Darylynn Ross
Senior Application Security Engineer at CoverMyMeds
Columbus, Ohio, United States
Actions
Darylynn Ross is currently a Senior Application Security Engineer on the Product Security team at CoverMyMeds (CMM). She directs the CMM Security Champions Group and the CMM Security Community of Practice. Darylynn spent the first part of her career at EDS and Verizon Wireless as a software developer working in varied applications, languages, databases and development environments. After pivoting to application security at Verizon, she worked with Chipotle's security operations team as Security Operations Analyst and Application Security Engineer. Darylynn is passionate about developing a security first culture fostered by relationship building and mentoring. In her free time, Darylynn enjoys working on event planning for several organizations, walking her dog Maple, and traveling with her husband.
Links
Area of Expertise
Topics
Writing Secure APIs - A Look at the OWASP 2023 API Top 10 List
OWASP published a new API top 10 list in July of 2023. There are some old favorites hanging around (I'm looking at you Authentication) and some new comers like Server Side Request Forgery and Unrestricted Access to Sensitive Business Flows. This session will cover the new top 10 list and take a look at why each of these flaws is a real world problem.
Get ready to dig into API authorization and authentication gotchas, API inventory challenges and resource management strategies. Anyone who is designing, developing, testing or securing APIs will want to join the discussion and learn how to defend against the most common security issues facing engineers today in API development.
Building Relationships for Better Security
It's 2024 and software engineering teams and security teams are still struggling to figure out how we can all just get along. Engineering teams are commonly frustrated and annoyed at all the extraneous stuff security wants them to do. And security teams are commonly frustrated with the lack of results they see in vulnerability remediation and secure coding efforts. There's got to be a better way to work together.
Come explore how building relationships between engineering teams and security teams can remove some of the frustration we all feel in the software product development world. We will discuss how culture, empathy, advocacy, communication, leadership and negotiation skills can change things. Security initiatives like a security champions program, a security community of practice, meaningful training, and team collaboration are important on the security side. This session isn't just for managers or security practitioners, it's for everyone who works in IT and deals with security challenges.
Darylynn Ross
Senior Application Security Engineer at CoverMyMeds
Columbus, Ohio, United States
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top