The practice of identifying and mitigating vulnerabilities in software, plays a critical role in today’s cybersecurity landscape. In an interconnected digital world, software is the backbone that makes seamless communication and efficient operations possible. As cyber threats evolve and technology advances at faster rates, organizations must prioritize software security to protect sensitive data and critical infrastructure.

At ISC2 Security Congress 2024, we will dive deep into software security, exploring the latest trends, challenges, and solutions that will help you and your team succeed. With a focus on proven and robust strategies, you can stay ahead of the curve in this rapidly evolving field.

Key Trends in Software Security

From the widespread adoption of open-source software to the integration of advanced language models, these trends are reshaping the way software is built, deployed, and protected.

  • Open-Source Software: While open-source offers benefits such as cost savings and collaboration, it also introduces unique security challenges. The open nature of the code source means that vulnerabilities can be as easily identified and exploited by malicious actors as they are by the legitimate developer community. Open-source software also relies on other open-source components, creating a chain of dependencies. The lack of oversight on them can make it difficult to assess and address security risks.
  • Large Language Models (LLMs): The integration of LLMs, such as ChatGPT, into applications has opened new possibilities for innovation. However, it has also raised concerns about the security implications of these powerful language models. Threats like malicious input manipulation, data poisoning, model bias, data leakage, and unauthorized access are all concerns.
  • Patch Management: Timely and effective patch management is crucial for addressing software vulnerabilities, preventing bad updates from circulating and preventing exploitation by malicious actors. ISC2 Security Congress 2024 will delve into the complexities of patch management, offering guidance on how organizations can streamline their processes and ensure the ongoing security and reliability of their software systems.

Sessions and Speakers at ISC2 Security Congress 2024

ISC2 Security Congress 2024 will feature a diverse range of sessions and speakers who are software security experts. Here’s a closer look at some of the sessions:

Parul Khanna
Parul Khanna

Director, Information Security, Manulife

 Mitigating Security Risks in RAG-Enhanced LLM Deployments

Dive into Retrieval-Augmented Generation (RAG) architecture and learn how to identify vulnerabilities like data integrity threats and adversarial attacks. You'll get strategies to mitigate these risks throughout the RAG-LLM development lifecycle. Plus, gain a deeper understanding of RAG, recognize security challenges, and learn how to implement robust security measures to protect RAG-based LLM applications.

Divya Aradhya
Divya Aradhya

MS Cybersecurity – Head of Cyber Architecture for Banking & International, CISO, Citi Group

You've Been Chosen: Can You Be the Developer's BFF?

Learn how collaboration between developers and security teams can create more secure software. From understanding the developer's needs, attendees will see how to build stronger relationships with developers, gain leadership buy-in, and implement education, tools, and processes to foster a developer-centric security program.

Hasan Yasar
Hasan Yasar

Technical Director, Software Engineering Institute | Carnegie Mellon University

Security Chaos Engineering: No More Surprises!

Discover how Security Chaos Engineering (SCE) and ethical hacking can bolster development cycle maturity and resilience. Attendees will gain practical knowledge about available resources and tools to kick-start their own SCE programs and effectively integrate security testing throughout the software development lifecycle.

 

In addition to these sessions, the conference will also offer a two-day, pre-conference workshop on Securing AI: Cybersecurity Strategy, providing attendees with a comprehensive understanding of the security considerations surrounding artificial intelligence and 16 CPE credits.

View all the sessions on software security at ISC2 Security Congress here.

Level Up Your Expertise

Software security is a critical concern for organizations of all sizes and industries. ISC2 Security Congress 2024 will provide a platform for cybersecurity professionals to come together and learn valuable insights that will ensure the security and resilience of your software systems.

Discover how you can level up your skills at ISC2 Security Congress 2024.