Sponsored By Security Boulevard

September 23, 2019


Application security is an effective tool for defending against attacks. But as IT infrastructures shift to “software-defined everything” and move to the cloud, traditional appsec models no longer are enough to protect the application.

This webinar takes a look at how companies are addressing new models to address more dispersed and dynamically connected applications, from traditional web and mobile APIs to containers and microservices.

Tom Eston - Speaker Headshota-1

Tom Eston, Sr. Manager, Penetration Testing, Veracode

Tom Eston is the Senior Manager of Penetration Testing at Veracode. Tom's work over his 14 years in cybersecurity has focused on network, red team, application penetration testing, as well as security and privacy research. He has led multiple projects in the cybersecurity community, improved industry standard testing methodologies, and is an experienced team manager and leader. He is also the founder and co-host of the weekly Shared Security Podcast; and a frequent speaker at security user groups and international cybersecurity conferences including Black Hat, DEF CON, DerbyCon, SANS, InfoSec World, OWASP AppSec, and ShmooCon.


Jeffrey Martin, Director of Product, WhiteSource

Jeff has spent the last 15 years in Product roles helping both the organizations he worked for and their customers transform and measure their business processes, Development, and QA. He especially enjoys cultural and mindset transformations for their ability to create lasting progress.  

John Steven Headshot

John Steven, CTO, ZeroNorth

For the two decades prior to his role as CTO at ZeroNorth, John led technical direction at Cigital, where he rose to the position of co-CTO.

He founded spin-off Codiscope as CTO in 2015. When both firms were acquired by Synopsys in 2016, John transitioned to the role of Senior Director of Security Technology and Applied Research. His expertise runs the gamut of software security—from threat modeling and architectural risk analysis to static analysis and security testing. John is keenly interested in using orchestration and automation to provide security governance at the cadence of modern development. As a trusted adviser to security executives, he uses his unparalleled experience with a broad range of security tools to build and mature security programs. He has served as co-editor of the Building Security In department of IEEE Security & Privacy magazine and as the leader of the Northern Virginia OWASP chapter. John is regularly invited to speak, including keynotes at AppSecUSA and BSIMM.



Brian Joe, Senior Director, Product Management, Signal Sciences

Brian Joe is Senior Director of Product Management at Signal Sciences, where he is responsible for all growth-related product management initiatives. Previously, Brian was Director of Product Management at Verizon Communications and spent 14 years leading product for their DDOS, WAF, Bot Mitigation, DNS, VPN, Networking, Storage, and Video Streaming domains. Brian received his MBA at New York University's Stern School of Business and his BS in Computer Science from UCLA.


Vikram Kapor, Co-founder, CTO, Lacework

Vikram Kapoor is co-founder and CTO at Lacework, and leads the company’s strategic technology and architecture roadmap. Prior to Lacework, Vikram led Bromium’s engineering team in delivering solutions supporting Bromium’s vision and business goals. Prior to this, Vikram managed the Database Storage Engine group at Oracle RDBMS and was lead architect for Exadata technologies. Vikram was also Development Manager for the protocols group at Oracle where he designed components of the NFSv4 server. Vikram also held senior engineering roles at Pillar Data Systems and Valicert and is a prolific inventor who holds several patents.


Speaker Name,

Title & Company

Short Bio