AppSec USA
This week, I will be attending AppSec USA in Denver with the rest of our Sonatype crew. While it will be my first time attending the event, I am really excited to be leading a panel discussion at the event this Thursday. If you will be at the event, please come by the session or the Sonatype booth (G10) and say hello.
So what’s the panel discussion about?
The Panel and The Survey
The Heartbleed Surprise
But the most interesting thing about this year’s survey was it happened to land right in the middle of the Heartbleed vulnerability being announced. About 1,800 people participated in the survey and 1,500 participated after the Heartbleed announcement. If you read the survey, you will find some really interesting results between the pre- and post-Heartbleed results -- revealing distinct changes in mindset.
The Experts
In addition to the panel discussion, Sonatype has a few additional sessions you won't want to miss:
Josh Corman, CTO: Not Go Quietly: Adaptive Strategies and Unlikely Teammates - This session will provide new approaches to finding financial and operational support for information security across the organization.
Ryan Berg, CSO: OWASP A9: A Year Later - Are you still using components with known vulnerabilities?
Making It Count
As a final note, while the stats of the survey are interesting, it is not the stats that count. It’s the conversations about the survey results that make the difference. I invite and encourage you to share the survey results with your peers and friends across development or in application security. Compare how your organization stands against your peers, discuss what findings you might prioritize for action within your organization or team, or find inspiration to add comments to this blog or create your own blog article about the results. Again, it is not the stats that count, it’s the action that you decide to take after seeing them.
