Application Security/Software Assurance


Education Level: Intermediate

4216 - Planes, Trains, and...Why Your Code Don't Cut It!

Monday, September 25
11:00 AM - 12:00 PM

As software is the backbone of what runs organizations, and is embedded in most devices procured, understanding supplier practices on securing what they produce is a necessary requirement in any supply chain relationship. This panel will discuss the best approach to understanding supplier secure development processes, how the lifecycle of the device is managed from a software perspective, and how vulnerabilities are handled and remediated in the field.

Learning Objectives:

John Martin

Program Manager, COTS Software Security

John Martin, CISSP, CISM, is Boeing’s program manager for commercial software security. His career spans the years between Blue-Box MF generators, through the era of automated hacks and into our modern age of industrialized paranoia. Unlike more statesman-like peers, he suffers the disadvantage of being alive. He is, unfortunately, a frequent speaker on the topic of commercial software security. In his spare time, he designs specialized NSA-proof tin-foil hats designed to keep the implant signals in. John was named by SANS as one of the 10 Difference Makers in Security for 2016.


Send Email for John Martin

Chris Wysopal


Chris Wysopal is co-founder and chief technology officer at Veracode. He oversees technology strategy and information security. Prior to Veracode, Chris was vice president of research and development at security consultancy @stake, which was acquired by Symantec.

In the 1990s, Chris was one of the original vulnerability researchers at The L0pht, a hacker think tank, where he was one of the first to publicize the risks of insecure software. He has testified to the U.S. Congress on the subjects of government security and how vulnerabilities are discovered in software.
Chris received a B.S .in computer and systems engineering from Rensselaer Polytechnic Institute. He is the author of The Art of Software Security Testing.


Send Email for Chris Wysopal

Steven B. Lipner

Executive Director

Steven B. Lipner, CISSP, is the executive director of SAFECode. Steve is a computer security pioneer with more than 40 years of experience as a researcher, development manager and general manager in IT security. In 2015, he retired from Microsoft ,where he was the creator and long-time leader of Microsoft’s Security Development Lifecycle (SDL) team. While at Microsoft, Steve also created initiatives to encourage industry adoption of secure development practices and the SDL, and served as a member and chair of the SAFECode board. Throughout his career, Steve has been a contributor to government and industry efforts to improve cybersecurity. He was one of the founding members of the U.S. Government Information Security and Privacy Advisory Board—serving two terms (a total of more than ten years).

Steve has been a member of nine National Research Council committees and is named as co-inventor on 12 U.S. patents. He was elected to the ISSA Hall of Fame in 2010 and to the National Cybersecurity Hall of Fame in 2015. In 2017, Steve was elected a member of the National Academy of Engineering for developing and deploying practical methods for engineering secure software and computer systems.


Send Email for Steven Lipner

Illena Armstrong

SC Magazine

Illena Armstrong is VP, Editorial at SC Media, the leading business media brand for the information security industry. She spearheads and manages all editorial strategy and content development for SC US and UK, as well as plays a key leadership role in driving the brand's overall business and commercial development. She does this by working with a team of indefatigable colleagues and her dedicated staff in offices across NY, Washington, Michigan and the UK.


Send Email for Illena Armstrong


4216 - Planes, Trains, and...Why Your Code Don't Cut It!

MP3 Audio Slides Video

Attendees who have favorited this

Please enter your access key

The asset you are trying to access is locked. Please enter your access key to unlock.

Send Email for Planes, Trains, and...Why Your Code Don't Cut It!