The Crucial Need of getting it right: Core Software Security

Moderator: Dr. James Ransome

Dr. James Ransome is the Chief Scientist for CyberPhos, an early-stage cybersecurity startup. He is also a member of the board of directors for the Bay Area Chief Security Officer Council and serves as an adviser to ForAllSecure.

During the last few years, he has been in Chief Product Security Officer roles at Intel and McAfee, and prior to that, he served in three CISO and four CSO roles. Before entering the corporate world 24 years ago, he had 23 years of government supporting the U.S. intelligence community, federal law enforcement, and the Department of Defense.

He holds a Ph.D. in Information Systems specializing in Information Security, and is also the author of 12 cybersecurity books. He recently completed a new book titled Building In Security at Agile Speed which is scheduled to be out in April. He is also a Certified Information Security Manager (CISM), a Certified Information Systems Security Professional (CISSP), and a Ponemon Institute Distinguished Fellow.

Panelists:

Brook Schoenfield

Brook S.E. Schoenfield is the author of Secrets Of A Cyber Security Architect (Auerbach, 2019) and Securing Systems: Applied Security Architecture and Threat Models (CRC Press, 2015). Co-authored with James Ransome, they just completed Building In Security At Agile Speed (Auerbach, 2021). Brook helps clients with their software security and secure design practices. He mentors technical leaders to effectively deliver security strategy. He consults as a technical leader for IOActive Inc. and SEC Consult America’s holistic security architecture services. Previously, he led product security architecture at McAfee (Intel), Autodesk, Cisco Engineering, and Web and Application security for Cisco Infosec. He is a founding member of IEEE’s Center for Secure Design and is a featured Security Architect at the Bletchley Park Museum of Computing. He is the originator of Baseline Application Vulnerability Assessment (BAVA), Just Good Enough Risk Rating (JGERR), Architecture, Threats, Attack Surfaces and Mitigations (ATASM) and developer-centric security. He contributed to Core Software Security (CRC Press, 2014), and co-authored Avoiding the Top 10 Security Design Flaws (IEEE, 2014) and Tactical Threat Modeling (SAFECode, 2017).

Jim Manico

Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also the co-founder of the LocoMoco Security Conference and is a investor/advisor for BitDiscovery and Nucleus Security. Jim is a frequent speaker on secure software practices and is a member of the JavaOne rockstar speaker community. He is the author of Iron-Clad Java: Building Secure Web Applications from McGraw-Hill. For more information, visit http://www.linkedin.com/in/jmanico.

Anmol Misra

Anmol Misra is an accomplished leader and researcher with over 15 years of proven experience in delivering business-aligned, revenue-generating solutions for global cloud companies.

His software engineering, security, and consulting background makes him uniquely suited to helping companies innovate using disruptive technologies. He is a team builder focused on mentoring and nurturing high-potential leaders, fostering excellence, and building industry partnerships. He is passionate about enhancing customer trust by embracing Artificial Intelligence, Data Science, and Machine Learning. He is known for his pragmatic approach to security.

He is the co-author of two books: Android Security: Attacks and Defenses, Core Software Security: Security at the source. He is also a contributing author of Defending the Cloud: Waging Warfare in Cyberspace.