Hi [[ session.user.profile.firstName ]]


  • Date
  • Rating
  • Views
  • Collaborative Defense—Bringing Business & Security Together for Resiliency
    Collaborative Defense—Bringing Business & Security Together for Resiliency
    Mike Brown, RADM, USN (Ret), former Director, Cybersecurity Coordination for DHS and DOD; Ernesto DiGiambattista, CEO, CYBRIC Recorded: Feb 26 2019 37 mins
    Defending your applications, infrastructure and network is constant in today’s persistent threat environment. Organizations can’t do it alone and the tools of detection, defense and response can no longer work in isolation of each other. Resiliency and collaboration are topical, consistent themes, reinforced by the innovation coming out of the cybersecurity industry. But what does this really mean for IT, security and development teams day-to-day?

    Join Mike Brown, RADM, USN (Ret), former Director, Cybersecurity Coordination for DHS and DOD for a discussion on industry direction, the type of collaboration that can yield immediate results to teams and the criticality of protecting application infrastructure.

    Michael Brown is Founder & President, Spinnaker Security LLC, a cybersecurity consultancy focused on understanding, identifying and mitigating business risks associated with cybersecurity. Brown brings executive leadership, including crisis management, from both public and private sector experiences. Prior, he was President, RSA Federal LLC and VP/GM Global Public Sector of RSA Security LLC. Responsibilities also included RSA Information Technology, Security and Enterprise Risk Mgmt portfolios.

    Brown joined RSA after over 31 years in the US Navy. Brown’s last position on active duty was as Dir, Cybersecurity Coordination for DHS, responsible for increasing interdepartmental collaboration in strategic planning for the Nation’s cybersecurity, mutual support for cybersecurity capabilities development, and synchronization of current operational cybersecurity mission activities for the Depts of Defense and Homeland Security. He also served as DHS Deputy Asst Secretary, Cybersecurity & Comms, Acting Asst Secretary, Cybersecurity & Comms and as Asst Deputy Dir Joint Interagency Task Force for the Office of the Dir of National Intelligence. Brown also had various leadership positions, including command of the Naval Information Warfare Activity.
  • Getting Started with DevSecOps
    Getting Started with DevSecOps
    Andrei Bezdedeanu, VP of Engineering, CYBRIC Recorded: Jan 10 2019 31 mins
    Collaboration between development and security teams is key to DevSecOps transformation and involves both cultural and technological shifts. The challenges associated with adoption can be mitigated by empowering developers with the appropriate security tools and processes, automation and orchestration.

    In this video, Andrei Bezdedeanu, CYBRIC VP of Engineering, discusses how to get started with DevSecOps and the resulting benefits, including the delivery of more secure applications, lower cost of managing your security posture and full visibility into application and enterprise risks. He will also review the challenges, enablers and benefits to DevOps and DevSecOps and review key concepts such as DevOps vs SecOps and automation and orchestration.

    You will learn:
    • How to seamlessly automate and orchestrate security across the entire SDLC.
    • The foundation of DevSecOps, and the application development and deployment processes.
    • How to remove the cultural differences between DevOps and SecOps teams to make way for collaboration.
  • Holistic, Continuous Visibility into Application Security Risk
    Holistic, Continuous Visibility into Application Security Risk
    CYBRIC Recorded: May 29 2018 2 mins
    From code commit to application delivery, the CYBRIC platform orchestrates and automates static and dynamic security testing and analysis, continuously, for a holistic view of your application security risk. Without impacting development velocity. Because security should never be a barrier to innovation. Learn how in just 1.5 minutes
  • Innovator Cytobank Keeps Data Safe with DevSecOps: a Case Study
    Innovator Cytobank Keeps Data Safe with DevSecOps: a Case Study
    Ken Stineman, Security Lead, Cytobank Recorded: Mar 8 2018 44 mins
    For organizations that handle sensitive data, it’s critical to maintain the highest security standards. Like most organizations today, biomedical research platform Cytobank used a manual security approach across its existing tools—including Brakeman, Nmap, Nikto and Qualys—to ensure its AWS-hosted platform was meeting regulatory compliance. But this approach was cumbersome, not scalable and overburdened resources. Further, it did not guarantee security was fully integrated into development.

    In this case study webinar, learn how Cytobank is using CYBRIC’s innovative continuous application security platform to:
    • Consolidate existing, disparate security testing tools; automate and schedule routine scans
    • Free up engineers and DevOps teams to focus on technology initiatives via automated testing, issue notification and vulnerability prioritization
    • Ensure confidence in the Cytobank platform’s security posture

    Guest Presenter:
    Ken Stineman is a software technology, privacy and cybersecurity leader with more than 25 years of experience. He is the founder of Double Helix LLC, a consulting firm that provides advisory and technology services to healthcare and software-as-a-service companies in the field of precision and personalized medicine. Ken serves as a security advisor to Cytobank, Inc. the leading provider of cloud-based analysis platform for collaborative biomedical research and analysis. He has advised multiple healthcare and software companies in information privacy and security, served as the head of Information Technology, Privacy, and Security at Genomic Health, held leadership positions at Incyte Corporation and Synteni, Inc., and was a senior performance engineer at Intel Corporation.
  • DevSecOps from Cradle to Scale: Real-World Lessons and Success Cases
    DevSecOps from Cradle to Scale: Real-World Lessons and Success Cases
    Dr. Chenxi Wang, Founder of The Jane Bond Project & Vice Chair, Board of Directors, OWASP Recorded: Feb 8 2018 52 mins
    Many businesses today are harnessing the tools and promise of DevOps or Agile to drive innovation. Everything from new website capabilities to entirely new products are fair game in this revolution. However, the majority of security tools and processes are not inherently designed to be integrated in this new world, which is limiting the results new developments can bring.

    In this webinar, Dr. Chenxi Wang, founder of cybersecurity consultancy the Jane Bond Project and Vice Chair of the Board of Directors of OWASP, and CYBRIC will discuss:
    • How to effectively integrate security into your DevOps process
    • How to integrate it at scale
    • Real-world examples of business results using this approach

    CYBRIC and Chenxi will also cover where to get started with "DevSecOps," what metrics to use and what security at scale can mean for businesses.

    Guest Presenter:
    Dr. Chenxi Wang is founder of The Jane Bond Project, and a founding partner in 360Velocity, a strategic Cybersecurity consultancy. She is Vice Chair of the Board of Directors of OWASP, a strategic advisor for IT Security Planet and serves on the advisory board of various start-ups. Previously, Chenxi served as the Chief Strategy Officer at Twistlock, responsible for corporate strategy and thought leadership. Chenxi is the 2016 & 2017 program co-chair for Security & Privacy at the Grace Hopper Conference and named by SC Magazine as a 2016 Women of Influence. Prior to Twistlock, Chenxi built an illustrious career at Forrester Research, Intel Security and CipherCloud. At Forrester, Chenxi covered mobile, cloud, and enterprise security, and wrote many hard-hitting research papers. At Intel Security, she led the ubiquity strategy that spans both hardware and software platforms. Chenxi started her career as a faculty member of Computer Engineering at Carnegie Mellon University.
  • Needed Now: An Enterprise Cyber Threat Survival Kit
    Needed Now: An Enterprise Cyber Threat Survival Kit
    Swapnil Deshmukh, a Sr. Director of Emerging Technologies Security at Visa Recorded: Dec 12 2017 42 mins
    DevSecOps experts from Visa and CYBRIC discuss cyber threat survival. With rapid innovation and continuous delivery via DevOps, organizations are exposed to a constant threat and to catalyze it, threats are evolving rapidly. Equifax was recently the target of perhaps the most critical data breach ever. Hackers exploited a vulnerability in an open-source software package that allowed them to exfiltrate sensitive information on half of the US population.

    How can we protect ourselves against such breaches?

    Organizations need to seamlessly embed continuous security within existing ecosystems, to enforce continuous security and orchestration within the production environment. In this webinar, Swapnil Deshmukh, a Sr. Director of Emerging Technologies Security at Visa discusses the cultural changes needed for an enterprise to imbibe and deliver continuous security, including:

    • Coverage: Ensure proper metrics, analytics and reporting are in place to measure the effectiveness of existing security tools and processes; have an up-to-date inventory and complete coverage of all code published in production at any given point.
    • Continuous Monitoring: Broadly applied, continuous monitoring can provide network traffic visibility. This, coupled with behavioral analysis and anomaly detection, builds necessary trustworthiness into the information systems supporting the organization’s key control missions.
    • Feedback Loop: A constant feedback loop from security technology stacks is critical for overall maturity of the security operation center.

    Guest Presenter:
    Swapnil Deshmukh is a Sr. Director of Emerging Technologies Security at Visa. His team is responsible for attesting security for emerging technologies. He’s coauthored the Hacking Exposed series, is a member of OWASP and has helped Fortune 500 companies build secure operations centers.
  • Fuel Innovation & Streamline Security: A Real-World DevSecOps Transformation
    Fuel Innovation & Streamline Security: A Real-World DevSecOps Transformation
    Jim Rutt, CIO, The Dana Foundation Recorded: Nov 10 2017 23 mins
    Forward-looking organizations are increasing innovation velocity, modernizing development while trying to stay ahead of the constantly changing threat landscape. The Dana Foundation is one such organization. Committed to advancing brain research, The Foundation needed to transition to the cloud to drive efficiency and more effectively manage risk. With this shift, Dana moved from waterfall to DevOps but CIO Jim Rutt had to ensure they still maintained the organization’s strict security posture.

    In this webinar you will learn how The Dana Foundation is using Cybric’s innovative software security assurance platform to:
    • Complete its move from Waterfall to DevOps methodology while embedding security earlier in the development process.
    • Simplify security testing onto one platform vs. run manually by siloed functions.
    • Gain full visibility of security across the development lifecycle.

Embed in website or blog