AppSec DevSecOps Singapore

Not Found

20 August 2025
08:30

Registration, Coffee & Networking in the Exhibition Area
09:00

Welcoming Remarks from Corinium & Chair's Remarks

Dan Haagman - CEO Chaleit & Honorary Professor - Murdoch University
09:10

Speed Networking
09:15

Securing PII in API Contracts - Journey from Standardisation to AI Enabled Management

Vipul Sodha - Principal Engineer - Carousell Group
09:40

The Evolution of Enterprise AI: Navigating New Trends and Challenges

Cameron Townshend - Principal Architect - Sonatype

Topic to Be Confirmed
10:05

Keynote Panel: Safeguarding the Software Ecosystem – From Development to Deployment
- What innovative practices ensure end-to-end security across the software development and supply chain lifecycle, integrating DevSecOps, AppSec, and container security?
- How can continuous risk assessment and improvement through DevSecOps practices protect every phase of the SDLC?
- What role does automation play in enhancing operational efficiency and simplifying compliance within governance frameworks?
- How can layered security strategies proactively address vulnerabilities in software supply chains and containerised environments?
Moderator:

Dan Haagman CEO Chaleit & Honorary Professor Murdoch University

Speakers:

Reuben Athaide Head Innovation, Application Security and Assurance Standard Chartered

Yih Wen Tsai CISO Ministry of Manpower
10:40

Topic to Be Confirmed

Yashaswi Mudumbai - Senior Director - Solution Engineering - JFrog
11:05

Morning Coffee & Networking in the Exhibition Area
11:35

DevSecOps Practices: Applying Security Principles to Software Development

Suresh Govindaraju - Director of Engineering - PayPal
12:00

Topic to Be Confirmed

Phillip Ivancic - APJ Solutions, Principal Consultant - Black Duck
12:25

Panel: Building Bridges - Integrating Development, IT and Security in a Seamless DevSecOps Strategy
- Breaking Down Silos: Fostering collaboration between development, IT operations, and security teams for unified goals
- Embedding security checks and tools into the CI/CD pipeline without slowing down development
- Shared Responsibility: Aligning roles, responsibilities, and KPIs to ensure security is everyone's job
- Encouraging a proactive mindset toward security through training and organisational buy-in
Moderator:

Dan Haagman CEO Chaleit & Honorary Professor Murdoch University

Panellists:

Sathiyaseelan Murugaiayh Head of DevSecOps Circles.Life

Gowtham Sundar Senior Lead Engineer - 3A Security SPH Media
12:50

Lunch & Networking in the Exhibition Area
13:50

Security Anti-patterns in CI/CD

Linda Chang - Assistant Director, Clusters & Technology Management Office (CTMO) - GovTech

While driving adoption of CI/CD across more than 50 Singapore Government agencies in a landscape with distributed and mostly outsourced systems, GDT-CSH has encountered various security anti-patterns in the CI/CD pipelines that could compromise application security. Drawing from real-world experiences with agencies and vendors, this talk will dissect common security anti-patterns we've discovered and share practical strategies for addressing them.

Speakers:

Linda Chang Assistant Director, Clusters & Technology Management Office (CTMO) GovTech

Daniel Liu Senior DevOps Engineer GovTech
14:15

From Finding to Fixing: How Agentic AI Secures Code at the Speed of Dev

Bhawani Singh - Regional Director Solution Engineering, APAC, Middle East & Africa - Checkmarx
As software development accelerates with AI-generated code and scalable cloud-native architectures like microservices and serverless, the need for early, efficient, and scalable vulnerability remediation is critical. But the true challenge lies not just in finding vulnerabilities-it's fixing them without slowing down developers. This session explores how Agentic AI, embedded in a developer-centric AppSec platform, is transforming secure software delivery by operating directly within the IDE and workflows.

Agentic AI empowers organisations to scale secure coding through three key steps:
- Identification - Detect vulnerabilities early in development
- Fix Suggestion - Provide actionable, context-aware remediation to earn developer trust
- Remediation - Allow manual resolution or full automation once confidence is established
Unlike standalone tools, Agentic AI is part of a unified AppSec platform that reduces risk, shortens time to remediation, and accelerates secure innovation. Security leaders will learn how to embed security seamlessly into development pipelines and leverage AI to drive both security and speed across the SDLC.
14:40

Fireside Chat: What Are the Best Practices in Cultivating Security as a Core Pillar in Software Development

Zhou Zhihao - Vice President - ISC2 SG Chapter
- Building security measures into every phase of the SDLC, enhancing efficiency, reducing risks, and bolstering trust
- Adopting early-stage vulnerability detection to mitigate risks before they escalate, ensuring safer and smoother production
- How can you define comprehensive policies and guidelines to unify team actions and maximise the effectiveness of security tools and technologies?
- Encouraging ongoing skill development and adaptive strategies to meet evolving security challenges head-on
Speakers:

Zhou Zhihao Vice President ISC2 SG Chapter

Dan Haagman CEO Chaleit & Honorary Professor Murdoch University
15:05

Afternoon Tea & Networking in the Exhibition Area
15:35

Fireside Chat: DevSecOps in Business - Embedding Security Without Slowing Delivery

Selina Seah - Head of IT Shared services, IT Business Partner - Income

Speakers:

Selina Seah Head of IT Shared services, IT Business Partner Income

Dan Haagman CEO Chaleit & Honorary Professor Murdoch University
16:00

Fireside Chat: The Future of DevSecOps: Automating Trust at Scale
- How do we build security and compliance into fast-moving pipelines without becoming a bottleneck?
- Can trust be codified — and if so, who owns it?
- What role will automation, AI, and policy-as-code play in scaling secure development across the enterprise?
16:25

Closing Remarks

AppSec & DevSecOps Singapore schedule

Join our newsletter for all our latest news & events