Join us for a live webcast with industry experts to learn how newly proposed cybersecurity regulations will impact you. Register Now

What Bad Could Happen? Managing Application Risk with Threat Modeling

Date:
On-Demand Webcast
Location:
ON24
Bishop Fox on-demand webcast on Threat Modeling in DevSecOps presented by security experts Tom Eston and Chris Bush

Are you sacrificing security for speed?

Applications remain the lifeblood of business operations. Driven by customer demand and a never-ending thirst for competition-crushing innovation, development teams are moving faster than ever before. And it is paying off financially — but often at significant risk, as foundational security practices are sacrificed for development speed.

Shockingly, only 14% of organizations have implemented security throughout their development lifecycle, putting application security on a collision course with potential disaster. It’s no wonder that more than 40% of all security breaches can be traced back to exploited applications. But what if security could become an integral framework within the development process without slowing it down?

In this fireside chat, Tom and Chris will discuss how to:

  • Capture, organize, and analyze the information that affects application security.
  • Prioritize security improvements throughout the development lifecycle.
  • Identify threats and define countermeasures
  • Influence design changes, updates, and sprints before deployments.
  • Create a clear “line of sight” that defines security efforts.
  • Produce an assurance argument that explains and defends application
    security.
Chris bush

About the speaker, Chris Bush

Bishop Fox Alumnus

Chris Bush is a Bishop Fox alumnus. He was a managing security consultant at Bishop Fox. He has extensive experience in IT and information security consulting and solutions delivery, providing expertise in application security, including the performance of security assessments, security code reviews and penetration testing of client applications as well as development of security testing processes and methodologies.

Having been a contributing member of the information security community for many years, Chris has served as a volunteer for OWASP as a Technical Project Advisor, as an officer of the (ISC)2 Cleveland Chapter and has spoken at a variety of regional and national security conferences and user group meetings on subjects including secure coding, threat modeling, and other topics in software security. At Bishop Fox, Chris has been instrumental in creating application security thought leadership. He has authored blog posts on threat modeling in DevSecOps as well as the importance of secure code review in DevSecOps. Additionally, he has co-hosted webcasts focused on application security.

Chris is a Certified Information Systems Security Professional (CISSP) and holds a Bachelor of Science in Computer Science from the State University of New York at Buffalo and a Master of Science in Computer Science from the State University of New York at Binghamton.
More by Chris
Tom Eston

About the speaker, Tom Eston

AVP of Consulting at Bishop Fox

Tom Eston is the AVP of Consulting at Bishop Fox. Tom's work over his 15 years in cybersecurity has focused on application, network, and red team penetration testing as well as security and privacy advocacy. He has led multiple projects in the cybersecurity community, improved industry standard testing methodologies and is an experienced manager and leader. He is also the founder and co-host of the podcast The Shared Security Show; and a frequent speaker at user groups and international cybersecurity conferences including Black Hat, DEF CON, DerbyCon, SANS, InfoSec World, OWASP AppSec, and ShmooCon.
More by Tom

Related Events

Extend your knowledge with these related events and webcasts.

Bishop Fox DevSecOps Webcast hosted by Tom Eston, AVP of Consulting Services at Bishop Fox
Webcast

How to Build a DevSecOps Program that Works for Developers AND Security

On-demand webcast explores how the right DevSecOps strategy empowers both your security and development teams.
DevSecOps and Application Penetration Testing: Defying the Myth.
Webcast

DevSecOps and Application Penetration Testing: Defying the Myth

On-demand webcast dives into the role of application penetration testing in today’s software development lifecycle (SDLC).
Bishop Fox Webcast Cracking the code with Secure Code Review hosted by Chris Bush
Webcast

Cracking the Code: Secure Code Review in DevSecOps

On-demand webcast offers an in-depth look at how DevOps can integrate both automated and manual code review into the software development lifecycle.

Ready to get started? We can help.

Contact Us

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.