Hi [[ session.user.profile.firstName ]]

Contrast Security

  • Date
  • Rating
  • Views
  • The DevSecOps Journey: Why It Starts with Agile DevOps & App Security
    The DevSecOps Journey: Why It Starts with Agile DevOps & App Security
    Jaweed Metz, Principal, Products at Contrast Security Recorded: Sep 18 2018 45 mins
    DevSecOps is best viewed as a journey that enlightened organizations are starting to embark on.

    The major constituent to consider on this journey is ensuring that organizations defenses have been properly configured, implemented and operated–to that end, application security testing is of paramount importance. As businesses strive to rapidly release code in order to satisfy customer demands and gain a competitive advantage,security must work in tandem with Agile DevOps processes.

    Traditionally, security has been an afterthought, or at the very least introduced late into the release process.Hence, security has been viewed as an impediment to high velocity Agile DevOps processes and becoming a primary bottleneck in the software delivery pipeline.This can cause major contention and distrust between development and security teams–but that doesn’t need to be the case.

    Cyber threats are continuous–so shouldn’t development and security practitioners work in tandem in order to deliver and deploy code securely and continuously?The cultural, differences between development and security teams needs to be addressed and a unified approach established in order to integrate security as early as possible.Automated application security addresses these cultural, technical and process issues.

    This webinar will highlight how modern, automated application security tools can help weave security into the code continuously and accurately throughout the SDLC.Automated application security enables the real-time identification and response to new attacks and vulnerabilities that emerge in custom and third party code. Additionally, we will discuss how integrated application security unites developers and security practitioners with the tools they are already using so that they can work even more effectively.
  • Embedding Security in a Modern DevOps Pipeline – A Customer Perspective
    Embedding Security in a Modern DevOps Pipeline – A Customer Perspective
    Julie Chickillo, Brandon Grady, Ben Finke, from Beeline Recorded: Aug 29 2018 60 mins
    The adoption of a continuous integration & delivery (CI/CD) pipeline has fundamentally transformed how software is developed and supported. This modern DevOps pipeline has dramatically increased the pace of software release cycles and driven new innovations throughout the software industry. Hear directly from a customer’s unique perspective on how Beeline(the world leader in contingent workforce solutions) aligned Development, Operations and Security practitioners to set up a fully automated CI/CD pipeline and incorporated application security early in the process.

    In this presentation key Beeline staff, including software development, solution architects and security specialists will discuss the process for defining the parameters for successfully incorporating security in the automated pipeline as part of the overall SDLC (Software Development Life Cycle).

    Key principles to improve software delivery will be addressed as well as the full range of issues and obstacles that confronted them and solutions to overcome them. In this presentation you will learn the following:

    -Provide you with a framework and an overall blueprint to start securing your automated pipeline
    - How to start the conversation with the development and security teams for a continuous delivery culture
    - Understand why traditional manual Application Security approaches impedes rapid DevOps software releases
    - How automated Application Security supports the vision of DevOps and the continuous delivery culture
    - Understand how to make sure you are not missing critical pieces for audit oversight
    - Know how to support containers in a modern enterprise

    Speakers:

    Julie Chickillo - VP Information Security Risk & Compliance Officer, Beeline
    Brandon Grady - SVP Engineering & Architecture, Beeline
    Ben Finke - Information Security Engineer, Beeline
  • Targeted Defense: The Future of Defending Applications in Production
    Targeted Defense: The Future of Defending Applications in Production
    Mahesh Babu, General manager, Runtime Protection, at Contrast Security Recorded: Jul 25 2018 70 mins
    Raise your hand if this is you:

    - Our development teams have a massive security backlog and can’t fix everything in code
    - We need to protect legacy applications with no build pipeline or no dev team support them
    - Struts 2 made us realize we need better production controls and faster zero-day response
    - Our SOC has alert fatigue and has no visibility or context regarding production applications
    - RASP is interesting technology – we are curious to see how we would use it

    At Contrast Security, we have been hearing this from our customers and have been hard at work to solve these problems. We are proud to announce the release of the Contrast Targeted Defense Platform, the next generation of runtime protection.

    Join Mahesh Babu (General Manager, Runtime Protection) to learn more about Contrast’s new Targeted Defense Platform and its new capabilities that include, but are not limited to:

    - Intelligent, multi-technique detection
    - Advanced attack response that goes beyond monitoring and blocking
    - Language agnostic protection
    - Simple deployment
  • Application Security Testing for an Agile & DevOps World
    Application Security Testing for an Agile & DevOps World
    Omer Winker, Principal, Products at Contrast Security Recorded: Jun 7 2018 44 mins
    Security teams have a hard time keeping pace with software development in Agile / DevOps environments, and the result of rapidly rolling out software is increased risk. With the majority of cybersecurity attacks focused on applications, automatically detecting vulnerabilities and protecting your applications from attack is critical to your business.

    It’s easy to get tangled into the numerous approaches and technologies in application security testing, let alone selecting one that’s right for Agile and DevOps. As a result, it becomes challenging to even start developing an application security testing strategy for your business.

    In this presentation, you will learn:

    - SAST, DAST And IAST approaches used in Application Security Testing
    - Strengths and weaknesses of each approach
    - Best practices in securing your software code
    - How to start developing a winning application security testing strategy

    Remember, applications are the primary target for cyber criminals, so don’t let your most prized customer and corporate assets be exposed to potential attacks!

Embed in website or blog