AppSec for CISOs

It seems AppSec is a growing area for a lot of CISOs - you have secured the outside, you know where the traffic is going. You have a handle on data use and storage. But what are your apps doing?


The aim of this Working Session is to examine AppSec from the vantage point of the CISO, focusing on the following questions:

  • What should you know?
  • What is coming down the line?
  • What is there already?
  • How to shape this, guide this, and ensure there are no nasty surprises?


  • What to beware of
  • How to build teams and policies
  • What frameworks to look out for
  • Technologies
  • Hints and tips


This Working Session will result in a set of guidelines CISOs need to follow in order to know on which application security domains to invest so their business can deliver on its missions.


The target audience for this Working Session is:

  • CISOs
  • Tech Leads
  • Architects

Working materials

Here are the current ‘work in progress’ materials for this session (please add as much information as possible before the sessions)


Back to list of all Working Sessions and Tracks

Edit this page here