Webinar |


Speakers: Patrick spencer, derek rogerson, erik costlow


Listen to this webinar to learn how the new NIST revisions will significantly impact your application security strategy in our webinar, “NIST Application Security Revisions You Need to Know.”

We’ll discuss how NIST SP 800-53 Revision 5 contains two new IAST and RASP standards impact security teams and developers:

  • SA-11(9): “Require the developer of the system, system component, or system service to employ interactive application security testing tools to identify flaws and document the results.”
  • SI-7(17): “Implement [Assignment: organization-defined controls] for application self-protection at runtime.”

In this moderated webinar, we will cover a number of AppSec and DevOps questions, including:

  • What do each of these really mean?
  • What do security teams need to do to comply?
  • What do developers need to do to comply?
  • How is instrumentation the link between the two and what does this mean?
  • What benefits will security teams and developers realize from each?
  • And much more …

Our two presenters will be joined by the Editor in Chief for Contrast’s Inside AppSec Podcast, Patrick Spencer, who will the above questions and others with our expert panel. You’ll walk away knowing how you can become compliant quickly and easily.



On Demand Webinar


Erik Costlow

Developer Relations

Erik Costlow was Oracle’s Principal Product Manager for Java 8 and 9, focused on security and performance. His security expertise involves threat modeling, code analysis, and instrumentation of security sensors. He is working to broaden this approach to security with Contrast Security. Before becoming involved in technology, Erik was a circus performer who juggled fire on a three-wheel vertical unicycle.

Cropped Photo_Patrick(1)

Patrick Spencer

Editor in Chief, Inside AppSec Podcast

Patrick Spencer (Ph.D.) leads the content marketing and PR/Communications team at Contrast. He has nearly a decade and a half of experience in various senior marketing roles within the cybersecurity sector and is the recipient of numerous corporate and industry awards. After leaving the corporate world to start his own agency several years. Patrick’s roots in cybersecurity go back to Symantec, where he served as the editor in chief for CIO Digest, an award-winning digital and print publication containing strategies and insights for the technology executive. In addition to the above roles, Patrick has also served in various senior- and executive-level marketing capacities at several SaaS-based marketing companies.

Derek Rogerson Headshot

Derek Rogerson

Product Marketing

Derek represents the Contrast Protect (RASP) solution at Contrast Security. Derek has observed the evolution of security technologies and the threat landscape throughout this past decade as a senior member of the Symantec Security Response STAR Enterprise team protecting the F500 across important verticals like Finance, Healthcare, and Telecommunications and Internet. He has also matched SMBs and SOCs with Managed Security Services (MDR, Managed EDR, and Intel) to help the modern business find the best threat protection, detection, and alerting security solutions for every environment.