About this webinar

It’s 2025. Many of the problems in appsec in have mitigations, maybe even solutions. The value of an appsec program is widely accepted as a requirement for any successful company. Yet XSS and other common vulnerabilities are still occupying the time of many engineering teams. Twubhubbook, a fictitious startup from the future, has the benefit of being a new startup: it’s mostly a blank slate situation. This is the story of how Twubhubbook rolled out their program without skipping a beat or breaking the bank. The purpose of this imaginary story is to provide practical advice that you can take to a current or future startup (sorry enterprise people) based on the successes and failures of today’s startups.

About the presenters

Neil Matatall | Presenter | Senior Security Engineer, GitHub

Neil is an engineer at GitHub focused on account and application security. Previously, he has been an engineer at Twitter, AT&T Interactive, and University of California Irvine. He has spent his entire career in the "builder" and "defender" camps. He spends his days lurking in the w3c-webappsec list and improving (or complicating) specifications via Twitter conversations.

James Wickett | Host | Head of Research, Signal Sciences

Often found at the intersection of devops and security, James is the creator of gauntlt and author of DevOps Fundamentals, including a course on Lynda.com and LinkedIn Learning.