Hi [[ session.user.profile.firstName ]]


  • Date
  • Rating
  • Views
  • Reducing Risks by Mitigating Vulnerabilities Reducing Risks by Mitigating Vulnerabilities Craig Hinkley, WhiteHat Security; Preston Hogue, F5 Networks Recorded: Nov 16 2016 50 mins
    Build an Active Application Defense System
    Web applications accounted for an astounding 40% of last year’s security breaches. The challenges of securing legacy systems, third-party apps, and the extensive shadow IT landscape can be challenging, to put it mildly.

    But here’s the good news: The combined F5 and WhiteHat Security approach to web application security represents a powerful new way for organizations to defend against application-level attacks.

    Companies are constantly developing new applications, and it’s expensive to stop and patch as soon as a new vulnerability is found. Additionally, it may not be practical to remediate every finding due to issues with legacy code, third-party integrations, or other inherited limitations.

    But the integration of F5 Networks and WhiteHat Security technology helps you more quickly identify and remediate vulnerabilities in your web applications. By automating updates to the web application firewall, you can ease the burden of management and reduce costs, while ensuring that your security posture remains strong.
  • Software Security Resurgent: Preventing the Unthinkable Software Security Resurgent: Preventing the Unthinkable Scott Crawford, 451 Research; Demetrios (Laz) Lazarikos vArmour; Mike Goldgof, WhiteHat Security Recorded: Oct 11 2016 55 mins
    Think you understand software security? Think again. If you thought the growth of mobile was explosive, wait until you wade into the brave new world of IoT endpoints, where the security of the software running everything from industries, utilities and transportation to your own home will be the front line of defense.

    Join us as 451’s Scott Crawford, vArmour's CISO Demetrios (Laz) Lazarikos, and WhiteHat Security’s Mike Goldgof discuss the new dynamics shaping software security, and the advantages of integrating security throughout the Software Development Life Cycle (SDLC). You’ll learn:

    · How software security takes on today’s threat landscape

    · What the evolution of DevOps and Continuous Integration mean for security

    · Software security’s pivotal role in securing the emerging universe of IoT

    · The benefits of security throughout the SDLC (in both dollars and productivity) from secure source to operations, and what to look for in shaping an enterprise strategy
  • Defeating Cybercrime: Continuous Application Security for Financial Services Defeating Cybercrime: Continuous Application Security for Financial Services Bill Fearnley, Research Director, IDC Research Inc., Mike Goldgof, Vice President, Product Marketing, WhiteHat Security Recorded: Sep 15 2016 55 mins
    In this session, we discuss cybercrime trends in financial services, and how a continuous application security assessment program can help financial service organizations improve their security posture and mitigate risk.
  • Thwarting Cybercrime in Healthcare with Continuous AppSec Testing Thwarting Cybercrime in Healthcare with Continuous AppSec Testing Lynne Dunbrack, IDC Health Insights; Michael Goldgof, WhiteHat Security Recorded: Aug 17 2016 55 mins
    Healthcare organizations are increasingly vulnerable to devastating cybercrime attacks on a daily basis. Web applications in healthcare are particularly exposed to such attacks. This webcast will explore how continuous application security assessment-as-a-service which combines machine and human intelligence can help healthcare organizations improve their security and risk posture.

    Please join us as IDC’s Lynne Dunbrack and WhiteHat Security’s Mike Goldgof discuss the role of application security in healthcare. You will learn:

    - Today’s cyberthreat landscape in the healthcare industry
    - Relevant security regulations for healthcare: HIPAA, Breach Notification IFR, HITECH Act, and more
    - Vulnerability statistics for healthcare organizations
    - How continuous application security testing can help your security and risk posture
  • WhiteHat Security's 2016 Web Applications Security Stats Report Explained WhiteHat Security's 2016 Web Applications Security Stats Report Explained Ryan O'Leary, VP Threat Research Center & Technical Support, and Tamir Hardof, CMO, WhiteHat Security Recorded: Jul 19 2016 50 mins
    In this insightful and data-rich one-hour webinar Ryan O'Leary, Vice President of WhiteHat Security's Threat Research Center and Technical Support, and Tamir Hardof, Chief Marketing Officer, will present findings from our 2016 Web Applications Security Statistics Report.

    The Report, compiled using data collected from tens of thousands of websites, reveals that on average the majority of web applications exhibit two or more serious vulnerabilities per application for every industry at any given point in time. We will provide unique perspectives on the state of website security. Data by industry will be presented and accompanied by expert analysis and recommendations.

    Why Attend

    - Learn which industries declined, improved, or greatly improved their remediation rates
    - Learn how many vulnerabilities are typically remediated and the average time to resolve
    - Learn why knowing your risk rating can help you prioritize which vulns to fix first
    - Discover the 3 most common web application vulnerabilities
  • Top 10 Web Hacking Techniques of 2015 Top 10 Web Hacking Techniques of 2015 Johnathan Kuskos Recorded: Jun 15 2016 41 mins
    The Top 10 Web Hacks Webinar, now in its tenth year, represents exhaustive research conducted by a panel of experienced security industry professionals. Johnathan Kuskos, TRC Manager for WhiteHat Security will discuss the latest and most insidious web-based attacks of the year.

    In this webinar, you will learn:
    - The top web hacks, ranked by your peers and a panel of industry experts
    - How to protect your organization against these attacks
    - Industry wide research on new advanced attack techniques
  • 15 Years of Web Security: The Rebellious Teenage Years 15 Years of Web Security: The Rebellious Teenage Years Ryan O'Leary, VP Threat Research Center, WhiteHat Security Recorded: May 18 2016 52 mins
    Fifteen years ago, WhiteHat Security was founded to help secure the web by enabling organizations to find and fix application vulnerabilities before the bad guys could exploit them. With the knowledge and perspective that comes from being an application security leader, Ryan O'Leary, VP of WhiteHat's Threat Research Center, will provide perspectives on:

    - How the types of threat actors have changed and what they now target
    - The intersection of security guarantees and cyber-insurance
    - Easing the burden of vulnerability remediation
    - Measuring the impact of SDLC security controls
    - Addressing the application security skill shortage
  • Hack the Attack: Web App Defense Crash Course Hack the Attack: Web App Defense Crash Course Kimberly Chung Recorded: Apr 14 2016 58 mins
    Participate in this comprehensive; one-hour Crash Course webinar to get an in-depth understanding of the most common vulnerabilities targeted by hackers and critical defense tactics necessary to safeguard your apps from being exploited.

    Topics Covered

    - Preparing for an attack: Information Leakage / Fingerprinting, Insufficient Transport Layer Protection

    - Abusing a user’s trust for a site: Cross Site Scripting, Content Spoofing

    - Abusing an applications trust for its users and its own browsers: Cross Site Request Forgery

    WhiteHat Security is the pioneer in application and web site security, and a security expert from our Threat Research Center (TRC) will lead this course.
  • Vulnerability Discovery: Booking Zero Dollar Travel Via a Site Vulnerability Discovery: Booking Zero Dollar Travel Via a Site Andrew Tieu, Application Security Engineer Recorded: Mar 24 2016 19 mins
    This presentation will demonstrate the value of manual business logic assessments and provide an example of an abuse of functionality vulnerability identified on a travel booking website. The speaker will provide a real life instance that allowed a user to book zero dollar or negative values for reservations for hotel rooms, entertainment, and restaurants. He will also cover best practices on how to protect your website against abuse of functionality vulnerabilities.

    The speaker will cover the business impact of the Abuse of Functionality vulnerability including:

    - How users were being given full control over the amount they paid for events.

    - Resulting event costs

    - How this vulnerability created a significant loss for the business
  • PCI DSS 3.1 Crash Course - Part II PCI DSS 3.1 Crash Course - Part II Asma Zubair, Director Product Management Recorded: Feb 17 2016 27 mins
    The Payment Card Industry Data Security Standard (PCI DSS) is continuously changing to protect user data from exposure. The most recent version, 3.1 will remain active until December 31, 2017. 
    WhiteHat Security recently held a webinar on the top 11 changes in 3.1 that would affect your application security program and the recommended activities to achieve and maintain compliance. There was a great turn out and even better level of engagement. As such, this webinar will be addressing the great questions raised in Part I to provide a deeper understanding of PCI DSS and its requirements.