Cobalt-PTaaS Exchange-Roadshow Series logo

PTAAS EXCHANGE

< A cybersecurity networking event />
SEPTEMBER 8 - OCTOBER 13
SELECT LOCATIONS

SECURITY AS A BUSINESS DRIVER.

We’ll bring the food, you bring the questions. Come talk shop with local security and development peers, chat with industry leaders, and discuss how to build and maintain a strong security program that hones your company’s competitive edge.

PtaaS, Pentest as a Service, has won acclaim as a modern way to pentest (Exhibit A: Gartner's Hype Cycle for Security Operations). PtaaS Exchange will discuss this among other emerging trends in the context of security overall:
  • How has infosec changed?
  • What lies ahead for the cybersecurity industry?
  • In what ways can we improve, evolve, and prepare?
  • How do we measure security ROI?

Join us along the road at PtaaS Exchange, a multi-city event series aimed at bringing development, security and operations teams to meet, learn and collaborate on the best and brightest approaches to building and maintaining a strong security program. You'll have opportunities to network with local security peers and chat directly with amazing speakers

Join us along the road at PtaaS Exchange, a multi-city event series aimed at bringing development, security and operations teams to meet, learn and collaborate on the best and brightest approaches to building and maintaining a strong security program. You'll have opportunities to network with local security peers and chat directly with amazing speakers

Find our ci

Let's Make Security Stronger Together

Marriott Marquis
780 Mission St, San Francisco, CA 94103

Agenda

You’ll discover the latest trends in the threat landscape, how to measure security ROI, tips to extend your resources in the face of talent shortages, a behind-the-scenes look into how hackers look at your application, ideas to bridge the gap between security and development teams, and so much more.

Speakers

Caroline Wong

CSO at Cobalt

Nicole Dove

Head of Security for Games Division at RIOT Games

Yogi Petkar

CX Staff Product Manager at Cobalt

Vanessa Sauter

Cobalt Core Member

TC Niedzialkowski

CISO at Nextdoor

Larkin Ryder

Director of Product Security at Slack

Jack Roehrig

Tenured GRC CSO, Advisor, vCISO, and Investor

Time

Session

11:30AM

Arrival

12:00 PM

Welcome and Intro

12:15 PM

Down to Business: Drive Growth and Innovation with New Security Tactics

Let’s face it, whether you’re a seasoned InfoSec veteran or someone who just googled how to get SOC 2 certified, this question will apply: “How can I get security to deliver value to the business?”

If you’re struggling with a clear answer, we’ve got you covered. Cobalt’s CSO Caroline Wong and Riot Games’ Head of Security Nicole Dove talk through the changes teams everywhere need to make security more agile, collaborative, and valuable. From scaling your testing program without breaking the bank, to introducing a new role called “The BISO,” you’ll learn about different tactics that bring security closer to the business.

Speakers

Caroline Wong

CSO at Cobalt

Nicole Dove

Head of Security for Games Division at RIOT Games

1:00 PM

Break

1:10 PM

Let Data Build Your Pentest Program For You

No successful application stays static forever, and with new pull requests comes new risk. As you launch more pentests, how do you focus on the right area? And how do you track and communicate results to higher management?

The secret lies in data. In this session we'll show you what insights hide in plain sight, plus how they can guide your next steps.

Speakers

Yogi Petkar

CX Staff Product Manager at Cobalt

2:00 PM

Networking Break

2:30 PM

Show and Tell Panel: How Security Veterans Manage DevSecOps Training

It’s a fine art to educate, motivate, and collaborate with teams under pressure – and DevOps teams sure are feeling it.

Who better to learn from than seasoned industry veterans like CISOs, Product Security Directors, Application Security Managers, and even VPs of Engineering (yes, from the dark side!)

Our panelists will share which training strategies work, which don’t, and how you can apply their learnings in your own teams — in other words, you’ll get dos and don'ts on putting the Sec in DevOps.

Speakers

Larkin Ryder

Director of Product Security at Slack

Jack Roehrig

Tenured GRC CSO, Advisor, vCISO, and Investor

TC Niedzialkowski

CISO at Nextdoor

3:15 PM

Into The Hacker's Mind: How Attackers Look at Your Application

Hear firsthand the steps an attacker takes to break through your defenses. Top security testers share real-world learnings, along with insight for companies to apply to their own programs as threats evolve.

Learn what it takes to keep pace with evolving security environments and how manual pentesting finds vulnerabilities automation alone can't.
Speakers

Vanessa Sauter

Cobalt Core Member

4:00 PM

Looking Towards 2023: Strategy, Efficiency, and Collaboration

Wrap up the day as we map out today's key takeaways to security predictions for 2023 from our experts.

Speakers

Caroline Wong

CSO at Cobalt

4:30 PM

Post-Event Happy Hour

The Archer Hotel
3121 Palm Way, Austin, TX 78758

Agenda

You’ll discover the latest trends in the threat landscape, how to measure security ROI, tips to extend your resources in the face of talent shortages, a behind-the-scenes look into how hackers look at your application, ideas to bridge the gap between security and development teams, and so much more.

Speakers

Jay Paz

Senior Director of Delivery at Cobalt

Gideon Rasmussen

CYBERSECURITY MANAGEMENT CONSULTANT

Molly Finn

Sr. Product Manager at Cobalt

Ray Espinoza

CISO at Inspectiv

Andrew Hay

COO at LARES

Jack Roehrig

Tenured GRC CSO, Advisor, vCISO, and Investor

Mike Britton

CISO at Abnormal Security

Alex Gonzalez

Security TPM

Mahesh Kandru

Director, Security Engineering & Architecture at Oportun

Jason Kramek

MSSP Enablement Manager at PlexTrac

Time

Session

11:30AM

Arrival

12:00 PM

Welcome & Intro

12:15 PM

Cybersecurity Team Development and Retention

This session provides InfoSec leaders with practical advice for developing employees in their current role, with tips to help them move laterally or to pursue promotion to management.

Management routines will be discussed to help attendees with efficiency. Time management tips and a communications plan template will be provided. The session also addresses tough questions such as "Are we secure" and "What is the value-add of the cybersecurity program." Annual program goals and performance & development plans are addressed at a mid-level. The session closes with performance calibration, succession planning, promotions and retention risk.

Speakers

Jay Paz

SENIOR DIRECTOR OF DELIVERY AT COBALT

Gideon Rasmussen

CYBERSECURITY MANAGEMENT CONSULTANT

1:00 PM

Break

1:10 PM

Let Data Build Your Pentest Program For You

No successful application stays static forever, and with new pull requests comes new risk. As you launch more pentests, how do you focus on the right area? And how do you track and communicate results to higher management?

The secret lies in data. In this session we'll show you what insights hide in plain sight, plus how they can guide your next steps.

Speakers

Molly Finn

SR. PRODUCT MANAGER AT COBALT

Jason Kramek

MSSP ENABLEMENT MANAGER AT PLEXTRAC

2:00 PM

Networking Break

2:30 PM

Show and Tell Panel: How Security Veterans Manage DevSecOps Training

It’s a fine art to educate, motivate, and collaborate with teams under pressure – and DevOps teams sure are feeling it.

Who better to learn from than seasoned industry veterans like CISOs, Product Security Directors, Application Security Managers, and even VPs of Engineering (yes, from the dark side!)

Our panelists will share which training strategies work, which don’t, and how you can apply their learnings in your own teams — in other words, you’ll get dos and don'ts on putting the Sec in DevOps.

Speakers

Ray Espinoza

CISO AT INSPECTIV

Andrew Hay

COO AT LARES

Jack Roehrig

Tenured GRC CSO, Advisor, vCISO, and Investor

Mike Britton

CISO AT ABNORMAL SECURITY

Mahesh Kandru

DIRECTOR, SECURITY ENGINEERING & ARCHITECTURE AT OPORTUN

3:15 PM

Shift-left: Customer Comms Considerations

Definition of repetitive, consistent and thorough customer security communications for application security and InfraSec policies and standards, from a shift-left perspective, in a SDLC model.

Speakers

Alex Gonzalez

SECURITY TPM

4:00 PM

Looking Towards 2023: Strategy, Efficiency, and Collaboration

Wrap up the day as we map out today's key takeaways to security predictions for 2023 from our experts.

Speakers

Jay Paz

SENIOR DIRECTOR OF DELIVERY AT COBALT

4:30 PM

Post-Event Happy Hour

The W
100 Stuart St, Boston, MA 02116

Agenda

You’ll discover the latest trends in the threat landscape, how to measure security ROI, tips to extend your resources in the face of talent shortages, a behind-the-scenes look into how hackers look at your application, ideas to bridge the gap between security and development teams, and so much more.

Speakers

Caroline Wong

CSO at Cobalt

Nicole Dove

Head of Security for Games Division at RIOT Games

Dalyn Ward

Sr. Director of Product Management at Cobalt

Tori Sitcawich

Sr. Product Marketing Manager at Cobalt

Conor Sherman

CISO at Updater Technology Group

Derek Carlin

Cobalt Core Member

Tyson Kopczynski

SVP, CISO at Oportun

Nick Popovich

Hacker in Residence at PlexTrac

Time

Session

11:30AM

Arrival

12:00 PM

Welcome & Intro

12:15 PM

Down to Business: Drive Growth and Innovation with New Security Tactics

Let’s face it, whether you’re a seasoned InfoSec veteran or someone who just googled how to get SOC 2 certified, this question will apply: “How can I get security to deliver value to the business?”

If you’re struggling with a clear answer, we’ve got you covered. Cobalt’s CSO Caroline Wong and Riot Games’ Head of Security Nicole Dove talk through the changes teams everywhere need to make security more agile, collaborative, and valuable. From scaling your testing program without breaking the bank, to introducing a new role called “The BISO,” you’ll learn about different tactics that bring security closer to the business.

Speakers

Caroline Wong

CSO AT COBALT

Nicole Dove

HEAD OF SECURITY FOR GAMES DIVISION AT RIOT GAMES

1:00 PM

Break

1:10 PM

Let Data Build Your Pentest Program For You

No successful application stays static forever, and with new pull requests comes new risk. As you launch more pentests, how do you focus on the right area? And how do you track and communicate results to higher management?

The secret lies in data. In this session we'll show you what insights hide in plain sight, plus how they can guide your next steps.

Speakers

Nick Popovich

HACKER IN RESIDENCE AT PLEXTRAC

Tori Sitcawich

SR. PRODUCT MARKETING MANAGER AT COBALT

2:00 PM

Networking Break

2:30 PM

Show and Tell Panel: How Security Veterans Manage DevSecOps Training

It’s a fine art to educate, motivate, and collaborate with teams under pressure – and DevOps teams sure are feeling it.

Who better to learn from than seasoned industry veterans like CISOs, Product Security Directors, Application Security Managers, and even VPs of Engineering (yes, from the dark side!)

Our panelists will share which training strategies work, which don’t, and how you can apply their learnings in your own teams — in other words, you’ll get dos and don'ts on putting the Sec in DevOps.

Speakers

Conor Sherman

CISO at Updater Technology Group

Tyson Kopczynski

SVP, CISO AT OPORTUN

3:15 PM

Into The Hacker's Mind: How Attackers Look at Your Application

Hear firsthand the steps an attacker takes to break through your defenses. Top security testers share real-world learnings, along with insight for companies to apply to their own programs as threats evolve.

Learn what it takes to keep pace with evolving security environments and how manual pentesting finds vulnerabilities automation alone can't.
Speakers

Derek Carlin

COBALT CORE MEMBER

4:00 PM

Looking Towards 2023: Strategy, Efficiency, and Collaboration

Wrap up the day as we map out today's key takeaways to security predictions for 2023 from our experts.

Speakers

Caroline Wong

CSO AT COBALT

4:30 PM

Post-Event Happy Hour

Convene
530 5th Ave, New York, NY 10036

Agenda

You’ll discover the latest trends in the threat landscape, how to measure security ROI, tips to extend your resources in the face of talent shortages, a behind-the-scenes look into how hackers look at your application, ideas to bridge the gap between security and development teams, and so much more.

Speakers

Caroline Wong

CSO at Cobalt

Nicole Dove

Head of Security for Games Division at RIOT Games

Dalyn Ward

Sr. Director of Product Management at Cobalt

Lauren Taylor

Director of Product Marketing at Cobalt

Andrew Obadiaru

CISO at Cobalt

Alex Schulman-Peleg

Managing Director - Cloud Security Practice Leader at EY

Derek Carlin

Cobalt Core Member

Jack Roehrig

Tenured GRC CSO, Advisor, vCISO, and Investor

Ruchira Agrawal

VP of Engineering at PlexTrac

Time

Session

11:30AM

Arrival

12:00 PM

Welcome & Intro

12:15 PM

Down to Business: Drive Growth and Innovation with New Security Tactics

Let’s face it, whether you’re a seasoned InfoSec veteran or someone who just googled how to get SOC 2 certified, this question will apply: “How can I get security to deliver value to the business?”

If you’re struggling with a clear answer, we’ve got you covered. Cobalt’s CSO Caroline Wong and Riot Games’ Head of Security Nicole Dove talk through the changes teams everywhere need to make security more agile, collaborative, and valuable. From scaling your testing program without breaking the bank, to introducing a new role called “The BISO,” you’ll learn about different tactics that bring security closer to the business.

Speakers

Caroline Wong

CSO AT COBALT

Nicole Dove

HEAD OF SECURITY FOR GAMES DIVISION AT RIOT GAMES

1:00 PM

Break

1:10 PM

Let Data Build Your Pentest Program For You

No successful application stays static forever, and with new pull requests comes new risk. As you launch more pentests, how do you focus on the right area? And how do you track and communicate results to higher management?

The secret lies in data. In this session we'll show you what insights hide in plain sight, plus how they can guide your next steps.

Speakers

Ruchira Agrawal

VP OF ENGINEERING AT PLEXTRAC

Molly Finn

SR. PRODUCT MANAGER AT COBALT

2:00 PM

Networking Break

2:30 PM

Show and Tell Panel: How Security Veterans Manage DevSecOps Training

It’s a fine art to educate, motivate, and collaborate with teams under pressure – and DevOps teams sure are feeling it.

Who better to learn from than seasoned industry veterans like CISOs, Product Security Directors, Application Security Managers, and even VPs of Engineering (yes, from the dark side!)

Our panelists will share which training strategies work, which don’t, and how you can apply their learnings in your own teams — in other words, you’ll get dos and don'ts on putting the Sec in DevOps.

Speakers

Andrew Obadiaru

CISO AT COBALT

Jack Roehrig

Tenured GRC CSO, Advisor, vCISO, and Investor

Alex Schulman-Peleg

MANAGING DIRECTOR - CLOUD SECURITY PRACTICE LEADER AT EY

3:15 PM

Into The Hacker's Mind: How Attackers Look at Your Application

Hear firsthand the steps an attacker takes to break through your defenses. Top security testers share real-world learnings, along with insight for companies to apply to their own programs as threats evolve.

Learn what it takes to keep pace with evolving security environments and how manual pentesting finds vulnerabilities automation alone can't.
Speakers

Derek Carlin

COBALT CORE MEMBER

4:00 PM

Looking Towards 2023: Strategy, Efficiency, and Collaboration

Wrap up the day as we map out today's key takeaways to security predictions for 2023 from our experts.

Speakers

Caroline Wong

CSO AT COBALT

4:30 PM

Post-Event Happy Hour

The Westin Grand Berlin
Friedrichstraße 158-164, 10117 Berlin, Germany

Agenda

You’ll discover the latest trends in the threat landscape, how to measure security ROI, tips to extend your resources in the face of talent shortages, a behind-the-scenes look into how hackers look at your application, ideas to bridge the gap between security and development teams, and so much more.

Speakers

Chris Manton-Jones

CEO at Cobalt

Mark Hamill

Director of Product PX & EX at Cobalt

Sheetal Joseph

CISO at Finoa

Andreea Cristina Druga

Cobalt Core Member

Grigory Emelianov

Co-Founder at Secfix

Eugene Revzin

Senior Product Manager, CX Integrations

Tori Sitcawich

Senior Product Marketing Manager at Cobalt

Time

Session

12:30PM

Arrival

13:00

Welcome & Intro

13:15

Down to Business: Drive Growth and Innovation with New Security Tactics

Let’s face it, whether you’re a seasoned InfoSec veteran or someone who just googled how to get SOC 2 certified, the same question will apply: “How can I get security to deliver value to the business?”

If you’re struggling with a clear answer, we’ve got you covered. Cobalt’s CEO Chris Manton-Jones will talk through the changes teams everywhere need to make security more agile, collaborative, and valuable. From scaling your testing program without breaking the bank, to introducing a new role called “The BISO,” you’ll learn about different tactics that bring security closer to the business.

Speakers

Chris Manton-Jones

CEO AT COBALT

14:00

Break

14:10

Let Data Build Your Pentest Program For You

No successful application stays static forever, and with new pull requests comes new risk. As you launch more pentests, how do you focus on the right area? And how do you track and communicate results to higher management?

The secret lies in data. In this session we'll show you what insights hide in plain sight, plus how they can guide your next steps.

Speakers

Tori Sitcawich

SR. PRODUCT MARKETING MANAGER AT COBALT

Eugene Revzin

Senior Product Manager, CX Integrations

15:00

Networking Break

15:30

Show and Tell Panel: How Security Veterans Manage DevSecOps Training

It’s a fine art to educate, motivate, and collaborate with teams under pressure – and DevOps teams sure are feeling it.

Who better to learn from than seasoned industry veterans like CISOs, Product Security Directors, Application Security Managers, and even VPs of Engineering (yes, from the dark side!)

Our panelists will share which training strategies work, which don’t, and how you can apply their learnings in your own teams — in other words, you’ll get dos and don'ts on putting the Sec in DevOps.

Speakers

Grigory Emelianov

Co-Founder at Secfix

Sheetal Joseph

CISO AT FINOA

16:15

Into The Hacker's Mind: How Attackers Look at Your Application

Hear firsthand the steps an attacker takes to break through your defenses. Top security testers share real-world learnings, along with insight for companies to apply to their own programs as threats evolve.

Learn what it takes to keep pace with evolving security environments and how manual pentesting finds vulnerabilities automation alone can't.
Speakers

Mark Hamill

DIRECTOR OF PRODUCT PX & EX AT COBALT

Andreea Cristina

Cobalt Core Member

17:00

Looking Towards 2023: Strategy, Efficiency, and Collaboration

Wrap up the day as we map out today's key takeaways to security predictions for 2023 from our experts.

Speakers

Chris Manton-Jones

CEO AT COBALT

17:30

Post-Event Happy Hour

SPONSORS

For details on our travel policy, please visit our Covid Policy Page