Mastering Vulnerability Management and Secure SDLC: A Deep Dive into Enterprise Application Security

In this session, participants will explore advanced techniques in vulnerability management, application penetration testing, and secure software development life cycles (SDLC). Drawing from over 13 years of hands-on experience, Krishna, Associate Director at S&P Global, will share insights into building and managing comprehensive application security programs across diverse environments. The session covers real-world practices in integrating SAST/DAST tools into CI/CD pipelines, performing dynamic and static vulnerability assessments, and effectively collaborating with development teams for secure coding. Learn about OWASP Top 10 vulnerabilities, mobile app testing, API security, and managing enterprise risk through threat modeling, patch management, and compliance alignment (PCI DSS, ISO 27001).