Introduction
Security in the modern world is a complicated subject. It has many facets and is visible to people in myriad of ways. One of the biggest challenges anyone interested in security faces is how to get started and how is something relevant for their use case. To tackle this prickly problem, we are creating a physical space for undertaking a security journey. This journey is relevant for many different types of people with varying experience levels and expectations. As with any journey there is a starting point and many pit stops on the way. Based on your time, interest and availability you may want to stop at every pit stop or you may want to choose where to stop. Don’t worry friendly faces will guide you along the way.
Who should attend?
You should attend if you’re:
- interested in security, but not sure how to start.
- tasked with or responsible for security in your company and want to understand the landscape by interacting with people who do this daily for global clients.
Pitstops
At Appsecco we pride ourselves in being extremely pragmatic about explaining security and helping people understand the hard to understand industry lingo as well. Based on working with companies, teams and individuals all over the world we have come up with the following pit stops to cover at Rootconf 2018.
| Pitstop | Description |
|---|---|
| Application Security | Security of websites, web and mobile applications etc. |
| Network Security | Security of networks, subnets, services and ports exposed etc. |
| Threat modelling | How to identify possible threats to a system and to mitigate those threats |
| Security Architecture | How various parts of a system interact with each other securely and what are the design decisions that go into choosing security controls as part of the overall architecture |
| Governance, risk and compliance | How an entire organization’s security strategy is managed for governance, risk and legal requirements. |
Agenda
Each pitstop will cover the following:
- Introduction to the pitstop topic
- Chance to play around with tools that attackers and security professionals daily
- Resources about Open Source tools which you can download and try on your own
- Awareness about practice labs so that you can practice things safely in a legal mannger
- Answers to questions you may have on the topic
- Guidance, next steps and loads of information
User Mapping
Different people are at different levels in their security journey. The best person to answer the question which map is appropriate for you is you. Choose the one of the three listed here to get going.
| Roles & Responsibilities | Benefits | Recommended pitstops |
|---|---|---|
| New to security | As a beginner, get started here | - Application Security - Network security |
| Security Execution in a technical role | You already understand parts of the challenge, now get a structure | - Application Security - Network security - Threat modelling - Security Architecture reviews |
| Security project management | Your job is tough but these pit stops will give you the common language to manage | - Threat modelling - Security Architecture reviews - Governance, Risk and Compliance |
Sign up!
Note: You will need to purchase a ticket which gives you access to the conference. The security clinic is included in the ticket bundles.
