AppSec/API Security

Protecting applications and APIs at scale.

125 sessions

Sessions in AppSec/API Security

Back to all topics

Zero Trust for Agentic AI: Managing Non‑Human Identities at Scale

The Context Engine: Why Consolidation is the Natural Future of AppSec

Operationalizing Risk-Based Vulnerability Management

From DevOps to AI-Powered DevSecOps: Building the Modern Platform Engineering Stack

Closing the Cloud Security Gap With Runtime Protection

Cloud Security Maturity Best Practices for 2026

Why Traditional Security Fails the FinServ Speed Test

The Prescriptive Path to AI Security: From Chaos to Scalable Governance

Agentic AI vs. Identity’s Last Mile Problem

From Click to Compromise: Stopping Business Email Compromise at the Human and Identity Layer

Autonomous IT: Transforming Operations and Security in Real Time with AI

The Brass Ring of AppSec: Is AI Finally Making DAST to SAST Correlation Possible?

Governance, Security, and Compliance in Agentic Solutions – Building Trust in AI-Powered Automation: Governance and Compliance with Power Platform

State of Cloud Security: The Speed of AI, The Consolidation of Defense, and The Future of the SOC

From “Noise” to Nuke: How to Hunt, Track, and Trash Ransomware Attackers Early

The Next Evolution of Application Security: AI-Accelerated DevSecOps

Zero Trust for Autonomous Agents: Extending Identity-First Access Control

Doubling Down on Security: JFrog and GitHub Deliver Unified Code and Binary Advanced Security

Aqua Security Resources

How Can Security Move Faster Than Vulnerabilities?

Accelerate & Secure: Optimizing Your Software Supply Chain with DevSecOps

DevSecOps: Cracking the Code – LLM Poisoning: The Research, The Results

Securing the Cloud: Cybersecurity in AWS

Securing Vibe Coding: Addressing the Security Challenges of AI-Generated Code

Software Safety and Security in the AI-Driven Era

DevSecOps: Cracking the Code – The Agentic AI Imperative for Cloud-Native AppSec

AI Is Writing the Code – Can Security Keep Up?

Strengthen AWS Infrastructure Security with Sentinel in Terraform

Where AI Security Really Happens: Inside the Container

How to Spot and Stop Security Risks From Unmanaged AI Tools

Ensuring Kubernetes Application Resiliency, Security, and Compliance with AWS and Across Your Landscape

Maximize Efficiency & Security for Kubernetes with SUSE Rancher Prime & Amazon EKS

Software Supply Chain Security: Navigating NIST, CRA, and FDA Regulations

Developer-First Security: How to Automate Security Tests with GitHub, GitLab, and more

Is DevEx the Same as DevSecOps?

Empowering Developer Innovation: Balancing Speed, Security, and Scale

AI Red Teaming and the Future of LLM Security

Optimizing Hybrid Cloud Resiliency and Security

The 2025 Guide to Open Source Security and Risk

Modernizing Security for Kubernetes: Why Legacy Approaches No Longer Apply

From Silos to Synergy: Aligning DevOps and Security Mindsets

Full Content Inspection: The New Standard for Network Security

DevSecOps “Friends”, Webinar Series: The one where DevSecOps meets business

The Top 5 Principles for Successful Cloud Security

Beyond the Firewall: Ensuring OT App Security

NIST Cybersecurity Framework v2.0 Explained

AI and Machine Learning in Security

Master Kubernetes: Achieve runtime visibility, security, and compliance across your stack

DevSecOps “Friends”, Webinar Series: The one where automation gets ship done

Rethinking AppSec: Getting to the Root Cause of Your Business-Critical Vulnerabilities

AI’s Rise in Development: What BSIMM15 Teaches About Security

DevSecOps “Friends”, Webinar Series: The One with the Governance Glow-Up

Accelerating App Modernization: Balancing Agility, Innovation, and Security

Scaling application security for Generative AI with Snyk and Deloitte

Security Considerations in the Time of AI: Perspectives from a Builder, a Buyer, and a Founder

DevSecOps “Friends”, Webinar Series: The One with Platform Engineering (and the Happy Developers)

Mastering DevSecOps in 2024: Insights on AI-Driven Security

AppSec/API Security

Staying Ahead: Top Internet Trends Shaping Networking and Security

Security’s Confidentiality, Integrity and Availability (CIA) Triad – Outdated or Still Relevant?

End-to-End DevSecOps: Integrating JFrog and AWS for a Secure Pipeline

AI as Your Cybersecurity Co-Pilot: Outsmarting Real-World Threats in the Cloud

Strengthening Your Organization’s Security Lifecycle Management

The Last Great Cloud Transformation: Mastering Security for Your Hybrid Workforce

Creating a Security Culture: Scaling Your Security Team Outside of Your Security Team

The Transformations Needed to Scale DevSecOps

AppSec for the Win: Proven Best Practices that Work

The API Gateway Advantage: Streamlining Security, Performance, and Scalability

The Last Great Cloud Transformation — Strengthening Security Through Consolidation

Unified Security: Connecting Executives and Engineers in Cloud DevSecOps

Case of the Common Vulnerability? Secure Guardrails Can Help!

Ensuring the AppSec and API Security Strategy Meets the Moment

Empowering Security Champions: Optimizing for Security Excellence

The Radical Future of Application and API Security Testing

DevSecOps

Addressing the Security Challenges of Operational Technology

Implementing Security Best Practices for Serverless Applications

Strategies for Success: Developing a Comprehensive Cloud Vulnerability Management Program

Proactive Container Security: Prioritizing Vulnerabilities with Reachability

On the Brink: Why AppSec Leaders are Burning Out (and How to Stop It)

Cloud and Generative AI Implications on DevSecOps

Got DevOps? Mastering Observability Across Development, Testing and Security

Mastering AI Security Posture Management for Cloud Security Professionals

How Are You Protecting Your Company from API Security Breaches?

Don’t Expect Developers to be Security Experts!

Securing Modern Application Development: The CISOs’ and Security Team’s Perspective

The 2024 Guide to Open Source Security and Risk

Government Takedown of Ransomware Rings – What CISOs Need To Know

Unlocking the Power of Enterprise Security Data

Shifting Left to DevSecOps With NGINX

How Combining SAST and SCA Strengthens Security

Transformative Benefits of Automated Dependency Updates for Your Applications

How to Bring DevSecOps to V-Shaped Development

Building Resilient Organizations Around IT and Cybersecurity

How to Apply DevSecOps Practices in the Multi-Cloud Era

CI/CD Security Anti-Patterns and Antidotes

Unraveling Threats in the Cloud: Leveraging Telemetry for Effective Detection in Google Cloud Platform

Best DevSecOps Practices for Maintaining Cloud Security

Protecting Your Software Supply Chain From Code to Cloud on AWS

Beyond the SBOM: Understand and Mitigate Your Attack Surface

Secure CI/CD Software Delivery Without Sacrificing Speed and Convenience

Cloud Security – DevSecOps (APAC)

AppSec 101: Complete Application Security Across the SDLC

How to Shift Left the Right Way

Building Trust in Digital Identity Verifications: Account Enrollment and Beyond

Operationalizing DevSecOps

Identity and Access Management

Harnessing Next-Gen Identity Security Solutions for Today’s Threat Landscape

Two Birds, One Stone: Shrinking Security Debt and Attack Surfaces

CISO Panel: Tips for Optimizing a Cloud-Native Security Stack in 2023

From Vulnerable to Invincible: The Five-Step Journey to Complete Cloud Security

Where Will DevSecOps ‘Shift’ Next?

Left, Right and In Between: Thinking API Security

Application Security

Secrets Management and DevSecOps: An Enterprise Maturity Model

Identity Zero-Trust: From Vision to Practical Implementation

Implementing Identity Access Prioritization and Risk-Based Alerting for High-Fidelity Alerts

API Security

How to Shift Security Left: Best Practices From a Fortune 500 DevSecOps Leader

Finding the Ransomware Threat INSIDE Your Backups

Defending Against Emerging Ransomware Threats

Ransomware Investigation: The Complete Demo

Improving AppSec With Application Security Posture Management

How Secure Backups and Analytics Can Help You Recover From Ransomware in Hours

Hackers’ Rights

A Discussion of Automated Infrastructure Security with a Practical Example