Snyk ASPM Masterclass Series: Chapter 4

  1. Register Now

About This Series

Application security professionals are struggling. The transition to agile, DevOps, cloud, and the growing use of AI is empowering distributed development teams to build software with greater speed and autonomy. In contrast to the remarkable strides in development methodologies, AppSec teams are still playing catchup, both outnumbered and out-resourced. Given all these challenges, is it truly possible to “master” AppSec?

To that end, welcome to the ASPM (Application Security Posture Management) masterclass, where we will provide Application Security leaders and practitioners with the knowledge and tools to manage a risk-based AppSec program using the principles of ASPM as our guide. Participants will learn how to build AppSec programs which focus on risk, put KPIs in place to measure success, and work more seamlessly with both engineering and c-suite executives. Participants will walk away with the tools and know-how to build, manage and scale an AppSec program that works for your organization.

View the Sessions



You Could Win...

WIN A $250 Amazon Gift Card

WIN A $250 Amazon Gift Card

Giving away 6x!

Must be in live attendance to qualify. Duplicate or fraudulent entries will be disqualified automatically.

Virtual Event Sessions

  1. Chapter 1: Intro to ASPM | Building better AppSec programs with ASPM

    Now On Demand

    In this introductory chapter, we will review the foundations of AppSec program building and key concepts. We will also introduce ASPM (Application Security Posture Management) its core principles, and how AppSec practitioners and leaders can apply them in order to build, manage and scale a risk-based AppSec program.

    1. Sonya Moisset Sonya Moisset Senior Security Advocate, DevRel, Snyk
  2. Chapter 2: An AppSec Inspection: Visibility & Coverage

    Now On Demand

    As the saying goes, you can’t secure what you don’t know. Foundational to any AppSec program is being able to have full visibility into the “assets” which make up our software, and the ability to identify gaps in security coverage of those assets. This chapter will define an “asset” and help participants carry out a gap analysis of their own in order to ensure that critical software is being covered and resources are optimally utilized.

    1. Chen Gour-Arie Chen Gour-Arie Director of Engineering, Snyk
  3. Chapter 3: Creating a Risk Based Blueprint

    AppSec professionals are swimming in a sea of vulnerabilities, unable to keep up with the pace of development. This chapter will introduce the concept of risk-based AppSec management, enabling our security teams to go from a system of “chasing vulnerabilities” to “managing risk”.

    1. Micah Silverman Micah Silverman Director of Developer Relations, Snyk
  4. Chapter 4: Control the Next Zero-Day

    This chapter will focus on incident response, and what AppSec teams should be prepared to do when a 0-day hits. We will learn how to identify what are the app assets that need an "all hands on deck" response and why due to the nature of zero-day incidents, AppSec deserves its own incident response plan.

    1. Omer Yaron Omer Yaron Senior Research Engineer, Snyk
  5. Chapter 5: Measuring Success

    What does success look like? How do we know if we are “getting better”? This chapter will cover common metrics and KPIs for various stakeholders involved in developing applications, securing applications and eliminating potential business risk in order to answer the question – Is this working?

    1. To Be Announced , Snyk
  6. Chapter 6: Empowering your team members: Creating a Culture of Trust

    Securing your organization’s software security is a team sport, involving stakeholders from developers all the way to the C-suite. In this chapter, we will review the various stakeholders and their roles, what makes them tick, and how security can instill a culture of trust and ownership to get the job done.

    1. Vandana Verma Sehgal Vandana Verma Sehgal Security Relations Leader, Snyk