What's your current level of confidence in your application security program? Are you tracking any pen test metrics? Maybe you should. This session will detail several application security metrics used to measure the effectiveness of penetration testing at both program and engagement levels. The presenter will also share real world data from ~ 100 individual pen test engagements performed in 2016.

Caroline Wong is the Vice President of Security Strategy at Cobalt. Cobalt delivers crowdsourced pen tests and private bug bounties to modern organizations. Caroline's close and practical information security knowledge stems from broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. She is a well known thought leader on the topic of security metrics and has been featured at industry conferences including RSA (USA and Europe), IT Web Summit (South Africa), OWASP AppSec, Metricon, the Executive Women's Forum, ISC2, and the Information Security Forum. Caroline received a 2010 Women of Influence Award in the One to Watch category and authored the popular textbook Security Metrics: A Beginner's Guide, published by McGraw-Hill in 2011. She graduated from U.C. Berkeley with a B.S. in Electrical Engineering and Computer Sciences.

Back to Circle City Con 2017 Videos list