The application-layer is the number one attack vector, yet 2/3 of applications remain untested for vulnerabilities. This is because security professionals struggle to demonstrate the business case for a mature application security programme.
RecordedJun 1 201527 mins
Your place is confirmed, we'll send you email reminders
Colin Domoney, Consultant Solutions Architect (Veracode) & Daniel Geater, Senior Test Consultant (QualiTest Group)
Join us as we explain how a secured DevOps (DevSecOps) delivery process can be achieved using automated code scan, enabling significant shift left of issues detection and minimizing the time to fix.
Whether you are considering DevSecOps, on the path, or already there, this webinar is designed to address your DevSecOps concerns.
In this webinar, you can expect to learn:
• The need for Application Security in today's digital economy
• An understanding of the principles of DevOps
• The challenges building security into DevOps (moving to DevSecOps)
Tim Jarrett, Sr. Director, Product Marketing & Tim Mathias, Cyber Security Executive
The New York State Department of Financial Services new Cybersecurity Regulations went into effect on March 1. These regulations, which cover financial services companies licensed by or operating in New York State, are more comprehensive and prescriptive than other cybersecurity regulations to date, and are most likely a taste of regulations to come. In particular, they introduce requirements around application security that are more specific and wide-ranging than most. What do financial services companies need to know about these regulations?
This webinar will get those affected by these requirements up to speed on:
> What the new regulations entail
> How best to approach these requirements
> How Veracode can help with compliance
Adrian Lane, CTO, Securosis, Jeff Craty, Dir. of Engineering, Veracode, & Tim Jarrett, Sr Dir. of Product Mktg at Veracode
DevOps increases teamwork, visibility and overall software quality. Yet, integrating security can be challenging for cultural and technological reasons.
This webinar, featuring Adrian Lane of Securosis and Tim Jarrett and Jeff Cratty of Veracode, dives into what DevOps is, explain how delivering secure code lends itself to the larger goals of DevOps, and discusses the challenging process and technical requirements for integrating security into DevOps.
Learn how you can have both development velocity and security without compromising either one.
With the mainstream adoption of DevOps, what does this mean for heavily regulated industries, such as financial services? How can an organisation that requires a clear segregation of duties between Dev and Ops, as well as strict regulations adopt the DevOps way?
Join this webinar for an optimistic view of how Dev(Sec)Ops can be applied in such challenging environments as well as examples of industry best practices.
Colin Domoney, Sr Product Innovations Manager at Veracode
With application security rapidly moving towards a DevSecOps approach, it's important to understand from each team's perspective how to be the successful in the new agile process.
Join this webinar to understand from a Developer's perspective both the challenges and benefits of a DevSecOps approach, and how to integrate with the rest of the security and operations teams.
With yet more cyber-attacks targeting the financial sector, it has never been more important to implement a robust application security programme within your cyber security strategy.
Join our Live Interactive Case Study to learn how Veracode Customer Success Managers have Defined, Executed & Optimised successful AppSec programmes for our financial sector clients, and how you could use this within your organisation to help reduce the risk of a breach.”
Dr. Joseph Feiman, Chief Innovation Officer at Veracode, and Joe Pelletier, Product Manager at Veracode
To better protect against cyberattacks, it’s not enough to find and fix application vulnerabilities during development and testing. You also have to block malicious activity against applications already in production. Runtime Application Self-Protection, or RASP, is an emerging technology that helps detect and stop these common attacks in real time.
Join this webcast to learn:
• Emerging trends in web application security from our leading experts
• Why detecting attacks from inside the application matters
• How to integrate runtime protection in your development and DevOps processes
• How Veracode Runtime Application Self-Protection can work for you
With our increased reliance on software, faulty and insecure applications put your data and the data of your business partners at risk. This can have repercussions well beyond any one incident and application security is the only way to protect against the risk.
Join Colin Domoney, previously Head of Appsec at Deutche Bank, as he discusses why applications are so risky, why you need to include application security in your security programme, as well as how he got started with Application Security.
While web and mobile applications account for more than a third of data breaches (source: 2014 Verizon Data Breach Investigations Report), most organizations are not spending time or money on application security. So why the disconnect? One reason is that fallacies abound when it comes to application security. Many of these fallacies stem from the traditional, on-premises tools-based approach to application security, which has fostered the misconception that application security programs are expensive and difficult to manage. But as breaches continue to make headlines, organizations are realizing the serious risk posed by applications.
Reducing software risk is not just about finding vulnerabilities, it's about fixing them too. Join us to discover the different security testing technologies, and how each of them affect the areas of a business.
Dr. Joseph Feiman, Chief Innovation Officer at Veracode, and Sam King, Chief Strategy Office at Veracode
Applications are a top attack vector for cyber criminals. That’s why application security is evolving to become an integral part of the software development and DevOps processes. But that’s not enough. To protect the enterprise, you also need to ensure the safety of applications that are already in production. As classic security defenses have failed to keep pace with the evolving threat landscape, your applications now need to protect themselves against real-time attacks. Join Dr. Joseph Feiman, Chief Innovation Officer at Veracode, and Sam King, Chief Strategy Office at Veracode as they explain how these trends will play out, and how you can build powerful and transformative self-protection into your applications as part of a more intrinsically secure DevOps and Security Operations process.
Johannes B. Ullrich, Ph.D., dean of research at SANS and Joseph Feiman, CIO, Veracode
Inherent risks in web, mobile and cloud applications are keeping security practitioners up at night, according to the 2015 SANS survey on application security.
In this webcast, learn about the growing threats against applications, why applications are so risky, why you need to include application security in your enterprise security program, and how to get started.
Attend this webcast and be among the first to receive the associated whitepaper written by SANS Dean of Research, Johannes B. Ullrich, Ph.D.
Tim Jarrett, Director Product Marketing, Veracode and Adrian Lane, Analyst & CTO, Securois
Tim Jarrett of Veracode and Adrian Lane of Securois discuss the software development landscape across different industry verticals. They offer best practices for measuring application portfolio risk, remediating software vulnerabilities, and motivating development teams to embed these concepts into the software development lifecycle.
Tim Mathias of Thomson Reuters, Mike Gleiter of Thomson Reuters and Tim Jarrett of Veracode
You’re starting to get the hang of application security as an organization. But you have these nagging thoughts:
Are my applications more or less secure than my peers’ apps? How can I convince my software suppliers to move faster? How can I demonstrate that our appsec program is making a difference?
Andy Ellis, CSO of Akamai and Chris Wysopal, CTO & CISO of Veracode
Following the onslaught of high-profile cyberattacks reported in the past twelve to eighteen months, cyber security has become a more frequent topic in board-level conversations. How should the CISO respond to these new challenges and pressures?
Using data from an NYSE survey of nearly 200 corporate directors, two of the industry’s best-known voices – Andy Ellis, CSO of Akamai and Chris Wysopal, CTO & CISO of Veracode –discuss how CISOs can elevate the security conversation to a board-level discussion.
Wysopal and Ellis also discuss key questions such as:
•What are board members’ biggest fears regarding cyberattacks?
•Who do board members hold accountable when a major breach does occur at your company?
•How do board members prefer information be presented about risk posture and strategies?
•What metrics are most effective for gaining buy-in for your risk reduction strategy?
Chris Wysopal, CTO & CISO of Veracode and Jim Nelms, CISO of The Mayo Clinic
In this special videocast sponsored by Veracode and moderated by Dark Reading, two of the IT security industry’s best-known voices – Chris Wysopal, CTO & CISO of Veracode and Jim Nelms, CISO of The Mayo Clinic – will discuss the changing role of the CISO and how the importance of that role is growing within the organization.
Chris Eng, VP of Research at Veracode; Josh Corman, CTO of Sonatyp
As enterprises increasingly rely on connected devices, CISOs and CIOs should understand the critical implications of cybersecurity for the Internet of Things (IoT). Join Chris Eng, VP of Research at Veracode; Josh Corman, CTO of Sonatype; and DarkReading moderator Eric Ogren for a live-streaming videocast discussing how IoT changes how we develop applications and assess them for risk.
Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-attackers can find and exploit them, Veracode helps enterprises deliver innovation to market faster — without sacrificing security.