2019 Philadelphia Symposium
How to Mature Your Application Security Program

#IANSPhiladelphia #IANSEvents

Wednesday, June 26, 2019 | 10:00 AM - 3:00 PM
The Bellevue Hotel, 200 S. Broad Street, Philadelphia, PA

Security teams have fought hard for better application security but remain challenged on a myriad of fronts: They’re hungry for more step-by-step details on how to run an effective bug bounty program. They want better guidance for when it’s best to do manual or automated web app pen testing or go with a more hybrid approach. They remain stuck in a cycle of spinning up containers quickly and setting them loose without always knowing if they’ve missed cracks along the way.

For all of these challenges, they seek more advanced techniques. This 5-hour symposium with IANS Faculty Member Kevin Johnson is designed to offer just that, including:

  • A process you can use to measure your organization’s maturity level for in-house bug bounty programs
  • A thorough inventory of third-party bug bounty vendors and a list of questions to help determine which one is best for you
  • A set of best practices that address big-picture app security challenges in 2019
  • A strategy for hybrid web app pen testing


Participants will leave knowing how to launch a bug bounty program and pursue hybrid web app testing, and will have a clearer understanding of what goes into container security.


Anyone responsible for app security in their organizations. The topics will be accessible to relative newcomers but will be most useful to those who are already well on their way to surfacing and addressing the challenges.

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.

Let your colleagues know you're coming!

This event has ended.

Check out our other upcoming events!

View All Events
*Receive 1 CPE credit for every hour of attendance at our events.

2019 Philadelphia Symposium Facilitators


Kevin Johnson

IANS Faculty
Kevin has over 15 years of experience within security working with and performing services for Fortune 100 companies and draws upon his development and system administration background. Kevin is the CEO and Principal Security Consultant with Secure Ideas. Previously, Kevin was a Senior Instructor at SANS and the author of "Security 542: Web Application Penetration Testing and ethical Hacking." Other current speaking engagements include DEFCON, ShmooCon as well as Infragard, ISSA and the University of Florida. He founded BASE (web front-end for snort analysis) as well as Samurai WTF live DVD (live environment focused on web pen testing). Two additional projects Kevin founded are Yokoso and Laudanum, which are focused on exploit delivery. In his free time, Kevin enjoys spending time with his family and is an avid Star Wars fan and member of the 501st Legion (Star Wars charity group).

The Bellevue Hotel

200 S Broad St, Philadelphia, PA 19102

Attendee Qualification

This Symposium is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the Symposium to any entity or individual. IANS’ receipt of a registration application does not constitute acceptance. Individuals from Information Security Solution Providers (software, hardware, and consulting companies) are not eligible to attend. Symposiums are open to IANS clients that are Credential Holders and qualified Information Security Practitioners identified by IANS.

Attendee Contact


Check out IANS other upcoming events