ISSA International Series: DevOps/AppSec, The State of the World

Recorded (2 Hour Event) on Tuesday, February 26, 2019

Click here to view the recording.
Click here for the presentation.

Overview:

Moderator:

James R. McQuiggan, Product & Solutions Security Officer, Service Americas Division, Siemens Gamesa Renewable Energy

James R. McQuiggan, CISSP is the Product & Solutions Security Officer of the Service Americas division at Siemens Gamesa Renewable Energy. He is responsible for developing the strategy and policies for securing the SCADA products deployed to America’s customers. With over 17 years at Siemens, James has consulted and supported various corporate divisions on cybersecurity standards, information security awareness and securing their networks.
James is an ISSA member and the Past President of the Central Florida chapter from 2012 to 2016. He supported the ISSA International Conference as the Content Committee Chair from 2014 to 2017. He is a member of the Central Florida chapters of ISACA, Infragard and (ISC)2. Within (ISC)2, he is a member of the Advisory Council of North America and is the (ISC)2 Central Florida chapter President. James is the recipient of the 2016 (ISC)2 President’s Award and in 2017 he was awarded the first ever Julie Peeler Franz “Do it for the Children Award” as Volunteer of the Year for his work with the Safe & Secure Online Education program, that provides resources to help children, parents, educators and senior citizens stay safe online.
Most importantly, James is the father of two teenage daughters and continues to make sure they are safe and secure online while using their smartphones and social media.

Speakers:

Derek Weeks, Vice President, Sonatype

Derek E. Weeks is the world's foremost researcher on the topic of DevSecOps and securing software supply chains. For the past five years, he has championed the research of the annual State of the Software Supply Chain Report and the DevSecOps Community Survey. Derek is a huge advocate of applying proven supply chain management principles into DevOps practices to improve efficiencies and sustain long-lasting competitive advantages. He is a frequent keynote speaker and industry panelist at conferences like the RSA Conference, Bosch IoT Summit, Red Hat Government Summit, Carnegie Mellon's SEI Software Supply Chain Summit, and numerous DevOps Days events. He currently serves as vice president and DevOps advocate at Sonatype, creators of the Nexus repository manager and the global leader in solutions for software supply chain automation. Derek is also the co-founder of All Day DevOps, an online community of 65,000 IT professionals. In 2018, Derek was recognized by DevOps.com as the "Best DevOps Evangelist" for his work in the community.

Matthew Small, Head of Solutions Architecture, Bitnami

Matthew Small leads Solution Architecture for Bitnami. He is passionate about the cultural values and technology that enables teams to operate successfully in a cloud-native paradigm. To that end, he works with their hyperscale cloud provider partners as well as enterprise customers to leverage and integrate Bitnami's DevSecOps products and certified Open Source Software. Prior to joining Bitnami, Matthew spent 10 years at RightScale, a pioneer in multi-cloud and hybrid-cloud management and thought leader in cloud best practices. He has his head stuck in the clouds.

James Rabon, Sr. Product Manager (SSC & Tools), Fortify

Jimmy Rabon serves as a senior product manager for Fortify products at Micro Focus. In this role, he is responsible for defining the strategy, roadmap, and features for Fortify Software Security Center, Tools, and the Fortify ecosystem with the goal of making software more secure.

Jimmy Rabon began his career as an application developer for the Computer Sciences Corporation developing in a variety of programming languages and frameworks before deciding to specialize in application security, joining Fortify software.

An 8-year veteran of the application security industry, Jimmy began his career in this field by serving as a software security consultant for Fortify software. He has performed countless security audits (static and dynamic) of applications with a very large range of programming languages and technology stacks for both commercial and government enterprises. He has helped customers worldwide to understand and prioritize their security risks and provided the expertise necessary to build world class software assurance programs.

Having worked as a software engineer for many years prior to specializing in application security, he understands the unique challenges that developers face when attempting to deliver secure code and can help deliver the effective technology and processes that enable effective application security at scale and speed.

He held positions at Fortify of Software Security Consultant, Managing Consultant, Fortify Technical Director, and Fortify Services Director. He led a team of highly skilled application security consultants as the head of HPE Fortify professional services.

Jimmy earned a bachelor’s degree in Management of Information Systems from Auburn University and is a Certified Secure Software Lifecycle Professional.

Bjoern Zinnsmeister, CEO and co-founder, Templarbit

Bjoern is the CEO and co-founder of Templarbit, a security company that helps businesses collect and use security intelligence to mitigate risk on web apps and APIs. Templarbit was part of Y Combinator’s summer 2017 batch. Prior to Templarbit Bjoern lead engineering at Synack, where he helped protect the Pentagon, DoD, IRS and Fortune 100 clients from security breaches.