Name: Securing the Software Supply Chain
Start: 2022-10-03T17:00:00Z
End: 2022-10-03T17:00:16.000Z
Location: BrightTALK
Rating: 4.6

CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org.  Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

Generative AI tools like ChatGPT are rapidly being adopted across enterprises to drive efficiency, but they come with real and immediate security implications.

Recent studies show that 15% of employees are pasting data into GenAI tools, and 1 in 3 are unknowingly sharing sensitive information. These behaviors create a new layer of risk: inadvertent data leaks, compliance violations, and exposure of confidential assets.

As a result, most organizations face a blunt choice: block GenAI entirely or allow it unchecked. Neither option is valid in today’s world. But GenAI security and productivity shouldn’t be an “either-or” choice.

In this webinar, LayerX security leaders will break down how to secure GenAI usage without sacrificing its value. You’ll get a clear understanding of how these tools are being used, what risks they create, and what practical steps you can take to mitigate them.

Register for this webinar to learn:
• Industry Insights: See how and where GenAI is being used across the enterprise—by whom, for what, and how often.
• Risk Breakdown: Learn what kinds of sensitive data are being exposed, and what that means for your security and compliance posture.
• Protective Actions: Walk away with specific policies, controls, and tools to reduce risk while enabling safe GenAI adoption.
• Real World Lessons: Hear how leading security teams are addressing these challenges in real-world environments.

Whether you’re a CISO, a security architect, or part of the compliance team, this session will give you clear, actionable guidance to secure your organization’s GenAI usage—before it becomes a problem.

Register now and take control of GenAI security before it takes control of you.

Preventing GenAI Data Leakage: Enabling Innovation Without Compromising Security

This webinar offers cloud network security experts an in-depth look at the paradigm shift from traditional perimeter-based security to a modern application-centric approach. Discover why conventional data center security models, relying on static policies and firewalls, are ill-suited for the dynamic nature of cloud environments, which are characterized by the explosive growth of IaaS, PaaS, and SaaS. We will explore the critical challenges posed by vanishing perimeters, lack of visibility into cloud environments, and the complexities of securing highly dynamic resources like VMs, containers, and microservices. The session will detail the core principles of application-centric security, including achieving granular visibility into application dependencies, implementing Zero Trust frameworks with verification and validation checkpoints, and leveraging microsegmentation for enhanced isolation. Furthermore, learn how automation and orchestration are essential for consistent policy enforcement, faster response times, and increased efficiency in managing cloud security at scale across diverse multi-cloud and hybrid infrastructures.

The Evolution of Cloud Network Security: From Silos to Service-Centricity

AI is already transforming how software is built—but for security teams, it’s mostly just making life harder. Developers are shipping AI-generated code at breakneck speed, while security teams struggle to keep up. The challenge isn’t just securing AI-generated code and systems—it’s evolving your AppSec program to keep pace with software development.

We'll provide a framework to how security teams can evolve their programs across two key dimensions: securing AI-driven software development and using AI to enhance security workflows. You’ll learn:
• Strategies for managing risks from AI-generated code and autonomous agents
• How security teams can use AI to reduce work and improve security outcomes
• Where AI can enhance security—and where human expertise remains irreplaceable

AI isn’t just a security challenge; it’s a chance to build a smarter, more efficient security program. Join us to learn how to make AI work for security, not against it.

Evolving Your AppSec Program in the Era of AI

AI Agents are becoming deeply embedded across engineering and business workflows, but the speed of their adoption is outpacing governance. With multiple platforms enabling easy AI Agent creation (from IdPs to PaaS vendors), security teams are struggling to track who’s spinning them up, what identities they use, and where they operate.

In this 30-minute session, we’ll break down:

• What qualifies as an AI Agent (and what doesn’t)
• The types of non-human identities (NHIs) fueling them
• The rise of shadow AI Agents - why they’re spreading fast, where they hide, and the risks they pose
• Detection techniques, from fingerprinting via user agents and IPs to deeper code-level analysis
• Practical steps to bring AI Agents into your governance program without slowing innovation

Whether you’re already encountering rogue agents or getting ahead of the curve, this session will give you concrete takeaways to strengthen visibility and

Finding Shadow AI Agents - and the Identities Behind Them

Mergers and acquisitions can fuel growth—but they also create prime opportunities for cyber threats. Financial services organizations must act fast to secure newly acquired entities, maintain compliance, and prevent cyber risks from jeopardizing the deal.

In this webinar, security leaders will learn:

• The biggest cybersecurity risks during M&A and how attackers exploit them
• Best practices for securing the business throughout the process
• How organizations can reduce risk, ensure compliance, and streamline cloud security during M&A

Join Ilaiy Elangovan, Head of Cyber Product Development & Innovation at Visa, Expel's Lauren Horaist, Director of Product Management, and Peter Katz, VP & General Counsel, for an expert discussion on protecting your expanding organization—without slowing down the deal.

How to Protect M&A in FinServ: A Conversation with Visa and Expel

Imagine a SOC where AI-powered agents work together like a virtual team—handling alerts, eliminating noise, and responding to threats faster than ever before.   

Join ReliaQuest experts Brian P. Murphy, Chief Scientist, and Jonathan Echavarria, Principal Research Scientist, as they explore the transformative power of AI multi-agent systems. Learn how these "super agents" collaborate to automate Tier 1 and Tier 2 tasks, improve detection and response, and empower your team to focus on high-impact priorities.   

In this session, you’ll discover:   
• How multi-agent systems enable autonomous, end-to-end security operations.   
• The productivity gains of eliminating repetitive tasks and alert fatigue.   
• The future of AI in SecOps and what it means for your team.

AI Multi Agents: Delivering Autonomous SecOps

Results from InformationWeek’s State of Endpoint Management Automation survey show that even with endpoint management budgets on the rise, organizations remain mired in manual tasks, legacy technologies, and a distributed technology stack that hinder effective and secure management of endpoint devices.

Register for this webinar to hear from experts discuss the findings from the recent research report and share strategies and tech to help improve the secure patching of your organization's devices in the year ahead.

How to Prep Your ITOps Team for Secure Endpoint Management in 2025

The State of SaaS Security: Trends and Insights for 2025-26, commissioned by Valence in partnership with the Cloud Security Alliance, reveals a critical inflection point in SaaS security. While 86% of organizations now prioritize SaaS security with 76% increasing budgets, significant challenges persist that threaten enterprise security postures.

Survey data from 420 IT and security professionals highlights persistent visibility gaps, with 55% reporting employees adopt SaaS applications without security involvement. Identity management remains problematic, with 58% struggling to enforce proper privilege management and 46% citing challenges monitoring non-human identities. The expanding attack surface through GenAI tools and SaaS-to-SaaS integrations presents new vulnerabilities, with 56% of organizations concerned about overprivileged API access to sensitive data. 

This webinar will explore key insights from the report, including emerging threat vectors, effective mitigation strategies, and how organizations can evolve their security programs to match the complexity of modern SaaS environments.

State of SaaS Security

The security for AI landscape is constantly evolving, protecting AI as it advances from standalone models to complex agents. In this webinar, we demystify what it means to secure AI models, applications, and agents. Whether you’re building your own model or deploying frontier or open-source systems, you need to understand the full lifecycle to secure it. From AI red teaming during development to runtime defense in production systems, this webinar provides actionable insights into securing against AI threats.

Breaking Down Security for AI: From LLMs to Agents

AWS is recognized as the most comprehensive cloud platform globally, but with complex identity management, permissions, and access controls, it can be difficult to know what you can secure at scale and where to start.

Join our cloud security experts to learn essential best practices for maintaining a secure AWS environment. Whether you’re a beginner or specialist, you’ll discover new strategies that will help continually strengthen your cloud security posture, enforce least privilege, and fix misconfigurations when they arise.

Cloud Data Security: AWS Best Practices

Discover how the Cloud Security Alliance and Northeastern University are shaping the future of safe AI. In this exclusive webinar, we unveil the Trusted AI Safety Knowledge certification program—an industry-first initiative designed to equip professionals with the principles, frameworks, and practical training to build and manage AI systems safely, securely, and responsibly.

You'll get a first look at the core components of the certification, including risk management strategies, regulatory alignment, and ethical frameworks essential to modern AI deployment. Learn how this collaboration brings together world-class academic rigor and industry-driven insights to address the urgent need for trusted AI expertise across business, compliance, and technical domains.

AI Safety Primer: Inside the Trusted AI Certification by CSA and Northeastern University

Navigate the complexities of securing your hybrid cloud. "Securing the Hybrid Cloud: Key Strategies for Network Security" tackles the critical challenges of achieving comprehensive application visibility, ensuring consistent rule alignment, and proactively managing evolving threats. Discover actionable strategies to fortify your network, optimize security posture, and gain unparalleled insight into your hybrid environment. Don't let the cloud's dynamic nature compromise your security—empower your team with the knowledge to protect your critical assets.

Securing the Hybrid Cloud: Key Strategies for Network Security

Geared towards security and IAM teams, this webinar will share insights into understanding and implementing a non-human identity solution effectively through key use cases, essential solution features and evaluation criteria that will help integrate NHI security into your broader identity strategy and strengthen your security posture.

How to Evaluate a Non-Human Identity (NHI) Security Solution

Salesforce Agentforce will revolutionize how sales, marketing, and customer service agents interact with customers and access internal documentation within the CRM tool.

However, without a proper roll out plan and understanding of how Agentforce works, your organization could face unexpected risks when it comes to security.

Join Varonis and Salesforce for an insightful discussion on mastering Agentforce, including a deep dive into how the tool works, how to plan for deployment, and other best practices that Salesforce users of all levels can adopt.

Unlocking Agentforce: Best Practices for Deploying Salesforce's AI Tools

Organizations are navigating a rapidly evolving threat landscape, with hybrid and multi-cloud environments introducing fragmented visibility and complex data exposure risks. To better understand how enterprises are managing this challenge, Thales commissioned the Cloud Security Alliance (CSA) to investigate how organizations view risk to improve their data security posture. The study explores how organizations identify and prioritize data risks, the classification methods and monitoring tools they rely on, and the limitations they face in achieving a unified, real-time view of their data security posture. It also highlights how risk-based security solutions can improve response effectiveness, reduce downtime, and support compliance by delivering continuous visibility and actionable intelligence across diverse environments. 

Join Hillary Baron, AVP of Research at the Cloud Security Alliance (CSA), as she reveals the results of the Understanding Data Security Risk survey. Also participating is Krishna Ksheerabdhi, Vice President of Product Marketing for Cybersecurity & Digital Identity (CDI) at Thales Group. They will discuss how organizations are unifying fragmented tools into cohesive platforms while adopting proactive, risk-driven approaches to enhance resilience, protect critical data, and streamline compliance.

Data Security Risk Insights for Improving Data Security Posture

Business continuity is top of mind in 2025. With AI-fueled cyberattacks at an all-time high, geopolitical instability in the news, and an ever-growing number of regulations to deal with, organizations are looking for solid foundations on which to build their operations.

In this webinar we will peel back the layers of operational resilience and explore practical ways in to help organizations:
• Remain compliant to regulations covering business continuity
• Protect their brand and reputation in an always-on world
• Look in detail at how to keep its mission critical services online
• Adopt fully managed business continuity cloud solutions

You should expect to come away from this webinar confident in your ability to stay compliant and operational, even during the most trying of circumstances.

Managed Business Continuity Cloud Solutions

Ever wonder what security leaders across industries are focusing on in the GRC space? What are their top priorities, and how should they shape yours?

Join Vanta’s GRC Subject Matter Expert, Faisal Khan, and Daniele Catteddu, CSA's Chief Technology Officer, for a deep dive on building and scaling GRC programs. They will share their take on the role of trust, AI, and automation in strengthening your foundation and preparing for what’s next.

What to expect:
Point of view on top of mind issues for GRC leaders
Role of trust management in scaling GRC 
Where to prioritize AI and automation in GRC

Scaling GRC with Trust, AI, and Automation

Dive into a full year of SOC data to identify trends in infrastructure targets, malware, schemes, and more to uncover strategies for improving your security resilience in the coming year. We’ll cover:
• Security data specific to the FinServ industry, including specific threats to be aware of and remediation tactics
• Comparisons of trends in FinServ versus cybersecurity customers as a whole
• Recommendations for keeping your FinServ organization secure

Analyzing Annual SOC Data to Inform Your 2025 FinServ Security Strategies

Will you be prepared when a new software supply chain attack happens? Because if there is one thing that can be counted on; is it is no longer “if” it will happen, but “when”…..Software development teams are working fast, and security can become an afterthought in the rush to release. While it is impossible to eliminate the risk of being a victim in a software supply chain attack, there are best practices to reduce the risk of both being a victim and suffering potential damage caused during an attack.

Join us to learn what to do when a new vulnerability or software supply chain attack is discovered and how you can quickly determine your risk exposure by searching for the affected component and allowing you to quickly move to remediation.

Securing the Software Supply Chain

Cyber Security

Information Security

CISSP

Cyber Attacks

Cloud Security

Application Security

Supply Chain

Digital Transformation

Vulnerabilities

Remediation

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Securing the Software Supply Chain

Presented by

About this talk

Cloud Security Alliance: CloudBytes