Application security is key to supply chain security. Learn more in this fireside chat with Derek Fisher, author of the “Application Security Program Handbook.” 

Considering that 2022 was a record year for software supply chain attacks, organizations in the new year will be focusing their efforts around building a comprehensive software security program. However, with a variety of tools out there, some pertaining to application security and others specifically guarding the software supply chain, organizations should learn the best practices for software security in 2023. 

Matt Rose, Field CISO at ReversingLabs and an accomplished expert in app sec and software supply chain security, demonstrated how app sec is built into the software supply chain ecosystem in his latest ReversingGlass episode of, DNA of an App. Rose visually labeled the components of a typical software application, showcasing how tools such as software composition analysis (SCA) are enough for app sec alone, but are not cutting it for spotting software supply chain risks. 

For an organization to have a reliable security program, best practices for both app sec and software supply chain security need to be considered. Leaders and security practitioners can learn these best practices in this January 10 live conversation and glassboard session, in which Rose will speak with Derek Fisher about his new book: the “Application Security Program Handbook.” 

Fisher has been working in application security for over a decade, and in his experiences, has witnessed numerous security successes and failures, making him an expert in best practices. His new book serves as a practical guide for software developers, architects and leaders looking to develop a comprehensive app sec approach in 2023.

His “Application Security Program Handbook” is currently the No. 1 New Release for the Computer Networking category on Amazon. 

As a fellow app sec expert, Rose wrote the foreword for Fisher's new book.

“This is a foundational book for application security principles, definitions, and concepts.”
—Matt Rose

In the January 10 fireside chat, Rose will talk with Fisher about the key points in his new book, such as how to properly secure a software application end-to-end. Rose will also utilize his glassboard to visually explain how app sec fits into the software supply chain ecosystem. Fisher will also share insights on the state of software supply chain security.

Join the fireside chat with Derek Fisher on January 10 at 1pm Eastern, where they will also answer your questions.

"This is a unique opportunity to meet Derek and learn more about how he came up with the concept for his book. It's getting rave reviews from application security experts around the world."
—Matt Rose

Article Link: App sec and the supply chain: Work in tandem with engineers to achieve true software security