Meet the Experts - tools, tips and tactics from technical experts who are working to align software, security and operations resources so organizations can innovate faster with less risk.

Register for All Sessions - you don’t want to miss out on the variety of topics, customer case studies, and product sneak-peeks!

Click any event listing to view its details.

Can't attend live? No worries, be sure to register and we’ll send you a recording.

Interested in speaking? Submit a proposal to present at a future TechTalk here.

View past TechTalk recordings here.

October 8 | 11-11:30 AM ET - Identifying Mobile App Risk with Progressive Testing through PTaaS

As mobile apps become even more critical to businesses, organizations must build a Mobile App Risk Management program to identify risks to protect their businesses. Progressive Testing through Pen Testing as a Service (PTaaS) is a critical component of a scalable and comprehensive approach to protecting the mobile landscape.

In this TechTalk, Michael Krueger, a seasoned mobile security expert and Senior Director Application of Security Services at NowSecure, will explore how to create risk tiers and effectively test against them, meeting even the most complex and stringent security requirements. He will explore how PTaaS can scale to meet the speed and depth of testing required to identify business risks in mobile apps while encouraging productivity and remediation and how PTaaS empowers organizations to stay ahead of emerging threats while maintaining compliance with industry standards. Attendees will learn how to leverage PTaaS to enhance mobile app security and reduce risk effectively.

kruegerheadshot.jpg
Michael Krueger
Senior Director Application,
Security Services
NowSecure

Brendan Hann.png
Brendan Hann
Senior Product Marketing Manager
NowSecure

September 10 | 11-11:30 AM ET - Leveling the Playing Field: Apple and Android Security in the Wake of the DMA

iOS has often been seen as more secure than Android, mainly because it maintains such a tight grip on its ecosystem. But now, a wave of regulation from the EU to the US to Japan is forcing Apple to allow “sideloading”, which opens up a new front in the security fight.

In this talk, Benjamin Adolphi, the head of security research at Promon, will discuss the potential impact of the sideloading changes on iOS security and how the platform's security landscape compares to that of the Android platform. These changes may enable "repackaging attacks," which have been common on the Android platform for quite some time. To address this, Promon has conducted a research project to assess the current level of protection against these attacks for popular global applications on both Android and iOS.

Benjamin A - Promon.jpg
Benjamin Adolphi
Head of Security Research
Promon

Brendan Hann.png
Brendan Hann
Senior Product Marketing Manager
NowSecure

August 27 | 11-11:30 AM ET - Securing Your Mobile App Ecosystem - Most Common Mobile App Risks

In this TechTalk, Andrew Hoog, developer, cybersecurity expert and co-founder of NowSecure with over a decade of experience in mobile security and forensics, will jump into the most common risks NowSecure identifies in assessments of publicly available app store apps. You’ll learn:

  • What risks are most pervasive in mobile apps
  • What business impact organizations can expect
  • How security teams can test for these issues
  • Best practices to secure the Software Supply Chain
  • How to run a Third-Party Risk Management program at scale for mobile apps
  • How NowSecure Mobile App Risk Intelligence can help orchestrate risk reduction
And more!

andrew_hoog.png
Andrew Hoog
Co-founder
NowSecure

Brendan Hann.png
Brendan Hann
Senior Product Marketing Manager
NowSecure

July 23 | 11-11:30 AM ET - Beating the r2 Learning Curve

In this Tech Talk, Sergi Àlvarez, Senior Mobile Security Research Engineer at NowSecure and the creator of Radare will dive into the tool . This session will cover:

  • What Radare is and what can it do for you
  • Basic introduction and the essential commands
  • Benefits of extending the tool with plugins and scripts
  • Practical use case extracting passwords from a Swift app in static
  • And more to come!

sergi-alvarez-150x150.jpg
Sergi "Pancake" Àlvarez
Senior Mobile Security Research Engineer
NowSecure

Brendan Hann.png
Brendan Hann
Senior Product Marketing Manager
NowSecure

June 11 | 11-11:30 AM ET - Analyzing Device Security With the OWASP IoT Security Testing Guide

The Internet of Things (IoT) has revolutionized the way we interact with our environments, connecting billions of devices to enhance efficiency, convenience, and automation in various sectors such as healthcare, transportation, and smart homes. However, the proliferation of interconnected devices also introduces significant security challenges. IoT devices, often designed with limited computing resources, may lack robust security features, making them vulnerable to cyber-attacks. As IoT continues to expand, discovering and addressing its security vulnerabilities becomes paramount to safeguarding personal privacy and ensuring the resilience of interconnected infrastructures.

In this Tech Talk, Aaron Guzman and Luca Pascal Rotsch will present their OWASP IoT Security Testing Guide (ISTG) project. Version 1.0.0 of this guide was published on March 1, providing a comprehensive methodology for penetration testing in the IoT field. While the guide is mainly intended to be used by penetration testers, the resources it provides may also help manufacturers and operators of IoT devices to proactively improve the security of their devices. The project leaders will introduce and demonstrate current capabilities of the guide as well as share insights into what is planned.

aaron-guzman.jpg
Aaron Guzman
Project Leader
Cisco Meraki

luca-pascal-rotsch.jpeg
Luca Pascal Rotsch
Senior Consultant
BDO Cyber Security GmbH

April 16 | 11-11:30 AM ET - Navigating the Pitfalls of AI-Generated Code: Security Best Practices

AI-powered code generation tools like ChatGPT and GitHub Copilot have taken the development world by storm, promising increased efficiency and productivity. However, the security implications of AI-generated code cannot be overlooked. In this session, Jason Michael Perry, CTO of Mindgrub, will guide you through best practices and precautions when utilizing these powerful tools to ensure the security and reliability of your codebase.

Key topics covered in this session include:
  • An overview of popular AI code generation tools, highlighting their strengths and weaknesses
  • Common security pitfalls and mistakes to watch out for in AI-generated code
  • Techniques for crafting effective prompts that encourage the generation of secure and well-structured code
  • Strategies for implementing robust validation and testing procedures to catch potential vulnerabilities
  • The importance of code reviews and leveraging AI for objective code analysis and peer review
This session is valuable for both novice and seasoned developers alike. Attendees will learn how to strike a balance between the benefits of AI-assisted development and the need for human oversight, equipping them with the knowledge and tools necessary to navigate the exciting world of AI-driven code generation safely and effectively. Don't miss this opportunity to future-proof your development practices, harness the power of AI while maintaining the integrity and security of your codebase, and stay ahead of the curve in an increasingly AI-centric landscape.

3JasonMPerry.jpg
Jason Michael Perry
CTO
Mindgrub

Brendan Hann.png
Brendan Hann
Senior Product Marketing Manager
NowSecure

March 26 | 11-11:30 AM ET - Navigating Mobile AppSec Challenges with People and Automation

Join Michael Krueger, Senior Director Application Security Services at NowSecure, as we delve into the most pressing challenges faced by customers in their Mobile AppSec programs. From balancing coverage and speed to validating findings from automated tools, our experts will provide practical solutions to help you navigate through the complexities of mobile application security such as:

  • How to achieve comprehensive coverage while leveraging automation
  • Tailoring manual and automated testing to business risks
  • Ensure coverage for complex workflows with Guided Testing
  • Upskilling web-centric teams into proficient mobile app pen testers

kruegerheadshot.jpg
Michael Krueger
Senior Director
Application Security Services
NowSecure

Brendan Hann.png
Brendan Hann
Senior Product Marketing Manager
NowSecure


February 27 | 11-11:30 AM ET - OWASP MAS Updates

The OWASP MASVS and OWASP MASTG are industry leading standards that top mobile app security and development professionals rely on to ensure their apps are secured. How is the MAS Project continuing to evolve, and what does that mean for your mobile appsec programs?

Join February’s TechTalk, where Carlos Holguera, OWASP Mobile Application Security (MAS) Project Lead, will give insights on updates and changes to the OWASP Mobile Application Verification Standard (MASVS) in Version 2.1.0. Learn about the new risk scoring proposal, the new MASVS-PRIVACY category and controls, upcoming MASTG risks and atomic tests, Mobile Application Security Testing Guide (MASTG) new refactoring and mobile app security best practices as a whole.

Carlos Holguera.png
Carlos Holguera
Project Leader
OWASP MSTG and MASVS

Brendan Hann.png
Brendan Hann
Senior Product Marketing Manager
NowSecure

Lorem ipsum dolor sit amet
Ut enim ad minim veniam,

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.


FirstName LastName
Title
Company


FirstName LastName
Title
Company

Register Here

 
-->