In person

AppSec Workshop: Fix Faster

Why does a “simple upgrade” often take so long, and why's it *so hard* to get development teams to do it?

Fix Faster is a hands-on workshop for AppSec and Product Security practitioners that want to address security issues faster and more effectively.

This beginner-to-intermediate training is your chance to step into a developer’s shoes. Through live demonstrations, interactive discussions, and guided exercises, we’ll simulate project-based challenges—walking into unfamiliar, legacy codebases and working through realistic constraints to remediate vulnerabilities. Participants will face real-world scenarios across Java and Python ecosystems, gaining firsthand experience in remediating known vulnerabilities in open source software. With more empathy for "upgrade hell", you can better partner with your dev teams to help your org reduce risk faster.

We'll cover:

  • Establishing a basic understanding of the complexities of software dependency management, such as breaking changes, version constraints and bugs
  • Complex and simple upgrades for direct and transitive dependencies
  • Evaluating remediation strategies, including vendoring, downgrading, and upgrading

Agenda:

1:30 - 2:00 PM - Check-in & Welcome
2:00 - 4:00 PM - Workshop Fix Faster
4:00 - 5:00 PM - Happy Hour

Date
April 28, 2025
Time
1:30 - 5:00 PM PT
Location
Downtown San Francisco
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Speakers

A photo of Jamie Scott — Founding Product Manager at Endor Labs.
Jamie Scott
Founding Product Manager
Endor Labs

A photo of Anand Sawant — Member of Technical Staff at Endor Labs.
Anand Sawant
Member of Technical Staff
Endor Labs

Event Overview

3 reasons to attend

  • Greater confidence in analyzing and remediating SCA vulnerabilities
  • Practical strategies for effective collaboration with developers
  • A deeper appreciation for the challenges developers face, improving team trust and alignment

Prerequisites

  • An internet-enabled laptop
  • A basic understanding of Linux fundamentals (e.g., installing software and using CLI tools)
  • A free GitHub account and access to GitHub and GitHub codespaces
  • The ability to read and edit snippets of code

Who Should Attend?

This workshop is for AppSec and Product Security practitioners looking to bridge the gap between AppSec and development by gaining empathy for the developer experience. You must currently be in one of these roles, but you don't need any specialized knowledge—just curiosity and a willingness to learn.

Speakers

A photo of Jamie Scott — Founding Product Manager at Endor Labs.
Jamie Scott
Founding Product Manager
Endor Labs

A photo of Anand Sawant — Member of Technical Staff at Endor Labs.
Anand Sawant
Member of Technical Staff
Endor Labs

Schedule

No items found.

Heading

No items found.

Want to stay in the loop?

Sign up for our newsletter.

Subscribe
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

A Practical Guide to AI and Application Security

As AI reshapes software development, security teams can be the catalyst for unlocking productivity without sacrificing safety.
Read more
How We Cracked SCA for C/C++ Codebases

How We Cracked SCA for C/C++ Codebases

Endor Labs improves C/C++ SCA by combining cryptographic hashing, code embeddings, and a curated index for accurate dependency and vulnerability detection.
Read more
When CodeRabbit became PwnedRabbit: A cautionary tale for every GitHub App vendor (and their customers)

When CodeRabbit became PwnedRabbit: A cautionary tale for every GitHub App vendor (and their customers)

Kudelski Security uncovered an RCE flaw in CodeRabbit exposing 1M+ repos. Here’s what happened, how it was fixed, and key lessons for secure AI apps.
Read more
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.