Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
Spring is in the air and unfortunately, the risks of being unready for GDPR are growing exponentially. In a poll of US organizations at VMworld, late last year, 27% of respondents were concerned about GDPR but did not have a plan in place. And 51% of respondents said their organization is either not concerned about GDPR or unaware of its relevance to their business. If you fall into either of these categories, sign up to receive Cavirin’s on-demand Webinar (available March 25th), as experts provide guidance on what GDPR means to US companies and a 60-day action plan to get you ready. Reserve Your Copy!
Way back in 2000 it was common practice to spend considerable time configuring and tinkering the plumbing of what we today call cyberspace. The technology was embryonic, immature and often hours were spent ensuring nothing broke and that the business operations carried on smoothly.
Today, those flaky technologies are settled and stable.
- AI and Machine Learning are the focus of marketing teams.
- Everyone keeps focusing on NG or next generation technology.
- If not technology, we keep blaming the human!
Today, surely, the technical plumbing, the boring stuff is secure and stable, correct?
In this webinar we explore the bedrock technologies underpinning cyberspace and discuss why we need to focus on understanding and securing them.
- Amar Singh - CEO and Founder Wisdom of Crowds, Cyber Management Alliance Ltd
- Adam Gladsden - SME cybersecurity technologies.
- NH - DV Cleared, Cyber Criminologist, Dark web researcher & master ethical hacker
It is commonly said that staff are the weakest link to security but is it really? Or we have missed something? Computers process and transmit data and we have been patching them for last 20 odd years or longer but how about humans?
This session will be all about how you turn your so called weakest link (the people) in to your strongest asset in the fight for cybercrime. Especially, with the new upcoming regulation GDPR it has become even more crucial.
About the Speaker:
Tarun Samtani is the Group DPO for Vectura Group Plc, & SkyePharma. Tarun holds over 18+ years of experience across various sectors like Retail, Leisure, Telecommunications, ISP's, Financial Services, Gambling and most recently Pharmaceuticals. Tarun has worked across UK, Europe, Asia & Middle East on different assignments.
How can you build a strong information security program that ensures the protection of the confidentiality, integrity, and availability of your information assets and supporting infrastructure? How are your governance functions evolving to meet the latest cybersecurity threats?
Join this webinar to discuss the development of the following governance related functions and more;
* Security Leadership
* Security Strategy
* Policy Management
* Organizational Security Roles and Responsibilities
* Third Party Security Management
* Security Awareness
Digital transformation is business enhancing and fraught with danger. With services moving online and into the cloud, the result is a faster, more agile and open service for consumers and enterprises. However, this digital transformation is taking place in an increasingly precarious environment, more and more your corporate attack surface is being exposed.
With data breaches at an all-time high and incidents of identity theft risen by 57% in a year, consumers are questioning the security of their personal data held by organisations. The rise of cloud and the Internet of Things, has forced companies to take control of their data – regardless of where it resides and in addition, reputational damage caused by public breach is firmly on the agenda of the board.
This webinar will consider:
• Key security considerations for a digital transformation strategy
• Why a proactive data defence strategy is crucial
• The benefits of maximising the level of control over data irrespective of where it is created, store or shared.
Join us at our next Career Conversations session. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?
Whether you are an experienced professional or just contemplating a future in Cyber Security, WSC's Career Conversations allows you to have a conversation with women making a difference. Join us and share in Career Conversations with successful women in cyber security!
Hosted by: Jessica Gulick, WSC Vice President, CEO of Katzcy Consulting
About the Speaker:
Debra J. Farber (@privacyguru) is a data privacy and information security executive and entrepreneur with 13+ years of data strategy, operations, public policy, training, product, and compliance experience across industries and frameworks. She's Executive Consultant & U.S. Chief Privacy Officer, at CRANIUM, an EU-based privacy and security consulting firm with offices in Brussels, Utrecht, Budapest, NYC, & San Francisco. She also serves as an Executive Consultant and External DPO for CRANIUM's many clients.
Based in San Francisco, Debra serves on several industry working groups and startup advisory boards. She is a member of the IEEE Data Privacy Process Standards Working Group, IAPP CIPT Exam Development Advisory Board, and privacy tech vendor BigID's Advisory Board. In addition, Debra serves as Editorial Board Member for Cyber Security: A Peer-Reviewed Journal. She also co-founded the SF-based non-profit project, Women in Security and Privacy (WISP).
A snapshot demonstration of the various options for searching metadata fields from within the CloudNine eDiscovery Platform to locate documents responsive to specific objective and subjective criteria.
Metadata is key to the management, tracking, and retrieval of documents within the discovery process. Whether you wish to locate a document sent or received by a particular individual, filter a collection by a relevant date range or locate documents that have been marked as responsive or privileged, the ability to be able to search both the system metadata (that metadata that is extracted from the document when it is processed for review) and user metadata (that metadata used by legal professionals to categorize and track documents during the review and production steps in discovery) is key to being able to manage that document collection efficiently and effectively.
Training Snapshot Presenter: Brian Kelley
Brian is the Director of Customer Success for CloudNine. At CloudNine, Brian manages training, support and customer success efforts for CloudNine's Software-as-a-Service (SaaS) eDiscovery clients. Brian has extensive experience providing legal technology consulting and technical support services to numerous commercial and government clients ranging from multinationals corporations and large law firms to litigation support providers and governmental agencies.
Legal departments are tasked with managing more data, from more sources than ever before during e-discovery. The exponential growth of data sets, coupled with the need to reduce cost while still ensuring data security and privacy, can feel overwhelming.
We’ve seen a rapid migration to the cloud by corporations as a way of managing data, reducing overhead expense, improving efficiency and collaboration and other advantages. But the movement to the cloud can also present some challenges, especially when e-discovery requires collection of data out of cloud platforms.
Join us for a thoughtful discussion on the challenges and advantages of e-discovery and the cloud, where we’ll cover:
•Key e-discovery considerations when establishing a cloud migration plan
•Challenges of collecting data stored in the cloud as part of an e-discovery investigation
•GDPR and other privacy considerations for data in the cloud
The healthcare industry continues to be one of the most exploited industries. Risk factors such as third party access, high volume of staff-patient interaction and an investment imbalance when it comes to protecting a patient’s health vs. their personal information leaves healthcare organizations susceptible to attack. While new vulnerabilities present new vectors to exploit, attack techniques remain fundamentally the same: discover, analyze, attack and exploit. Assuming attackers will continue to find a way through, the key to reducing risk is understanding how they target and execute their attacks.
Join eSentire Penetration Tester, Chuck Ben-Tzur, as he shares his experience conducting penetration tests against healthcare organizations.
Chuck will cover the following topics:
• Why healthcare organizations are a prime target for cyber-attackers
• The tools and fine-tuned attack vectors used by attackers
• Common weaknesses and potential impacts
• A real-life account of an attack on a healthcare organization
• Recommendations for strengthening your security posture
This webinar will provide an overview of the future of passwords. Passwords have become very important, protecting a treasure trove of information. You will get an inside look at the techniques and tactics used conduct password attacks. We will discuss the various countermeasures available, new improvements made to the latest operating systems to prevent successful password attacks, and how the industry is trying to eliminate passwords. We will conclude by discussing ways we can potentially circumvent new countermeasures.
Hamza Sirag Hamza is currently an Information Security consultant. He has spent the majority of his time immersed in the world of cybersecurity. He has had the opportunity to lead complex penetration tests for a variety of federal and commercial clients. He is the founder of Beltway Hackers, a Northern VA based meetup group focused on offensive cybersecurity. https://www.meetup.com/Beltway-Hackers
Effective risk management is critical for every organization, especially in the current era of increasingly frequent and complex cyber threats. Organizations with the ability to detect changes across global IT environments in real time can better prevent and respond to malicious acts such as ransomware/malware attacks and configuration tampering.
Join our panel of InfoSec experts on this CPE accredited webinar to learn how your organization can take command of risk to proactively prioritize and address the risks that matter most, and ignite your risk management program to enable cybersecurity.
Qualifying participants will earn 1 CPE credit.
- Discover how to identify, catalog, and prioritize risks across the enterprise
- Find out how to quickly measure critical activities and address inherited risk
- Learn how to gain efficiency and effectiveness of current risk-management approaches
Have you reviewed the 2018 Insider Threat Report from Cybersecurity Insiders? The results are dramatic:
• 90% of organizations feel vulnerable to insider threats
• Over 50% have experienced an insider attack in the past year
• 67% cite phishing as the prime concern of attacks
Insider Threats are real. Be ready. Join CA hosts - Rob Marti, Privileged Access Management Director and Alexandra Beswerchij, Product Marketing Manager - to review the research and discuss how a layered and comprehensive Enterprise IAM approach enhances PAM to provides an effective countermeasure to both insider attacks and external actors.
Over the last decade, Black Duck by Synopsys has recognized some of the most innovative and influential open source projects launched during the previous year, as recognition to the success and momentum of these projects, and affirmation of their prospects going forward.
In this webinar, we'll explore the origins and evolution of this year's most outstanding Open Source Rookies, who are investing their efforts in everything from Autonomous Driving, through Scalable Blockchain, and VNF Orchestration, to Personal Security and Relationship Management.
New cyber risks and threats are emerging at a pace faster than ever before.
- How are cyber risks evolving
- Which risks can be managed through cyber insurance?
We’ll address these questions – and dig a bit deeper into the state of the cyber insurance market and the role of cyber insurance in your overall cyber risk management strategy. Cyber risk can’t be eliminated – it must be managed.
This webinar is brought to you in partnership with ISSA Financial Industry Special Interest Group.
About the Speaker:
Susan Young is a Senior Vice President and advisor with Marsh’s
national Cyber & E&O Practice (part of Marsh’s Financial & Professional Liability Practice, FINPRO) in the Seattle office. She is primarily focused on cyber /security & privacy risk, media liability, and technology errors and omissions.
With a vast supply of wealth and information, the financial services industry has long been a target for cyber-attacks and data breaches. In a post-Equifax world characterized by evolving, automated threats, stretched security teams, and increased regulations, financial institutions are struggling to stay one step ahead.
Join Dan Fein, Darktrace's US Technical Lead, and Chris Sprague, TruWest Credit Union's Security Engineer, as they discuss the security challenges that the financial services sector faces - and how they can be overcome leveraging AI technology.
In this webinar, you will learn:
- Why financial services organizations are struggling to detect and respond to emerging threats before they do damage
- How TruWest Credit Union has implemented AI to bolster its security strategy
- How Darktrace uses AI and machine learning to defend financial services organizations worldwide
Threat intelligence done right gives you a window into the world of your adversary. But with so many types of threat intelligence services and products available, finding the right one to meet your objectives can be challenging. How do you decide which features are must-haves for your organization?
This webinar will help you answer six key questions at the center of deciding how to invest in a threat intelligence solution. Watch the recording now to find out:
• Why it’s not all about sources — context is key.
• The advantages of integrating threat intelligence with your other security solutions.
• How you can scale your threat intelligence investment over time.
Today’s hackers often favor the phishing email as their weapon of choice. Phishing attacks are not only common, but are also very difficult to defend against. What if you could detect and mitigate a phishing attack before its intended target clicks on that fatal link or opens that malicious attachment?
When your Exchange server is in the Office 365 cloud, solutions such as constant inbox scanning or relying on synchronous mail flow aren’t viable options. Instead, you can find a strong defense against phishing emails in the Message Tracking log in Exchange.
The Message Tracking log is available in both on-prem Exchange and Office 365 Cloud’s Exchange Online. Message Tracking logs include valuable information about the client, servers, sender, recipients, message subject, and more. If you can access this information and know how to mine it, you can detect likely phishing emails.
In this webinar, you’ll learn how to:
- Recognize the format of message tracking logs
- Pull message tracking logs from Office 365 using PowerShell’s Get-MessageTrackingLog cmdlet
- Work through a list of checks to perform against message tracking events to detect phishing emails
- Move suspect emails to a sandbox where you can use analysis tools like PhishTank, ThreatGRID, or OpenDNS
- Remove copies of phishing emails from other recipients
- Automatically detect and respond to phishing attacks with no analyst intervention
- To optimize your phishing response efficiency, LogRhythm has introduced a new open-source Phishing Intelligence Engine (PIE). PIE is a PowerShell framework focused on phishing attack detection and response.
Register for the webinar now to learn how you can use LogRhythm’s PIE and Office 365 to better detect and respond to phishing attacks.
More than 92 percent of multinational companies are focused on GDPR as a top priority1. ForeScout Technologies is one of them. Tony Miller, Sr. Director of Legal Affairs at ForeScout shares lessons learned in ForeScout's quest to assure data privacy and become GDPR compliant. This informal event will be in the form of questions and answers.
Although GDPR is primarily a legal and compliance issue, a data breach is the point of failure that will highlight any deficiencies in an organization’s data protection and larger security posture.
GDPR Article 33 requires breaches to be reported within 72 hours of discovery. With just 72 hours after breach discovery to report the nature of the breach, number of records and subjects affected, and likely consequences, every hour matters, and visibility across the environment becomes a must.
With speed of response being critical, you need a trusted partner with the incident response expertise, threat intelligence and purpose-built technology to enable rapid initial notification, and to provide support with subsequent notifications once further data points are identified/obtained.
Join the conversation with Stuart McKenzie, Vice President Mandiant EMEA, to talk about :
· How FireEye can help you meet the GDPR 72-hour breach reporting requirement, should you be breached, and
· How FireEye can help reduce the risk and impact of a breach by securing sensitive and confidential data and improving breach response readiness—before, during, and after a cyber-attack.
Sebbene il GDPR sia soprattutto una questione legale e di compliance, un evento di "data breach" evidenzia la presenza di carenze nel sistema aziendale di protezione dei dati e più in generale nella security posture.
L'articolo 33 del GDPR richiede la notifica delle brecce informatiche entro 72 ore dalla scoperta.
Un tempo decisamente limitato per notificare la natura della breccia, il numero di record e soggetti coinvolti e le possibili conseguenze. Ogni ora conta ed è fondamentale disporre di una visibilità del proprio ambiente completa ed approfondita.
In questo scenario, la rapidità di risposta diventa un fattore critico. Per questo è necessario potersi affidare ad un partner che abbia un'elevata competenza nell'incident response, che disponga di soluzioni di threat intelligence di qualità e di tecnologia atta non solo a garantire una prima notifica rapida, ma anche a supportare le notifiche successive sullo stato di avanzamento del processo di risposta e di rimedio all'incidente.
Ne parliamo il 22 marzo con Marco Rottigni, Sr. Product Marketing Manager EMEA, per comprendere come FireEye possa:
"aiutarti a soddisfare il requisito di notifica incidente entro le 72 ore dalla scoperta della breccia
"ridurre il rischio e l'impatto di una potenziale breccia con la messa in sicurezza di dati sensibili e confidenziali, migliorando le capacità di risposta agli incidenti prima, durante e dopo un cyber attack
Les plateformes de sécurité présentent aujourd'hui beaucoup de challenges qui les rendent difficiles à gérer : manque de visibilité, trop volume d'alertes, peu de contextualisation… Le résultat est une perte d'efficacité, et de vitesse dans la prise en compte des incidents de sécurité.
FireEye a conçu une plateforme de gestion des opérations de sécurité avec ces objectifs en tête, plus de visibilité, une meilleure lisibilité et une contextualisation de la menace, le but ultime étant de fournir une plateforme facile à déployer, à administrer et qui répond aux besoins d'aujourd'hui.
Lors de ce webinaire nous couvrirons les points suivants :
Comment HELIX centralise les opérations de sécurité :
- Améliore la visibilité de bout en bout
- Aide à la Priorisation et la contextualisation des alertes
- Accompagne à la prise Prise de décisions et à la levée de doutes
Nous terminerons par une démonstration de la plateforme à travers un Business Case réel et nous laisserons le temps aux différentes questions en live.
In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.
May 25th, 2018. We have all had it circled on our calendars for two years. The General Data Protection Regulation is scheduled to go into effect on this date. But is it the beginning of the end or an opportunity to take your customer relations to the next level? Join us for this informative webinar where our team of experts, along with Philip Russom from TDWI Research, will explore the possibilities.
Application security is quickly becoming a "must have" for security teams. High profile breaches, including Equifax and a multitude of ransomware attacks, have the attention of senior management of company Boards. Knowing where to start can be difficult.
Not every company has the same needs or organizational maturity to manage a full-blown application security program. This webinar will cover some of the tools and exercises deployed by application security teams to build security into their processes, including:
- Tools and security tips for each phase of the development lifecycle
- Which tools to use for different types of code
- In-house and 3rd party options for starting an application security program
Today’s CA Single Sign-On (SSO) solution is not the CA SiteMinder of yesterday. Yes, SSO continues to offer seamless access management services using traditional agents, but it also offers a new range of agentless approaches. So now, you can use single sign-on and access management for applications of all shapes and sizes.
Join CA solution leaders − Herbert Mehlhorn, Product Management and Aaron Berman, SSO and Directory Products − to learn how agentless access management can help you:
•Securely address critical user productivity needs
•Transform your approach to access management
•Foster new collaboration between security and application development teams
As more and more containerized applications get moved into production environments security & compliance become greater concerns. In this webinar we'll review PCI compliance initiatives, talk about how containers change your compliance lifecycle, and how to stay compliant while maintaining the benefits of containers.
Specifically we'll cover
- Live examples of user activity auditing
- Managing dynamic network maps of your containerized infrastructure
- Container Intrusion detection
- Forensic analysis of unauthorized data access
In Part 1, we examined what GDPR is, what the requirements are and how organizations will be impacted. In Part 2, our panel will discuss more on the potential impacts of GDPR across a typical organization (including assessments, encryption, audit & controls and the impact to each department, from finance to marketing) and what the organization should be doing to plan for GDPR. Join (ISC)² on March 27, 2018 at 1:00PM Eastern, as (ISC)² discusses these topics and answers questions from the audience about this important and looming regulation.
If you ask ten people to define DevOps, you’ll likely get a dozen different answers. Somehow it’s 2018 and we still can’t agree on what DevOps is, only what it looks like. The truth is that successful DevOps implementations require hard work over long periods of time.
DevOps at Threat Stack is a survival mechanism – it’s how we turn ideas into reality quickly and safely. Learn how we design our telemetry system to support useful, actionable metrics and the steps we take to level up our engineers, giving them the necessary accountability to truly own the applications they build.
Tune in on 3/27 to learn concrete ideas you can take home to improve how work gets done within your organization including:
- Engineering for rapid change
- Measuring and optimizing system health
- Making engineers accountable
Moving to the Cloud can be daunting, but it doesn't have to be. With the right team of experts, who have been through countless migrations, you can make the move and not the mistakes.
In this webinar, attendees will hear from JHC Technologies, a leading Managed Services Provider that specializes in migrating enterprises and public sector organizations' data centers to the public cloud. Additionally, CloudCheckr will discuss tools to automate security and optimize cost once in the cloud.
The new Thales nShield XC is set to replace the Thales nShield Solo and nShield Connect non-plus hardware security modules in the next few months. With a whole host of new features and capabilities, the XC will outperform the non-plus by an order of magnitude – and this webinar will help you understand the new model and the recommended migration plan, so you can get ready to make the switch.
Join us on Wednesday March 28th March @ 11am AEDT for a briefing on:
• New Features of the XC
• Recommended migration steps from non-plus to XC
• End of Support timelines
We will have lots of time for Q&A at this session.
2017 is not yet over and it's already the year of cyber attacks. From phishing, to hacks, to classified hacking tools leaked and the biggest ransomware attacks to date (Wannacry, NotPetya), security professionals across the world are looking to apply the lessons learned in 2017 for an improved cyber security next year.
Join this live interactive Q&A panel with experts from the artificial intelligence, deep learning and IoT security space to learn about:
- The biggest attack trends seen so far
- Impact across industries
- Threats on the horizon
- Recommendations to better secure your data and company in 2018
- Jay Beale, CTO & COO, Inguardians
- Shimon Oren, Head of Cyber-Intelligence at Deep Instinct
- Ted Harrington, Executive Partner at Independent Security Evaluators
- Greg Foss, Global SecOps Manager at LogRhythm
General Data Protection Regulation (GDPR) is a European law and all companies operating in Europe will have to be compliant by May 25 2018. The clock is ticking, leaving only a few months to be ready and avoid reputation damage along with fines of up to 4% of annual revenue or 20 million Euros. Tracking personally identifiable information requires an accelerated insight discovery process in various content sources in order to make sure that the data governance model is effective.
During this 40-minute webcast, Erçin Aslan, Legal Counsel, will first summarize the issues and challenges for implementing GDPR:
* Overview of GDPR
* What needs to be prepared for the General Data Protection Regulation
* New processes to be established
Then, Simon Turoswski, EMEA Solution Consulting Manager, will highlight how Sinequa's Cognitive
Search & Analytics platform can be leveraged to speed up GDPR compliance:
* Achieve fast deployment for quick ROI
* Analyze large volumes of structured and unstructured content to locate relevant information
* Automate extraction and categorization of personal data
We look forward to seeing you on Wednesday, March 28th at 3:00 pm BST, 4:00pm CET and 10:00 am ET
Patch management is often highlighted as a major issue for many organisations. The volume and frequency of updates makes it almost impossible to keep all machines up to date and secure. This issue is worse for older machines many of which cannot be patched at all.
Join Lindseigh Strickland, Cybersecurity Specialist and Ori Pliner, Systems Engineer Specialist at Palo Alto Networks, for an exclusive cybersecurity webinar on March 28th at 3:00 p.m. to receive an insight into an alternative approach to securing older machines. We’ll also discuss how this approach provides more flexibility and control around patching and protecting unpatchable devices.
This is a ‘must attend’ event if you want to understand:
- The security, risk and compliance ramifications of operating unpatchable systems and applications
- How to prevent security breaches on legacy machines when patching is not an option
A live demonstration of Palo Alto Networks Advanced Endpoint Protection will also be provided.
Attackers have embraced automation to launch attacks and expand their reach within your network. But ill-intentioned individuals aren’t alone in having automation in their toolkit. It’s time to fight automation with automation.
How quickly you can respond to a zero-day attack largely depends on how proactively you secure your network. When attackers engineer malware to automatically detect vulnerabilities on your network, the way to prevent damage is to employ automation so you can react quickly and ensure its integrity.
Join Tufin experts Dan Rheault and Joe Schreiber, also an established SOC professional, for an educational webinar that will discuss best practices to:
•Secure the network through effective segmentation
•Contain risk from zero-day attacks
•Leverage automation to respond to security incidents
The security challenges of companies large and small is changing. This is especially pronounced in the access management space as IT admins and CISOs are faced with more identities and devices across a growing number of cloud applications. In our recent survey, we found 72% of respondents found cloud access management tools as a solution to reducing the threat of large scale data breaches, while 62% highlighted the tools ability to help simplify the login process for their enterprise users.
In an organization, individuals dealing with security have different goals and objectives. Aligning them can be a challenge. We will look at the priorities of the user, IT teams and CISOs – where they are linked and where they diverge. To build effective risk-based access policies, you need to start with a living IAM strategy that takes into account geolocation, threats, unusual behavior and scenario based data. Using policy-based access management, internally and externally for example in the cloud, is helping enables aligning the different security teams in an organization and automate and simplify the log-in process for users as well. During the webinar attendees will walk away with an understanding of:
-Analyzing personas within your organizations security team to improve IAM solution implementations
-Things to consider when building your access management strategy
-Building risk-based access management policies across multiple applications or cloud environments
Awareness among IT organizations of application security continues to increase, as decision makers want assurance that the software they procure is secure. Very few IT leaders want their third-party applications to be the source of a cyberattack. In a recently published IDG study, 84% of surveyed IT Leaders agree that their companies are concerned about the potential data security risk posed by third-party applications. How can companies provide customers the assurance that they will protect their critical data and not risk exposure to a potential cyberattack?
Join product and services experts from CA Veracode as they share insights from the IDG Survey and discuss the security concerns companies face when procuring software. They will also discuss Veracode’s latest approach in providing third party software assurance so that enterprises get peace of mind that their software supply chain remains secure.
Learn how Veracode works with software providers to:
•Meet the demands of customers looking for proof that your software is secure
•Provide a path to maturing their AppSec program
•Help defend their AppSec budget by showing the value and adoption it brings
•Make their secure software a competitive advantage in a tightening market
Automation and containerization can help you build faster and deliver continuously, but can also make managing security challenging. By integrating Black Duck Hub with the development tools you use in AWS, you can scan images in your container registry, automate build scans in your CI pipeline, and stay notified on any security vulnerabilities or policy violations found in your open source code.
Join experts from Black Duck by Synopsys and Amazon Web Services as we explore how to build applications and containers safely in the cloud without sacrificing agility, visibility, or control. In this hands-on webinar we’ll demonstrate how to:
-Get started with Black Duck Hub and AWS
-Build better solutions through Open Source Intelligence
-Use open source management automation and integration with AWS
Plus, we'll feature a real-world example using Apache Struts, as well as the resources you can put to use today to gain the security you need without sacrificing the agility you want.
Business transformation in the 21 st century has organizations extending their value chain into
customer decision making, as they design and deliver “digital services” using advanced
information technology. Such transformations need organizations to run at a faster speed to
explore new value creating opportunities and still keep running their daily operations at regular
speed. So, organizations may need two different organizational structures and governance models
to manage both faster and regular speeds to isolate risks, including strategic (e.g. brand reputation),
compliance (e.g. data security and integrity), operational and technical risks that surface when
working with many unproven technologies, external partners, and evolving customer expectations.
This presentation will look at strategies to address these risks.
Are you implementing Qualys, Rapid7, Nessus, or another network scanner and still struggling to prioritize your most critical vulnerabilities? Are you searching for a simple, single view of your organization's exposure to risk that you can share across security and IT ops teams and up to the CISO and the Board of Directors?
Join Security Engineer, Brian Orr and Security Consultant, Gabe Howden as they take you through the Kenna Security Platform and our risk-based approach so you can learn how to take control and reduce your risk.
The demo will cover:
- How Kenna Security's algorithm works to correlate scan data with real-world exploit intelligence
- The Kenna Security Risk Meter and tips for customizing dashboards and reporting for any IT environment
- Best practices for viewing, tracking, and reporting on your risk posture across all levels of your organization
Unique to the industry, CMD+CTRL are interactive cyber ranges where staff compete to find vulnerabilities in business applications in real-time – learning quickly, that attack and defense are about thinking on your feet, creativity and adaptability.
For every two weeks, we will offer the opportunity to test drive CMD+CTRL for 24 hours. We'll open up our CMD+CTRL to anyone to participate, score points, and see how they do.
We will start with a 30 minute live demo to go over the features and functionality of CMD+CTRL, Q&A, and provide the login URL and credentials for your free 24 hour access and you can begin testing your skills immediately.
As part of its annual survey, Quali received inputs from over 1300 practitioners working in mid-to-large enterprises – all in different stages of their journey to Cloud and DevOps. We learnt about maturity of their own processes, their challenges and learnings, the barriers they’re still challenged to pull down and where they’ve made headway compared to the past couple of years. The survey, now entering into its fourth year provides a great way to look at the industry landscape over a 3-year and map it to the maturity of the transformation that enterprises are experiencing.
We encourage you to join this webinar and learn what you’re peers in the industry shared. Here’re a few things you will walk away with:
•What are the top careabouts for enterprises in their quest for agility? Where are the existing bottlenecks?
•How is the cloud strategy shaping up and what are the top automation tools?
•Is DevOps adopting maturing? What are the barriers? Has the culture evolved?
•How does this compare to the past 2 years?
•How should you prioritize your efforts for 2018?