How to make a Unicorn: Finding Cybersecurity Talent in the Real World


With DevOps accelerating the pace at which software is developed and deployed, it’s critical to integrate proper security thinking. Application security for DevSecOps is in high demand, and AppSec engineers have been called unicorns. In this talk we will make these mythical creatures a reality.




Franklin Mosley


As a young child, I was introduced to computers, and they became my passion. I began writing programs, and by the age of 10, I knew what I wanted to do when I “grew up” without understanding how computers and technology would influence our world in the future.

Fast forward to present times, and we live in a digitally connected world. Innovations have improved business and personal technology while increasing productivity. Unfortunately, this has also lead to opportunities for, and an increase in, cyber threats. According to a 2013 report, over 552 million identities were exposed via breaches, and there was a 62% increase in the number of breaches over the previous year.

As a 16-year experienced Information Security professional, I have helped businesses counter threats. I have assessed applications for security risks, and implemented security controls. Having also been a software engineer, in an earlier part of my career, as well as still writing code for fun and the challenges, my focus on application security is a natural place for me to practice, and has become my passion.

In recent years, I’ve become involved with, and very interested in, DevOps/DevSecOps. This way of software delivery has me looking for ways to improve processes, while still ensuring that teams are delivering secure software.