microsoft’s bounty programs, BlueHat content chair, security researcher outreach, vulnerability disclosure policies, and MSVR (Microsoft Vulnerability Research). She was honored with the 2011 Executive Women’s Forum Women of Influence Award in the category of One to Watch. Ms. Moussouris is a renowned keynote speaker and has presented at Security Analyst Summit 2014, RSA 2014, and Nordic Security Con 2013 as well as several others. She also was an invited speaker at Harvard Business School, MIT, HitB Malaysia 2012 and the Executive Womens Forum 2012 She is working on a book about vulnerability disclosure do’s and don’ts for vendors.
John’s expertise runs the gamut of software security from threat modeling and architectural risk analysis, through static analysis (with an emphasis on automation), to security testing. As a consultant, John has provided strategic direction to many multi-national corporations, and his keen interest in automation keeps Cigital technology at the cutting edge. He has served as co-editor of the Building Security In department of IEEE Security & Privacy magazine, speaks with regularly at conferences and trade shows, and is the leader of the Northern Virginia OWASP chapter. Follow John on Twitter @m1splacedsoul.