2018 BASC Homepage

Welcome
This is the homepage for the 2018 Boston Application Security Conference (BASC). *Note that the conference will be free but training and workshops may incur a fee*. Conference will take place 8:30am to 6:30pm on Saturday, October 27th at
 * Location: 5 Wayside Road Burlington, MA

The BASC will be a free, one day, informal conference, aimed at increasing awareness and knowledge of application security in the greater Boston area. While many of the presentations will cover state-of-the-art application security concepts, the BASC is intended to appeal to a wide-array of attendees. Application security professionals, professional software developers, software quality engineers, computer science students, and security software vendors should be able to come to the BASC, learn, and hopefully enjoy themselves at the same time.

Keynotes
Secure By Design

Chris Wysopal, CA Veracode



As software becomes a bigger component of the value delivered by companies in every industry, it’s no exaggeration to say that every company is becoming a software company, that is competing with software. Companies are pushing the envelope on how to tool up their internal software factory to make software better, faster and more efficiently. By necessity, software is more often assembled than it is created from scratch, as developers are more frequently incorporating open source libraries to speed up time-to-market. But as open source libraries increase, so do the number of vulnerabilities, resulting in increased risk. In this keynote Chris Wysopal talks about what it means to build software secure by design. He will describe how to build a software development process that has continuous security, is measurable, and is transparent.

Chris Wysopal is Chief Technology Officer at CA Veracode. He oversees technology strategy and information security. Prior to co-founding CA Veracode in 2006 CA Veracode, Chris was vice president of research and development at security consultancy @stake, which was acquired by Symantec. In the 1990’s, Chris was one of the original vulnerability researchers at The L0pht, a hacker think tank, where he was one of the first to publicize the risks of insecure software. He has testified to the US Congress on the subjects of government security and how vulnerabilities are discovered in software. Chris received a BS in computer and systems engineering from Rensselaer Polytechnic Institute. He is the author of The Art of Software Security Testing. Chris is often called upon to download the latest Minecraft mods for his 6-year-old son. An avid photographer and nature-lover, Chris spends his free time hiking the many conservation trails near his home outside Boston.

Security at the Intersection of Software, Biology, and Science Fiction

Chris Poulin, BitSight Technologies



The Internet of Things has lured traditional developers into the realm of writing code for systems that interact with the physical world. The current wave of devices are largely consumer and industrial devices--things such as cars, thermostats, meters, and pumps--that have been connected to the internet. We've barely begun to understand the security ramifications of this pervasive network of sensors and actuators; what happens when we start connecting ourselves, humans, to the IoT?

Chris Poulin is a Principal Consulting Engineer at BitSight Technologies, guiding enterprises in assessing risk metrics and managing third party relationships. He’s been in cybersecurity for almost 35 years, in both technical roles as a developer for the DoD intelligence community, and executive positions, such as CSO for Q1 Labs and CEO of his own boutique consultancy. He’s spent time in both the startup community and at established companies, such as IBM and Booz Allen Hamilton. Chris brings this breadth of experience to customers, clients, and the stage.

Details

 * Presentations
 * LinkedIn Group
 * Twitter: Follow @BASConf @OWASPBoston HashTag: #basc2018
 * Sponsorship Kit

OWASP Boston Chapter
BASC is presented by the OWASP Boston chapter.