Hi [[ session.user.profile.firstName ]]
Sort by:
    • Application Security at the Speed of DevOps
      Application Security at the Speed of DevOps James Rabon - Product Manager, Fortify Software Security Center and Tools Recorded: Oct 24 2017 6:00 pm UTC 60 mins
    • Faster time-to-market and business value driven application functionality are the biggest drivers for DevOps. With DevOps, more frequent releases require shorter development and test cycles creating a higher risk of breaches exploiting the application layer. The last couple of years have shown business value can take a significant hit with security breaches. Building security features at the speed of DevOps, and reducing risk with the right security architecture, processes, and collaboration is key to staying in business. This is the genesis of DevSecOps.

      In this Webinar, Derek Brink from Aberdeen Research describes how the shift towards rapid application delivery methods creates new opportunities for improving application security and reducing risk. MicroFocus’ James Rabon (Product Manager, Fortify Software Security Center and Tools) and Paladion's Vinod Vasudevan (Co-founder and CTO) discuss how MicroFocus and Paladion are helping customers integrate security and compliance into DevOps processes.

      Key Takeaways from the Webinar:

      - Trends in application delivery: from waterfall, to Agile and DevOps
      - How characteristics of Agile, DevOps provide a high-level blueprint for what application security in that environment should look like
      - Capabilities you should be looking for to improve application security at the speed of DevOps
      - How to adopt non-disruptive and continuous application security processes
      - Bringing in around-the-clock security monitoring for cloud assets

      Read more >
    • Security Anthropology: How Do Organizations Differ?
      Security Anthropology: How Do Organizations Differ? Wendy Nather with Duo Security Recorded: Nov 16 2017 5:00 pm UTC 33 mins
    • When planning a go-to-market strategy, it’s common practice to build detailed marketing and sales personas for key security individuals such as the CISO, the IT administrator, the developer, and the end user. Each of these roles has different needs and priorities when considering a security tool, and sales strategy recognizes the need to address each of them. Organizations have different types of business drivers, priorities, constraints, and capabilities as well: for example, an 80-year-old manufacturing company may not care what cute new IoT ideas you might have.

      These organizational personas must be considered when searching out peers for benchmarking. Security decisions made only by looking at other companies in the same industry doesn’t provide enough data, because there are many other variables that come into play. Building a security anthropology model for comparing organizations provides more context to better design products and services to align with their needs, while helping the security community speak the language of the users it’s serving. Join us for a discussion on how we can excavate a better approach with Wendy Nather, Principal Security Strategist at Duo Security.

      SPEAKER INFO:
      Wendy Nather is a former CISO in the public and private sectors, and past Research Director at the Retail ISAC (R-CISC) as well as at the analyst firm 451 Research. She enjoys extreme weather changes while shuttling between Austin and Ann Arbor.

      Read more >
    • Cutting through the Cloud Security Noise: 5 Must-have Architectural Requirements
      Cutting through the Cloud Security Noise: 5 Must-have Architectural Requirements Steve House of Zscaler Upcoming: Jan 11 2018 5:00 pm UTC 60 mins
    • The cloud and mobility have fundamentally changed the IT landscape. Both apps and users have left the network, however traditional security has struggled to keep pace. Developing a strong cloud security strategy is important to help restore visibility and reduce risk, but what is the best approach? While there are many opinions and perspectives, the best security strategy starts in the beginning with the proper architecture. By understanding the core building blocks needed to enable and secure your user and apps in cloud-first world, you can transform your company and IT organization. Join this webcast to hear the 5 key architectural requirements your cloud security strategy can’t live without.

      Speaker Bio:
      Steve House is a seasoned Product Management leader with over 20 years of experience in the networking and security industries. During that time, he has worked for multiple market-leading organizations including Zscaler, Blue Coat Systems, Packeteer and CacheFlow where he has a consistent track record of helping them innovate and grow their market share.

      At Zscaler, Steve leads the Product Management team responsible for driving product strategy and execution. Steve’s goal is to help the company through its next phase of growth becoming the standard Internet security platform delivered as a service to any user on any device in any location.

      Steve holds a Bachelor of Science in Electrical Engineering from Duke University

      Read more >
    • Top 10 Public Cloud Security Recommendations
      Top 10 Public Cloud Security Recommendations Matt Keil of Palo Alto Networks Recorded: Dec 14 2017 5:30 pm UTC 43 mins
    • Offering organizations of all sizes the benefits of agility and scalability, the adoption of public cloud continues at a pace rivalled only by that of the early days of the Internet era. As was the case then, the speed of adoption often means that “good enough” security is viewed as acceptable. With the underlying premise that the public cloud is someone else’s computer, and an extension of your network this session will cover public cloud security concerns, what the shared security responsibility model really means and recommendations for protecting your public cloud workloads and data.

      Read more >
    • The Practical Execution of Security in the Enterprise
      The Practical Execution of Security in the Enterprise Gee Rittenhouse, SVP Security Business Group, Cisco; Mike Iwanoff, SVP/CISO/CIO, iconectiv Recorded: Dec 5 2017 9:00 pm UTC 28 mins
    • As more of our business data will exist in the cloud and as the scale of IoT creates more weak links in the security chain, what systems in the network are designed securely that CIOs and CSOs can leverage? And will a lack of industry standards and technology architecture around the IoT makes it difficult to create security policies? Also, why do some contend that the IoT is impossible to secure?

      On this edition of NMGs podcast series, we invite Gee Rittenhouse, Senior Vice President, Security Business Group at Cisco and Mike Iwanoff, SVP/CISO/CIO at iconectiv.



      Key takeaways for listeners:

      a.Fraudsters are out in full force: Yesterday’s solution might not solve tomorrow’s problems/challenges

      b.Tips and Info: Top three things I can do to get more info/more data and improve my posture in this area
      •Threat Modeling
      •Risk Assessment
      •Risk Framework

      c.Determine whether you have the technology requirements for an acceptable risk posture:
      •Multi-cloud security
      •Visibility
      •segmentation of the network
      •automation – allowing you to implement controls to recover from a threat, find the source and mitigate the threat from reoccurring.

      d.Communicate that risk posture to exec team and to the board - At the end, the company should know what their risks are and what
      they are willing to accept

      e.Understand the challenge and know that you don’t have to build your own security solutions.

      Read more >
    • Addressing The Security Challenges of the Cloud Generation
      Addressing The Security Challenges of the Cloud Generation Gerry Grealish, Head of Product Marketing, Network and Cloud Security Products Recorded: Oct 24 2017 4:00 pm UTC 46 mins
    • Welcome to the Cloud Generation, where employees demand flexibility and access wherever they are, but can expose your most sensitive data to risk.

      Distributed environments—like mobile and distributed workforces—introduce new attack surfaces that must be protected and increased use of SaaS Cloud Apps are driving the need for new compliance and security controls. The result? Security and IT teams are being forced to rethink network designs to better answer questions like:

      - How do we effectively govern access to data, apps and systems?

      - How can we combat advanced threats targeting our business through the web, cloud and e-mail?

      - How should we secure information that is moving between our network, endpoints and the cloud?

      Join Gerry as he discusses the key Cloud Generation security challenges facing Symantec’s enterprise customers and learn how Symantec’s Cloud-delivered security solutions can be used to protect users, devices and corporate data, wherever it resides.

      Read more >
    • Why VMware NSX, AirWatch & vSphere will redefine your Approach to Cyber Security
      Why VMware NSX, AirWatch & vSphere will redefine your Approach to Cyber Security Christopher Campbell, Director of Solution Marketing | Security & Tim Davis, Sr. Systems Engineer, NSX Enterprise, VMware Recorded: Oct 6 2017 9:40 pm UTC 68 mins
    • Data breaches, cyber-attacks, security lapses and new regulations have made IT security more challenging than ever now that every organization has gone digital. IT teams are struggling with points solutions, as the traditional security approach no longer works. Explore how VMware makes cyber security intrinsic with a footprint throughout IT organizations with a security solution that includes products such as Workspace ONE, AirWatch, Horizon, NSX, AppDefense, vSphere, vSAN and vRNI that simplifies and consolidates IT security. Also, learn about what’s new with NSX and our newest security solution AppDefense.

      Technical Demo’s will include looks into the Horizon with NSX solution, and how it interacts with 3rd party solutions such as Trend Micro’s Deep Security to automate security processes. You will also get a look into the vRealize Network Insight tool, and how it is helping our customers operationalize these new security models, maintain operational visibility into the network, and ensure best practices and health of the networking and security services.

      Read more >
    • Security by Design – Modernizing Technology Governance
      Security by Design – Modernizing Technology Governance Tim Sandage, Sr. Security Partner Strategist, AWS Recorded: Oct 12 2017 11:00 pm UTC 33 mins
    • Up-front design of your cloud environment can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Security by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability across, such as:

      - Organizational governance
      - Asset inventory and control
      - Logical access controls
      - Operating system configuration
      - Database security
      - Applications security configurations

      Why this session:

      Cloud Computing is becoming the new normal, the question isn’t “if” anymore, it’s really just “how fast can we move?” and “what are we going to move first”

      Because of this trend organizations need to understand their security and compliance capabilities and shared responsibilities for security as they migrate resources to the cloud. Whether its clinical trial simulations with Bristol Myers-Squibb, who uses AWS to run clinical trial simulations for 64% less cost; in 1.2 hours vs. 60 hours or Galata Chemicals who are running their development and test workloads in the cloud. Organizations need to start with a “Secure by Design approach, which support security at scale as they increase their use of cloud resources.”

      Read more >
    • Hybrid Mobile Apps: From Security Challenges to Secure Development
      Hybrid Mobile Apps: From Security Challenges to Secure Development Dr. Achim D. Brucker, Security Consultant & Senior Lecturer, University of Sheffield Recorded: Aug 16 2017 12:00 pm UTC 35 mins
    • Cross-platform frameworks, such as Apache Cordova, Adobe PhoneGap, or SAP Kapsel are becoming increasingly popular. They promote the development of hybrid apps that combine native, i.e., system specific, code and system independent code, e.g., HTML5/JavaScript. Combining native with platform independent code opens Pandora's box: all the security risks for native development are multiplied with the security risk of web applications.

      In this talk, we will give a short introduction into hybrid app development, present specific attacks and discuss how Android developers are using Apache Cordova. In the second half of the talk, we will focus on the secure development of hybrid apps: both with hands-on guidelines for defensive programming as well as recommendations for hybrid app specific security testing strategies.

      Speaker bio:

      Dr. Achim D. Brucker (https://www.brucker.ch) leads the Software Assurance & Security Research Team (https://logicalhacking.com) at the University of Sheffield, UK. Until December 2015, he was a Security Testing Strategist in the Global Security Team of SAP SE, where, among others, he defined the risk-based security testing strategy of SAP. He is a frequent speaker at security conferences.

      Read more >