Veracode Experts to Speak at OWASP AppSec California Conference 2015

BURLINGTON, Mass. January 27, 2014 Veracode, a leader in protecting modern enterprises from today’s pervasive web and mobile application threats, today announced that Christien Rioux, Veracode’s co-founder and Chief Scientist, and Chris Eng, Veracode’s VP of Research, will be presenting at the annual OWASP AppSec California Conference in Santa Monica, CA.

AppSec California goes beyond “security for security’s sake,” bringing application security experts together to share new information that helps get the right work done faster, so organizations are better able to meet their goals.  AppSec California draws California’s prodigious information security and management talent as well as expertise from around the globe. This year’s keynote speakers include Alex Stamos, Vice President of Security at Yahoo, and Charlie Miller, Security Engineer at Twitter.  Other speakers include security researchers and practitioners from Google, Salesforce, LinkedIn, GitHub and Dropbox.

Christien Rioux and Chris Eng will be leading two separate sessions at the conference:

Session 1: “Unicodes Gone Wild”

  • Who: Christien Rioux, Co-Founder and Chief Scientist, Veracode
  • What:  Despite solving an important problem for the international community, for many years Unicode has been the bane of developers.  Proper handling of Unicode characters has led to numerous injection and filter bypass attacks, as well as buffer management problems.  This session will discuss the oddities of proper Unicode handling and reveal some common problems with handling Unicode in various operating systems, applications and frameworks.
  • When:  Tuesday, January 27th from 1:45-2:45pm PST

Session 2: “Scaling Security in Agile Scrum”

  • Who: Chris Eng, Vice-President of Research, Veracode
  • What:  Agile Scrum is here to stay, and security teams are finding themselves under-resourced and unprepared for the pace of modern software development.  In this session, Chris will discuss how Veracode has incorporated security into its own Agile development lifecycle that involves about ten Scrum teams working together to ship monthly releases for its cloud-based AppSec platform.  He’ll explain how Veracode has optimized the way its security research team interacts with its engineering teams and accommodates their processes, and how we’re organically “growing” more security experts within the organization.
  • When:  Wednesday, January 28th from 3:00-4:00pm PST

For more information about this event, visit: