The Upside Down: Going from NetSec to AppSec

Cody Florek

Cody Florek

Speaker Bio

Cody Florek is a Manager at Rapid7 in Deployment and Training that provides consulting services on Rapid7 products for Nexpose, AppSpider, and InsightIDR. At Rapid7 Cody helps clients start their vulnerability management program with Nexpose and AppSpider. Cody has been involved in many different security projects within corporations: vulnerability management, identity and access management, single sign on, etc.


When I took on the world of AppSec, I thought many of my life lessons in network security operations would carry over. I found out that it didnt work that way. As I progressed in AppSec, I soon discovered many other folks were like me but had no idea what to do or where to start. From a security operations world looking glass, I want to give a presentation on how to think, what terms to use, what tools to use, and where to go to learn. If you are a seasoned AppSec pen tester, this presentation isn't for you. If you've been doing Sec Ops, this is probably for you.