Archived: Application Security in Depth: Understanding the Three Layers of AppSec Testing

On-Demand Webcast|1 hour

Today's approach to defense in depth for application security are siloed, lack context, and results have fallen short. But a layered approach is the key to building a world-class AppSec program that spans the entire Software Development Lifecycle (SDLC). So, how does our approach need to change?

In this webinar, you’ll hear from three experts at each of the core security touchpoints within the Software Development Life Cycle (SDLC): at the code level, pre-deployment, and post-deployment. They will share advice on:

  • Key timeframes to implement security testing – and why
  • How to incorporate risk context across the SDLC
  • Best practices for application penetration testing and secure code review
  • Proper implementation of application security tools for continuous monitoring
  • Plus, more tips to achieve a layered application security strategy



Nabil Hannan

Managing Director


Nabil Hannan is a Managing Director at NetSPI. He leads the company's advisory consulting practice, focusing on helping clients solve their cyber security assessment, and threat & vulnerability management needs. His background is around building and improving effective software security initiatives, with deep expertise in the financial services sector. He has over 13 years of experience in cyber security consulting from his tenure at Cigital/Synopsys Software Integrity Group, where he has identified, scoped, and delivered on software security projects (architectural risk analysis, penetration testing, secure code review, malicious code detection, vulnerability remediation, mobile security assessments, etc.). Nabil has also worked as a Product Manager at Research In Motion/BlackBerry and has managed several flagship initiatives and projects through the full software development life cycle.


Samir Sherif



Samir is a transformational leader with over 20 years of development, risk, and IT security program leadership. Prior to joining Imperva, Samir led multiple information security programs at Citi, including fraud, IT risk, and security architecture solutions, impacting over 50,000 technology staff globally.

Samir holds an Executive MBA from Williams College of Business and a BA in Liberal Arts from Xavier University.


Moshe Zioni

VP of Security Research


Moshe Zioni, VP of Security Research at Apiiro, responsible for producing high-value research in the domains of application security, user behavior and vulnerability research, detection and prevention. He is listed as 27 influential penetration testers in 2020 by Peerlyst and have been researching cybersecurity for over 20 years in multiple industries, specializing in penetration testing, detection algorithms and incident response; a constant contributor to the hacker community and have been co-founder of the Defcon-adjacent Shabbatcon security conference for the past 6 years.

Sponsored by:

*All times listed in Eastern Time (ET)


NetSPI logoImperva