Join us on, March 25, 2025, at 5:30 PM at the KPMG, Santa Clara office for an evening of networking and learning. This in-person event is a great opportunity to connect with fellow professionals in the cybersecurity field. Don’t miss out on engaging with industry experts and expanding your knowledge. See you there!
OWASP Venue: KPMG LLP
2755 Augustine Drive Suite 701 Santa Clara, CA 95054
Agenda:
5:30 PM: Doors open, networking and food
6 PM – 6:45 PM: Evolving Automated Approaches to Application Threat Modeling
6:45 PM – 7:30 PM: Innovations in enterprise application threat modeling and automation.
7:30 PM – 8:15 PM: The Attacker’s Distributed Supercomputer: Your Browser
Register here
Talk 1
Title: Evolving Automated Approaches to Application Threat Modeling
Speaker 1
Steve Barlock
Steve is an Advisory principal in KPMG’s San Francisco office with over 30 years of client service and business experience. As a senior leader in KPMG’s Cyber Security Services practice, he has focused extensively for over 20 years on multiple disciplines in the cybersecurity field. He is currently responsible for leading KPMG’s Google Cloud services for Cyber Security on a global basis and previously led the firm’s US Cyber Cloud business. Steve’s early career experience designing and implementing a wide variety of technology-based business solutions has resulted in a broad background in planning, transformation, and delivery related to technology, infrastructure, and security across most industry sectors. He has held leadership roles on projects demonstrating the full IT delivery lifecycle including business-IT strategy, architecture planning, systems integration, and large-scale program delivery.
Speaker 2
Joan Qafoku
Joan is a Director in Cybersecurity and Technology Risk at KPMG with over ten years of experience in technology and security. Joan supports cybersecurity strategy and transformation efforts for clients in a variety of industries, including technology, media, telecommunication, and industrial manufacturing. He has deep functional experience across cybersecurity including cybersecurity and technology governance, risk management, policy and compliance management, business and technology resilience, third-party risk, security incident response, vulnerability management, and cloud security automation.
Talk 2
Title: Innovations in enterprise application threat modeling and automation.
Speaker Bio
Keshav Kamble
Keshav Kamble, CEO/CTO of Avocado Systems, with over 25 years of expertise in networking, network security, application security, and AI models. As a visionary innovator and an R&D leader, Keshav has a portfolio of over 200 inventions and patents in network security, application security, and AI. One of the top 5 most referenced cyber security professionals globally, he has consistently designed and delivered groundbreaking products and solutions. Keshav’s work has had a profound impact on major sectors, including financial services, banking, telecommunications, and defense industries. His ability to foresee industry trends and drive technological advancements has earned him accolades and respect from peers and industry leaders alike.
With a relentless passion for innovation and a commitment to excellence, Keshav Kamble continues to shape the future of cyber security and technology.
Talk 3
Title: The Attacker’s Distributed Supercomputer: Your Browser
Abstract:
As the browser transforms into the primary computing platform, new vulnerabilities are surfacing that existing security architectures are not prepared to tackle. This gap leaves enterprises exposed to risks like client-side exploits, unmonitored communication channels, and last-mile reassembly tactics, which exploit the browser’s complexity beyond the reach of traditional tools.
This talk explores how the shift to browser-centric workflows has uncovered a critical weak spot at the very heart of organizations around the world, currently unprotected by conventional security measures, allowing both internal and external threat actors to bypass controls
Speaker Bio
Jerry Hoff
Jerry Hoff has decades of experience in technology and security, specializing in application security at an enterprise scale. He holds a Master’s in Computer Science from Washington University in St. Louis and has evaluated the security of applications for some of the largest financial, defense, and commercial organizations in the world. His work has provided deep insight into the evolving threat landscape and the challenges organizations face in securing complex software systems.
