How to make a Unicorn: Finding Cybersecurity Talent in the Real World

Another day, another high-profile security incident. Forty percent of all data breach incidents occur from attacks on web applications. With DevOps accelerating the pace at which software is developed and deployed, it’s critical to integrate proper security thinking into the DevOps process. Without this, rapid software development can introduce security flaws.

The cybersecurity labor crunch is expected to hit 3.5 million unfilled jobs by 2021. So where do you turn for help when the demand for qualified cybersecurity professionals is high, but the supply is low?

In addition, all security professionals aren’t created equal. How do you identify the security skills needed in DevSecOps?

AppSec engineers have been called unicorns, and in this talk we will make these mythical creatures a reality and discuss: * The skills needed to be a successful AppSec engineer * Scenarios in which these skills are used in DevSecOps * How to identify and groom talent within your own organization * Ways to scale your team



Franklin Mosley


As a young child, I was introduced to computers, and they became my passion. I began writing programs, and by the age of 10, I knew what I wanted to do when I “grew up” without understanding how