Threat Modeling in modern DevOps 

By Derek Fisher 

Abstract: 

In this session, we will dissect the workings of traditional manual, tool-assisted, and code-based approaches to threat modeling, focusing on achieving the delicate balance between speed and depth in processes. Attendees will gain insights into the advantages, limitations, and strategic integration of these methodologies into the Software Development Lifecycle (SDLC). Whether you're a seasoned security professional or a software developer looking to bolster your organization's security posture, this session promises to equip you with practical knowledge and actionable strategies for optimizing threat modeling practices.

About the Speaker:

Derek Fisher offers over 25 years of experience in hardware, software, and cybersecurity, spanning industries like healthcare and finance. An accomplished leader and educator, he excels in cybersecurity strategy, risk management, and compliance, leading incident response efforts and directing high-performing teams. Derek effectively communicates complex technical concepts to a range of audiences, including executives and board members. In academia, he translates his professional knowledge into courses for both graduate and undergraduate students, and has developed self-paced online training programs on topics such as threat modeling and application security. Additionally, Derek is an award-winning author of a children's book series on online safety, recognized by the Mom’s Choice Award, and has published a well-received guide on building application security programs through Manning.

Proving ROI as GRC leaders

By Girish Redekar 

Abstract:

Governance, Risk and Compliance (GRC) is perhaps one of the most under-appreciated functions in a company. Leadership finds it hard to understand its impact, and you have to fight for resources and budget. At the same time, other functions in the org often see GRC activities as a burden. This talk is designed to help you position GRC within your organization. It specifically talks about converting GRC from a cost center to a profit driver.

About the Speaker:

Girish Redekar is the co-founder and CEO of Sprinto, a GRC automation platform. He is an ardent technologist, and has been in the B2B SaaS space for over a decade. He bootstrapped his previous startup, Recruiterbox, to 2500+ customers, before co-founding Sprinto. Girish and his team at Sprinto are on a mission to help companies establish trust with external stakeholders. Sprinto is a series-B funded cybersecurity platform that helps businesses with continuous monitoring and automation for compliance and risk.