John Nye
Managing Security Architect, @stake, Inc.
Digital security is an ever-evolving field sewn by the constant emergence of new technologies and cultivated by the race between attack and defense. This talk will discuss the shifting focus of the security sector as network based defense techniques become ubiquitous and application security emerges as the new frontier. Aggregate findings from several dozen @stake application security assessments will be used to explore the impact of common application vulnerabilities as well as the challenges faced by developers and administrators alike. Finally, a look at risk management requirements and return on investment measurements will be used to present these security efforts from a business point of view.
For background on @stake's application security findings, please refer to "The Security of Applications: Not All Are Created Equal" by Andrew Jaquith.