Hi [[ session.user.profile.firstName ]]

Security Compass

  • Date
  • Rating
  • Views
  • SD Elements and ThreadFix: A Powerful Integration for Application Security
    SD Elements and ThreadFix: A Powerful Integration for Application Security
    Shane Parfitt and Dan Cornell Recorded: Nov 17 2016 45 mins
    Effective application security programs both highlight security requirements early in the development process and manage vulnerabilities throughout the development lifecycle. This webinar demonstrates how the SD Elements security requirements automation system can be integrated with the ThreadFix vulnerability resolution platform to provide end-to-end tracking throughout the SDLC. The combination increases both developer and security team productivity by providing a seamless way to enumerate security specifications and track development teams success in meeting these obligations, and the presentation provides insight into how the integrated system reduces the cost of developing and maintaining secure applications.
  • State of DDoS Mitigation: Testing Shows Most Businesses Aren't Ready
    State of DDoS Mitigation: Testing Shows Most Businesses Aren't Ready
    Sahba Kazerooni Recorded: Nov 7 2016 27 mins
    DDoS Strike recently released the “State of DDoS Mitigation” report, with findings based on authorized DDoS tests on numerous companies in the telecom, tech, financial, and entertainment sectors. Despite having enterprise-level DDoS mitigation technology in place, virtually all of the targets were compromised, revealing common vulnerabilities and oversights in DDoS defenses.

    Major findings included:

    95% of targets experienced service degradation
    78% of targets were unable to mitigate an attack
    70% of targets needed non-technical improvements (people and process)
    95% of targets needed rate limit tuning
    Application layer attacks were the most successful and caused the longest downtime
    Average bandwidth to cause downtime was only 4.3 GB/s
    While problems were pervasive, the vast majority were fixable, and arose from misunderstandings about the nature of DDoS attacks and how to use DDoS mitigation technology and techniques.

    In this webinar, DDoS Strike Vice President Sahba Kazerooni will dig into the report and explain how and why so many DDoS defences fail. Then he’ll explain what businesses can do to catch up and be ready when hit with a real DDoS attack.
  • AppSec Beyond Scanners
    AppSec Beyond Scanners
    Shane Parfitt Recorded: Oct 31 2016 22 mins
    Many application security teams scramble to pinpoint vulnerabilities and flaws during the testing and release stages while managing limited security resources, a multitude of compliance regulations and surprise feature requests. Although these teams are trying to follow the right application security practices, they're being left in the dark, over-worked and most importantly applications are being shipped with fragmented security. The common denominator we have experienced with our customers is reliance on dynamic and static testing tools during the final stages of the lifecycle, ignoring the benefits of building security in during the first stage of the software development lifecycle: Requirements.
  • Testing Reveals Five Common Pitfalls in DDoS Mitigation
    Testing Reveals Five Common Pitfalls in DDoS Mitigation
    Sahba Kazerooni Recorded: May 31 2016 46 mins
    Join DDoS Strike Vice President Sahba Kazerooni for an analysis of the most common vulnerabilities in DDoS mitigation, based on real data gathered from testing live production environments.

Embed in website or blog