Hi [[ session.user.profile.firstName ]]

Synopsys - Software Integrity Group Webcasts

  • Date
  • Rating
  • Views
  • Getting Application Security Up to Speed with DevOps
    Getting Application Security Up to Speed with DevOps Scott Crawford, Research Director of Information Security with 451 Research, Meera Subbarao with Synopsys, Recorded: Oct 10 2017 58 mins
    The DevOps revolution continues to advance – and security must advance with it. Too often, however, approaches to application security remain stuck in the past. Throwing security assessment results over the fence to developers never really worked, and it certainly won’t survive the transition to DevOps and CI/CD, where agile techniques and automation set a demanding pace.

    In this webinar, Scott Crawford, Research Director of Information Security with 451 Research, and Meera Subbarao with Synopsys, will highlight:

    •The many points of opportunity DevOps present to engage in real collaboration across security, development and operations teams (it’s not just about testing!)
    •How DevOps introduces opportunities to “shift left” with the security investment, and reduce the cost impact of security remediation and response
    •Where and how security efforts can capitalize on automation and integration with DevOps toolsets
    •Sourcing expertise: Security and development both require specialized expertise. Security in DevOps requires a unique mix of both. How can you find it?
  • Silver Bullet Podcast #138 with Nicole Perlroth
    Silver Bullet Podcast #138 with Nicole Perlroth Gary McGraw Recorded: Sep 29 2017 32 mins
    Nicole Perlroth covers cyber security for the New York Times. Before joining the San Francisco bureau in 2011, she was deputy editor at Forbes where she covered venture capital and web start-ups. Nicole is the recipient of several journalism awards for her reporting on efforts by the chinese government to steal military and industrial trade secrets. She is currently working on a cyber security book, This Is How They Tell Me the World Ends for Penguin/Portfolio (2017). She holds a B.A. in Politics and Near Eastern Studies from Princeton and a M.A. in Journalism from Stanford. She’s a native of the Bay Area where she still lives.

    Listen as Gary and Nicole talk about life as a cyber security journalist, being a woman in the security industry, and playing up the sex appeal of cyber security.
  • Silver Bullet Podcast #137 with Wafaa Mamilli
    Silver Bullet Podcast #137 with Wafaa Mamilli Gary McGraw Recorded: Aug 30 2017 32 mins
    Wafaa Mamilli is Vice President, Chief Information Security Officer (CISO) at Eli Lilly and Company where she leads a global, enterprise-wide information and product security organization. She started her career consulting in Paris prior to joining Lilly France in 1995. Before being named CISO, Wafaa held several international leadership responsibilities across Lilly, including a stint as Information Officer of their diabetes division.
  • Systems Failures Fuel Security-Focused Design Practices
    Systems Failures Fuel Security-Focused Design Practices Christopher Rommel, Executive Vice President, VDC Research and Joe Jarzombek,Security Strategist, Synopsys Recorded: Aug 2 2017 47 mins
    Today’s electronic systems are more intelligent, more connected, and more at risk than ever before. A single vulnerability can lead to widespread system-of-systems compromises. Organizations participating in security-critical industries like Aerospace and Defense (A&D) are especially at risk.

    In this webinar, Christopher Rommel from VDC and Joe Jarzombek from Synopsys will discuss the results from a recent report highlighting issues facing these organizations. They will also identify what considerations need to be made for the security of software that enables and controls system functionality.

    This webinar will explore:
    • The importance of quality and security in current projects
    • The amount of code re-use from previous projects
    • How automated quality and security testing tools can integrate into your current SDLC
  • Silver Bullet Podcast #136 with Pavi Ramamurthy
    Silver Bullet Podcast #136 with Pavi Ramamurthy Gary McGraw Recorded: Jul 31 2017 32 mins
    Pavi Ramamurthy manages the security ecosystem at LinkedIn as a Senior Information Security Manager. The Security Ecosystem team holds much of the responsibility for software security at the firm, including: software security training, awareness, bug herding, application vulnerability response, program management, and security positioning for partners and customers. Pavi has over 20 years of experience in software engineering and development, coupled with 10 years of hands on security experience. She has also worked in various capacities at VMware, Determina, Vitria Technology, and 3Com. Pavi holds an MS in Computer Engineering from Santa Clara University and she lives in Silicon Valley with her family.

    Listen as Pavi and Gary discuss whether a background in development makes you a better software security resource, CI/CD, security testing, the role that office hours play in software security awareness, and more.
  • The Side Effects of the Internet of Things
    The Side Effects of the Internet of Things Chenxi Wang, ITSPmagazine | Ted Harrington, ISE | Gary Hayslip, Webroot | Mike Ahmadi, Synopsys Recorded: Jul 25 2017 43 mins
    - Broadcast LIVE from Las Vegas during Black Hat 2017 -
    Innovation is moving so fast. Each day there's a new device or technological service to hit the market designed to make our lives easier, more convenient, and perhaps even healthier. They listen to us, watch us, learn about us. They help us make decisions. They “guess” our next move - our pending desire. They make decisions - even take action on our behalf. As a society we snatch up these new devices as quickly as they hit the shelves and use them with open arms, unknowingly putting our privacy and safety at risk.

    How many devices are there? What are they used for? In this session, we’ll focus on the side effects associated with devices used to run our countries, our cities, our homes, our lives - even our physical being.

    Ultimately, it’s about the lack of cybersecurity - because there is a lack of cybersecurity, there’s no conversation about it, and therefore there is no understanding (awareness) of what’s at risk for using these devices. It’s not necessarily a bad thing - but the fact we are making uninformed decisions as a society means we could be putting ourselves and our loved ones at risk without even knowing it.

    This panel is part 1 of 2 parts - it’s all about the lack of security and the side effects it has on us as individuals and as a society. What are we trading in exchange for using these devices to make our lives “better”? Bottom line... are you (we) surrendering to the technology?

    PANELISTS
    - Ted Harrington, Executive Partner at Independent Security Evaluators
    - Gary Hayslip, Vice President & CISO, Webroot
    - Mike Ahmadi, Director of Critical Systems Security, Synopsys Software Integrity Group

    MODERATOR
    - Chenxi Wang, Host of The New Factor on ITSPmagazine
  • State of Software Composition 2017 - What's in your app?
    State of Software Composition 2017 - What's in your app? Robert Vamosi, CISSP and Security Strategist at Synopsys Recorded: Jul 12 2017 34 mins
    So much of the software today is created using third-party code, and why not? After all, it’s quicker and cheaper than building from scratch. Using third-party software, however, isn’t without challenges as the recent report The State of Software Composition Analysis 2017 reveals. In this webinar, the presenters will not only share highlights from this report, but they’ll also explore:

    •The use of trusted repositories for open source software, preferably from the source.
    •The use of SCA to monitor the ongoing state of software decay.
    •The need to update third-party software libraries as appropriate throughout the lifecycle.
  • What You Need To Know About Petya/NotPetya & Cyber Attack Protection
    What You Need To Know About Petya/NotPetya & Cyber Attack Protection Eric Hanselman (451 Research), May Wang (ZingBox), Ted Harrington (ISE), Mike Ahmadi (Synopsys) Recorded: Jul 11 2017 59 mins
    Another widespread cyber attack in late June wreaked havoc across businesses, organizations, banks, government agencies, utility companies, shipping companies, and even power plants. Was this a ransomware attack or something more sinister?

    Join this panel of industry leaders and security experts for an interactive session on:
    - Why cybersecurity is a key focus for enterprises and organizations worldwide
    - Why ransomware protection is more crucial than ever
    - How to best prepare against future cyber attacks
    - Steps your organization should take today to ensure data security. Short term steps and long-term strategy

    Speakers:
    - May Wang, Co-founder & CTO of ZingBox
    - Ted Harrington, Executive Partner at Independent Security Evaluators
    - Mike Ahmadi, Director of Critical Systems Security, Synopsys Software Integrity Group

    Moderator:
    - Eric Hanselman, Chief Analyst at 451 Research
  • Silver Bullet Podcast #135 with Ksenia Dmitrieva-Peguero
    Silver Bullet Podcast #135 with Ksenia Dmitrieva-Peguero Gary McGraw Recorded: Jun 29 2017 26 mins
    Ksenia Dmitrieva-Peguero is a Principal Consultant within Synopsys’ Software Integrity Group. She is a subject matter expert in a variety of software security practices including static analysis tool design and execution, customization, and deployment. She is also an expert in the areas of penetration testing and threat modeling. Throughout her career as a consultant, Ksenia has established and evolved secure coding guidance and best practices for many different firms, and has delivered numerous software security training sessions. She speaks regularly at events around the world on topics such as HTML5, CSP, and JavaScript. Ksenia holds degrees in Education and Computer Science from Clemson University, and an MS in Computer Science from George Washington University. She lives in Virginia with her husband and newborn daughter.

    Listen as Gary and Ksenia discuss software security awareness, AngularJS, security conferences, and more.
  • Medical Device Security: An Industry Under Attack and Unprepared to Defend
    Medical Device Security: An Industry Under Attack and Unprepared to Defend Larry Ponemon, Chairman of Ponemon Institute & Mike Ahmadi, Director of Critical Systems Security of Synopsys Recorded: Jun 21 2017 49 mins
    A recent survey commissioned by Synopsys was designed to understand the risks to clinicians and patients due to insecure medical devices. The resulting report identified some expected findings, but others were extremely surprising. For instance, 67% of medical device manufacturers and 56% of healthcare delivery organizations believe an attack on a medical device built or in use by their organization is likely to occur over the next 12 months. Join Larry Ponemon of the Ponemon Institute and Mike Ahmadi of Synopsys as they discuss report highlights. They will also provide insight and predictions regarding the future of security in the medical device and healthcare industries.

Embed in website or blog