Loading Events
ISSA International Series

DevOps/AppSec, The State of the World

Home » Events » DevOps/AppSec, The State of the World

  • This event has passed so registration is closed.


Interested in getting your message in front of a targeted audience? Click on the link to explore sponsorship opportunities.


Presentation Slides

Download the Presentation Slides

Date and Time

February 26, 2019 @ 11:00 am - 1:00 pm EST

Event Category

Web Conference

Event Type

ISSA International Series

Event Tags

Application Security, DevOps, Vulnerabilities


Candice Benson


Lisa O'Connell


Over the past few years, the focus has shifted from ‘does the code have vulnerabilities?' to issues of ‘could the code have vulnerabilities?' Of course, the later created the question – How would we know? Now, just when we thought we understood things, we realize that we are changing again. Not only is the code and its components are important, but so is the question of the development environment. This webinar will go over the state, changes, and new directions we are being faced with.


James R. McQuiggan – Security Awareness Advocate, KnowBe4

James is a Security Awareness Advocate for the KnowBe4 Company responsible for amplifying the KnowBe4 messaging related to the importance of, effectiveness of, and the need for new-school security awareness training within organizations through social media, webinars, in-person presentations, industry trade shows and traditional media outlets.

Prior to joining KnowBe4, James worked for Siemens for eighteen years where he was responsible for various roles over that time. James was the Product & Solution Security Officer Siemens Gamesa Renewable Energy. He consulted and supported various corporate divisions on cybersecurity standards, information security awareness and securing product networks. In addition to his work at Siemens, James is also a part time faculty professor at Valencia College in the Engineering, Computer Programming & Technology Division.

See James R. McQuiggan‘s full profile.


Derek Weeks – Vice President, Sonatype

Derek E. Weeks is the world's foremost researcher on the topic of DevSecOps and securing software supply chains. For the past five years, he has championed the research of the annual State of the Software Supply Chain Report and the DevSecOps Community Survey. Derek is a huge advocate of applying proven supply chain management principles into DevOps practices to improve efficiencies and sustain long-lasting competitive advantages. He is a frequent keynote speaker and industry panelist at conferences like the RSA Conference, Bosch IoT Summit, Red Hat Government Summit, Carnegie Mellon's SEI Software Supply Chain Summit, and numerous DevOps Days events. He currently serves as vice president and DevOps advocate at Sonatype, creators of the Nexus repository manager and the global leader in solutions for software supply chain automation. Derek is also the co-founder of All Day DevOps, an online community of 65,000 IT professionals. In 2018, Derek was recognized by DevOps.com as the “Best DevOps Evangelist” for his work in the community.

See Derek Weeks‘s full profile.

Matthew Small – Head of Solutions Architecture, Bitnami

Matthew Small leads Solution Architecture for Bitnami. He is passionate about the cultural values and technology that enables teams to operate successfully in a cloud-native paradigm. To that end, he works with their hyperscale cloud provider partners as well as enterprise customers to leverage and integrate Bitnami's DevSecOps products and certified Open Source Software. Prior to joining Bitnami, Matthew spent 10 years at RightScale, a pioneer in multi-cloud and hybrid-cloud management and thought leader in cloud best practices. He has his head stuck in the clouds.

See Matthew Small‘s full profile.

James Rabon – Sr. Product Manager (SSC & Tools), Fortify

Jimmy Rabon serves as a senior product manager for Fortify products at Micro Focus. In this role, he is responsible for defining the strategy, roadmap, and features for Fortify Software Security Center, Tools, and the Fortify ecosystem with the goal of making software more secure.

Jimmy Rabon began his career as an application developer for the Computer Sciences Corporation developing in a variety of programming languages and frameworks before deciding to specialize in application security, joining Fortify software.

An 8-year veteran of the application security industry, Jimmy began his career in this field by serving as a software security consultant for Fortify software. He has performed countless security audits (static and dynamic) of applications with a very large range of programming languages and technology stacks for both commercial and government enterprises. He has helped customers worldwide to understand and prioritize their security risks and provided the expertise necessary to build world class software assurance programs.

Having worked as a software engineer for many years prior to specializing in application security, he understands the unique challenges that developers face when attempting to deliver secure code and can help deliver the effective technology and processes that enable effective application security at scale and speed.

He held positions at Fortify of Software Security Consultant, Managing Consultant, Fortify Technical Director, and Fortify Services Director. He led a team of highly skilled application security consultants as the head of HPE Fortify professional services.

Jimmy earned a bachelor’s degree in Management of Information Systems from Auburn University and is a Certified Secure Software Lifecycle Professional.

See James Rabon‘s full profile.

Bjoern Zinnsmeister – CEO and co-founder, Templarbit

Bjoern is the CEO and co-founder of Templarbit, a security company that helps businesses collect and use security intelligence to mitigate risk on web apps and APIs. Templarbit was part of Y Combinator’s summer 2017 batch. Prior to Templarbit Bjoern lead engineering at Synack, where he helped protect the Pentagon, DoD, IRS and Fortune 100 clients from security breaches.

See Bjoern Zinnsmeister‘s full profile.

ISSA Webinars and Conference series cover all the continuing education credits to maintain your cyber security certifications. (CPEs, CEUs, ECE, etc). Each hour is equal to one continuing education credit. Certificates of completion are available upon request after completion. For instructions, click here.

Scroll to Top