The Savoy, London

CISO 360 Dinner Roundtable:
How Are We Reducing Our Security Team’s Workload Through Automation?

Thursday 17 October 2024 | 17:30-21:30
Princess Ida and Patience Room
The Savoy | London

Add event to your calendar

AppleGoogleOffice 365OutlookOutlook.comYahoo

Register here - Complimentary

Processes like detecting, prioritising, fixing and explaining security vulnerabilities in software have long been manual and inefficient. Relations between security and developer teams have long been fraught with tensions. Today AI architectures can contextualise complex security data to automate these processes.

We are delighted to invite you to share strategies and tactics with fellow CISOs on both the challenges and opportunities inherent in secure software development while you enjoy the private dining setting at London’s iconic Savoy Hotel!

How can we as CISOs get the best out of software engineers? What tools support self-management and how do we remove the tension from devops and security once and for all? What role can AI play in this?

Key talking points include:

  • How does your Product Security team currently work? Does your security team triage vulnerabilities before they reach developers?
  • How do you maintain trust with developers?
  • What strategies can you use to motivate developers to fix vulnerabilities?
  • How do you scale security across a large organization?
  • What experiments have you ran to use GenAI within your security team? How does this relate to company-wide AI initiatives?
  • How are we using open-source resources and generative AI to identify, prioritise, and rectify security flaws?

Kindly sponsored by Nullify and hosted by Pulse Conferences, we look forward to your contributions to the discussion on how organisations are detecting, triaging, and fixing potential security issues!

We hope that you can join security peers for what promises to be a dynamic discussion held under The Chatham House Rule, as well as top culinary experiences and great company at The Savoy London.

Yours sincerely,

Team Pulse
Pulse Conferences

Timings

17:30-18:30       Guests arrive to a welcome drinks reception
18:30-21:15       Discussion and 3 course dinner
21:15-21:30       Conclusions

Practicalities

  • Attendee: CISOs, Deputy CISOs and senior cybersecurity practitioners
  • No vendors/suppliers are permitted unless the individual is in a senior cybersecurity role / CISO. No sales, marketing, or media are permitted
  • There is a limit of two individuals per organisation.
  • Organisation size of at least 500 employees (smaller than 500 may be considered).
  • Conducted under The Chatham House Rule.
  • Co-chaired by a leading Chief Information Security Officer and a Strategist
  • Pulse Conferences is your Master of Ceremonies.
  • There is no cost to attend. Places around the table are limited.

Return to Roundtables Homepage

Sponsored by

Hosted by

Discussion co-steered by:

Martyn Booth, CISO, dunnhumby

Martyn is Chief information security officer at dunnhumby, the world’s largest consumer data analytics organisation. He runs a large team and is an experienced cyber security practitioner, with over 20 years experience in the field, spanning big-4 consulting and running large teams. He advises multiple VCs and start ups, operates at board level and is seen as a strategic partner to the businesses that he advises. His technical background, coupled with his MBA for Durham, enables him to operate at the highest levels of business with a deep technical understanding of the security domain.

Shan Kulkarni, Global CEO and Co-Founder, Nullify

Co-Founder & CEO @ Nullify | Building the world’s first AI AppSec Engineer. Shan is a full-stack software engineer with more than eight years of experience developing web and mobile applications. He has worked with startups and enterprises to build various SaaS products. His expertise lies in architecture design, development, and deployment of innovative products from scratch.

About Nullify

Help your team reduce stress. You know your Product Security team is stressed out. Here are their responsibilities:

  1. Know the Product inside and out. All the codebases, how development is done, all the new features that are being released.
  2. Enforce security policies. Engineering security fix SLAs, secure coding standards.
  3. Security testing using a standard. OWASP, NIST, OSSTM.
  4. Securing the SDLC – threat modelling, manual code review, penetration testing, security sign-off, bug bounty, ongoing training.
  5. Building a great security culture & champions – organizing security education events, answering developer questions, and keeping your executive sponsor happy.

That is a lot of work. It is also why most good security engineers will end up at FAANG getting paid 400k a year, because those are the only places that can pay them enough to justify the long working hours and hostility from the engineers. Can you help your team reduce their areas of responsibility so they can focus more on the people aspects of security?

With Nullify, you can.

Nullify is an AI Product Security Engineer that helps your organization stay above the security poverty line. We replace application security testing, application security posture management, and automated remediation solutions so that your team can spend less time triaging vulnerabilities and more time cultivating a security culture.

Nullify uses AI to reverse api paths out of your code, and uses these to map repositories to hostnames defined in your Cloudfront distributions. These mappings are represented as edges between nodes in the Nullify Knowledge Graph which the AI investigation agents use to reason about the business risk of findings at a level that Snyk or Semgrep are unable to due to their lack of runtime context of the application. This also allows the Nullify Risk Insights Copilot to answer questions like “where do my applications have public endpoints exposing sensitive data?” and “where are my unauthenticated API endpoints?” Lastly, Nullify’s Pentesting AI Agent is able traverse these hosts and test them for authorisation, authentication and logic based bugs like a human pentester would – emulating an inside-out pentest by using the application’s code as context while it perform dynamic testing of the web app.

www.nullify.ai

Venue - The Savoy London

PRINCESS IDA & PATIENCE ROOM

The Savoy London

The Strand
WC2R 0EZ London

Looking across Embankment Gardens towards the River Thames and with an excellent view of the iconic Westminster Bridge, this gracious Edwardian-style private dining room in London can be configured in a variety of layouts, making it ideally suited for small to medium sized lunches or receptions, a cocktail party or private afternoon tea, and formal or informal dining occasions. Princess Ida & Patience can be combined with the adjacent private room Pinafore, via a connecting door, if greater floorspace is necessary.

Named after the eighth and sixth Savoy Operas, Princess Ida & Patience started life as two of the original private rooms when The Savoy opened in 1889, but the dividing wall was removed in 1935. After several decades of modern redecoration, a major restoration in the late 1990s drew inspiration from original archive photographs of both rooms dated 1906, and the room now reflects its delightful Edwardian heritage.

Back to Pulse Conferences

You currently have JavaScript disabled!

This site requires JavaScript to be enabled. Some functions of the site may not be usable or the site may not look correct until you enable JavaScript. You can enable JavaScript by following this tutorial. Once JavaScript is enabled, this message will be removed.