Title: Defending Against Common Vulnerabilities: Attacker vs Defender Perspective
Abstract: Learn which findings came up most frequently from 1600+ pentests and how teams can respond to them. Jay Paz, Director of Pentest Operations and Research at Cobalt, and Elle Johns, Security Staff Program Manager at Gong, will go back and forth on 5 of their top findings from Cobalt’s annual State of Pentesting report. Jay will discuss how he and his offensive team would exploit systems and Elle Johns will describe the defensive approach that can be put into place to prevent these things from happening to you. A lot of their efforts revolve around OWASP best practices so there will be tie backs to the OWASP Top 10 throughout the presentation.
Speakers – Jay Paz from Cobalt & Elle Johns from Gong
Jay Paz – Director of Pentest Operations, Community & Research
Jay has more than 12 years of experience in information security and 19+ years of information technology experience including system analysis, design, and implementation for enterprise level solutions. He has a robust background in developer supervision and training as well as in major programming languages, operating hardware and software, and major infrastructure application development.
Elle Johns – Security Staff Program Manager
Elle Johns has led teams for more than 6 years across a variety of departments and industries — from operations and fitness studios, to customer success and now cybersecurity. She is currently the Security Program Manager at Cobalt, she was focused on the team’s vulnerability management program, security control improvement, and roadmap execution. In July she will be moving over to Gong as Staff Security Project Manager helping enable and ensure security programs execution. Her passion is enabling others to consistently learn, grow and succeed.