Hi [[ session.user.profile.firstName ]]

WhiteHat Security

  • Date
  • Rating
  • Views
  • Top 10 Application Security Vulnerabilities for Developers
    Top 10 Application Security Vulnerabilities for Developers
    Mark Rogan, DAST Manager, WhiteHat Security & Calvin Nguyen, Director of Product Management, WhiteHat Security Recorded: Apr 25 2019 33 mins
    Today’s applications touch millions if not billions of people on a daily basis. With virtually every business using applications to grow, they are critical to companies’ success—yet the vulnerabilities and risks associated with them continue to increase exponentially.

    To help educate the market on avoiding breaches of this nature, the experts at the WhiteHat Security Threat Research Center (TRC) have compiled a Top 10 Application Security Vulnerabilities for Developers, detailing the most common web exploits used by malicious attackers during the past 12 months.

    Join Mark Rogan from the WhiteHat Security Threat Research Center and Calvin Nguyen, Director of Product Management, as they discuss the top vulnerabilities and give valuable prevention tips for enterprises to implement.
  • [Panel] Harnessing Knowledge: The State of Enterprise Application Security
    [Panel] Harnessing Knowledge: The State of Enterprise Application Security
    Daniel Blander, Virtual Clarity (Moderator), Joseph Feiman, CSO, WhiteHat Security & Paul Farrington, CTO, Veracode EMEA Recorded: Apr 25 2019 61 mins
    As organizations strive to transform themselves for the digital economy, application development is moving further into the spotlight - and right behind it is application security.

    So in 2019, AppSec can make or break a business. Instead of being overwhelmed by this pressure, there are tools and processes on the market that can help your application both meet and exceed business and security demands.

    From infrastructure-as-code models to API security and DevOps, learn from this panel of global experts how to harness knowledge and accelerate application release cycles, improve security and transform your business.

    Moderator: Daniel Blander, Virtual Clarity
    Panelists:
    Joseph Feiman, Chief Strategy Officer, WhiteHat Security
    Paul Farrington, CTO, Veracode EMEA
  • Unbreakable API’s: Best Practices for Application Security Testing
    Unbreakable API’s: Best Practices for Application Security Testing
    Eric Sheridan, Chief Scientist, WhiteHat Security Recorded: Apr 23 2019 39 mins
    APIs are doors into your data and applications, so pausing to include security is just as important as securing web applications. In this presentation we will discuss best practices to ensure that APIs have full security coverage, and how teams can find and fix vulnerabilities before problems arise.

    We’ll also cover the inflection points for security assessment in the software development life cycle (SDLC) as they may vary depending on whether the development team is enabling APIs for legacy applications or building new API-first applications. Join us to learn best practices on when to:

    -Perform DAST of APIs for dynamic scanning, and create a plan for remediating/mitigating discovered vulnerabilities
    -Perform SCA & SAST analysis for the API implementation code within the DevOps process
    -Use secure design patterns within the enterprise application architecture
    -Implement a robust feedback loop within the SDLC to act on the findings of various scans
  • Microservices Security: It Will Get Worse Before it Gets Better
    Microservices Security: It Will Get Worse Before it Gets Better
    Eric Sheridan, Chief Scientist, WhiteHat Security Recorded: Feb 20 2019 32 mins
    For every 100KLOC, a monolithic application will have an average of 39 vulnerabilities whereas a microservice application will have an average of 180 vulnerabilities. You read that right. According to the data gathered from WhiteHat Security’s 2018 Stats Report, the transition of enterprise monolithic applications to distributed microservices architectures is actually increasing the overall average of total vulnerabilities. But why? Why is it that we seemingly continue to make the same mistakes again and again? And what does this say about the security of microservices architectures, or the developers that build them? The journey to a microservices architecture generally involves the decomposition of an already existing monolith application, wherein previous security assumptions and considerations are often questioned and sometimes invalidated.
     
    Join Eric Sheridan, Chief Scientist at WhiteHat Security, for a dive into the security trends of microservice architectures. Participants of this talk will learn…
    •Why we are seeing an increase in the number of vulnerabilities with the migration to microservices
    •The most common vulnerability classes facing applications of microservices architectures
    •Strategies that can be used to more readily find and fix vulnerabilities earlier in the development lifecycle
  • The Evolution of the Secure Software Lifecycle
    The Evolution of the Secure Software Lifecycle
    Setu Kulkarni, Vice President Strategy and Business Development, WhiteHat Security Recorded: Dec 12 2018 53 mins
    Findings from the 2018 Application Security Statistics Report on the evolution of the secure software lifecycle. WhiteHat partnered with Coalfire and NowSecure to produce the report.

    - How to measure the effectiveness of your application security investment to help mitigate overall business risk
    - How to defend your applications by evaluating how your vulnerability levels and remediation times compare with industry benchmarks
    - How to develop software more securely by partnering with the security team to adopt tools and methodologies compliant with your software development lifecycle (SDLC)

    Presented by Setu Kulkarni, Vice President Strategy and Business Development, WhiteHat Security
  • Applications are Our Crown Jewels, Will They Ever Be Secure?
    Applications are Our Crown Jewels, Will They Ever Be Secure?
    Joseph Feiman, PhD, Chief Strategy Officer and Setu Kulkarni, Vice President, Product & Corporate Strategy Recorded: Sep 25 2018 49 mins
    Applications are our crown jewels. They run our businesses, power grid, military defenses, personal & business banking, social networks, hospitals, and entertainment, and yet are they secure? No, they are most vulnerable, and tend to remain so!

    In this session, we’ll take a look at data which provides an analysis of tens of thousands of applications from 2017-2018 from approximately 900 companies both enterprise and SMB. The analysis includes global brands and local businesses, hundreds of thousands of application security tests and checks, along with an examination of code and behavior.

    Presenters:
    Joseph Feiman, PhD, Chief Strategy Officer
    Joseph Feiman is the chief strategy officer at WhiteHat Security, a leading application security provider. Feiman is responsible for WhiteHat’s overarching business strategy and vision, to further its success in empowering secure development and operations. Previously, Feiman worked for 18 years at Gartner, where he was a Gartner research vice president and fellow.

    Setu Kulkarni, Vice President, Product & Corporate Strategy
    As the Vice President of Product & Corporate Strategy, Setu is responsible for product vision, strategy, and direction at WhiteHat Security. Setu joined the WhiteHat leadership team in early 2016 after a 10+ year stint at TIBCO Software Inc., where he most recently led product management and strategy for the Operational Intelligence product portfolio.
  • Mining AppSec Analytics to Manage Your Biggest Cyber Threat Vector
    Mining AppSec Analytics to Manage Your Biggest Cyber Threat Vector
    Setu Kulkarni, VP, Strategy & Business Development Recorded: Jul 19 2018 45 mins
    From development to DevOps to SecOps, and from day to day management to the Board of Directors, application security analytics are a necessity to drive action across your organization. We’ll discuss a crawl, walk, run approach including basic reporting, vulnerability management, CI/CD integration, and using analytics tools. You’ll learn how to mine your application security data to manage your biggest cybersecurity threat vector.

    About the Presenter:
    Setu Kulkarni is the VP, Strategy & Business Development for WhiteHat Security. Setu joined the WhiteHat leadership team in early 2016 after a 10+ year stint at TIBCO Software Inc., where he most recently led product management and strategy for the Operational Intelligence product portfolio. During his many years at TIBCO, he led a variety of strategic and operational initiatives – building the SOA platform for the Integration and BPM businesses, building the business launch platform for TIBCO’s cloud business, mainstreaming the LogLogic acquisition, and developing the next-gen ITOA offering. He earned an engineering degree in computer science and engineering from Visvesvaraya Technological University, India.
  • Mitigating the Risk of IoT with Application Security Testing
    Mitigating the Risk of IoT with Application Security Testing
    Jeannie Warner, Security Manager, WhiteHat Security Recorded: Jun 13 2018 25 mins
    IoT is made up of Microservices and APIs, making them quick to implement and churn out into production. But are they secure? We will look at the challenges a user of the IoT should be aware of, and what checklists can a programmer use for best practices in IoT development.
  • The Rise of Ransomware: Will the Trend Continue?
    The Rise of Ransomware: Will the Trend Continue?
    Jessica Marie, Security Evangelist, WhiteHat Security Recorded: Mar 20 2018 37 mins
    In the past year, we’ve seen a litany of ransomware attacks – Petya, WannaCry, Bad Rabbit and many others. Everything from small businesses to large scale cyber-attacks against large financial and healthcare companies have been impacted.

    The issue with Ransomware isn’t new. This type of exploit has existed for some time, leaving systems across the world inaccessible with messages that no one wants to see: ‘pay me or else’. Ransomware is an issue but one that can be avoided if companies take the right approach.

    Will this trend continue in 2018? Join Jessica Marie, Security Evangelist at WhiteHat Security to learn the ways you can protect your organization against ransomware.

    Register for this webinar to learn:
    • What to look for in ransomware attacks
    • Training recommendations for both development and security organizations
    • The importance of system backups
    • How to test your web applications for vulnerabilities that would allow outsiders to upload malicious files
  • Mapping and Securing Data Flows Across Your Ecosystem
    Mapping and Securing Data Flows Across Your Ecosystem
    Jeannie Warner, Security Manager, WhiteHat Security and Kurt Risley, Security Architect Recorded: Jan 16 2018 30 mins
    GDPR is coming and anyone doing business with the EU will need a Data Officer to determine their data strategy.

    With a third of all attacks coming in against web applications, mapping the data flows through those applications is required to satisfy due diligence in securing your customer data, EU citizen data, and is a good exercise in general to protect your own intellectual property.

    In this talk, Jeannie Warner, Security Manager and Kurt Risley, Security Architect at WhiteHat Security will offer best application security practices for data in the following categories:

    - Data Classification - how secure does it need to be?
    - Data Categorization - which regulations will apply?
    - Data Rules - what kinds of repeatable policies should be applied?
    - Data Mapping - identify the flow from database to applications to client apps via APIs
    - Data Securing - showing the best practices for securing the applications by use cases

Embed in website or blog