Hi [[ session.user.profile.firstName ]]

Application Security: Demonstrating True ROI

The application-layer is the number one attack vector, yet 2/3 of applications remain untested for vulnerabilities. This is because security professionals struggle to demonstrate the business case for a mature application security programme.
Recorded Jun 1 2015 27 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Veracode’s Security Programme Manager, Gearoid O'Connor
Presentation preview: Application Security: Demonstrating True ROI

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Application Security Metrics: How To Track Success Jan 31 2018 4:30 pm UTC 45 mins
    Anne Nielsen, Sr. Product Manager, Veracode Platform
    Metrics are critical for measuring and expanding an application security program. And there are a lot of important numbers you need to track to gauge your program’s progress, from fix rate to flaw density, but sometimes you need just one number that sums it all up. Executives don’t always want to see a slew of complicated charts and graphs – they want one simple number that answers, in a nutshell, is this program working, are we getting a return on our investment?

    Join us for a webinar with Anne Nielsen, Sr. Product Manager, Reporting & Strategy at Veracode, as we discuss our metric recommendation and dive into reporting best practices and tips for success.
  • Reduce Application Risk with Veracode Greenlight and Developer Sandbox Jan 24 2018 4:30 pm UTC 30 mins
    Austin Britt, CA Veracode Solution Architect
    During this 20-minute webinar, learn how developers can stay ahead of vulnerabilities that can disrupt the software development lifecycle (SDLC). See how Veracode Greenlight finds security defects and provides contextual remediation advice to help you fix issues in seconds, right within your IDE. Coupled with the use of Veracode’s developer sandbox, teams can scan code without alerting security or affecting an application’s overall compliance with policy.

    As a result you will be able to:
    •Reduce overall costs by 3x when compared to testing during the QA phase
    •Increase the fix rate of flaws using sandbox scans
    •Get your organization on track to move towards a DevOps and continuous release cycle
  • Secure your code at the speed of DevOps: Scan microservices in under 30 minutes! Jan 17 2018 4:30 pm UTC 30 mins
    Jacob Martel, CA Veracode Solution Architect
    During this 20 minute webinar, see how Veracode Static Analysis and Veracode Software Composition Analysis work together to automate application scans to deliver fast, repeatable results. When scanning entire applications in DevOps-friendly languages, more than 70% of scans complete in under an hour, and scans of microservices return even more quickly.

    In this webinar you will learn how to
    •Check for vulnerabilities in your open source components within a same scan
    •Remove additional integration requirements within your continuous integration pipeline
    •Enables your organization to speed applications to market without sacrificing security
  • Manage application risk with policy-based scanning Recorded: Dec 20 2017 17 mins
    Glenn Whittemore, CA Veracode Solution Architect
    Ensure that all your applications are accurately assessed with policy-based scanning.
    Join this 20 minute webinar to see how Veracode can help you protect your organization against data breaches and meeting regulations and policies addressing cybersecurity and information security controls in a timely manner.
    See how the Veracode Platform provides built-in, automated compliance workflows to reduce communication overhead and provide a secure audit trail of your compliance processes, including notifications about policy changes. Veracode’s unified platform can also help you address OWASP security issues by integrating security seamlessly into software development and eliminating vulnerabilities at the most efficient and effective points in the development/deployment chain.
  • The Veracode Platform: Behind the Scenes Tips and Tricks! Recorded: Dec 13 2017 47 mins
    Mitch Horton, CA Veracode Principal Security Program Manager
    Hear from one of our customer-facing Services experts to learn the ins and outs of the Veracode platform. See how Veracode can you started with assessing and managing security risk across your entire application portfolio. With a wide range of security testing and threat mitigation techniques, all hosted on a central, cloud-based platform – your security program will be up and running and ready to scale.

    During this webinar, you will see a demo of the Veracode platform’s ability to scan all of the applications and components you build or buy, covering all major languages, frameworks, and application types. As a central repository for your applications and components, Veracode’s platform provides you with full visibility into your risk posture and integrates into each stage of your software development lifecycle, so you are building and delivering secure software.
  • Mobile Behavioral Analysis with Veracode Recorded: Dec 6 2017 10 mins
    Lupita Carabes, CA Veracode Solution Architect
    Keep tabs on your mobile applications with CA Veracode’s cloud-based Mobile Behavioral Analysis. CA Veracode’s Mobile Behavioral Analysis provides security-related findings for mobile applications.

    Join this 20-minute webinar to see how we can help you gain visibility into the risk exposure of your mobile applications in order to protect your customers and your business. During this time our experts will discuss a common security risk with mobile applications called over-permissioning, including:

    •How does it work?
    •What is the security risk?
    •Who does it help?
  • The Path From DevOps To DevSecOps Recorded: Nov 30 2017 51 mins
    Joseph Feiman, Chief Innovation Officer, Veracode
    DevOps has not yet fully transitioned to DevSecOps - leaving the DevOps inherently insecure. What is preventing security from integrating into DevOps? This discussion will offer an answer. Specifically, it will define capabilities that application security should adopt, explain how existing technologies should change, forecast emerging technologies, and estimate the pace of application security transformation within this era of DevOps.

    Join Joseph Feiman, Chief Innovation Officer at Veracode, will discuss the technology solutions needed for security to seamlessly integrate into DevOps – technologies that application development, operation, and security specialists don’t have to learn, see, or run. He’ll share insights into these technologies, forecast the pace of their adoption, and evaluate benefits of adopting one technology versus another. Attendees of this session will learn what will come to the market within the next few years, how to plan adoption, and what will or will not work when application security eventually transforms to enable DevSecOps.
  • Veracode Integrations For .NET Environments Recorded: Nov 29 2017 26 mins
    Austin Britt, CA Veracode Solution Architect
    Developers work best when tools don’t get in their way.

    Join this 20 minute webinar to see how Veracode integrates with .NET tools including Visual Studio. Veracode offers a Visual Studio extension that can compile .NET applications so developers can scan and review security findings before checking in code. Ensure that you catch security issues before they get further downstream by integrating Veracode into your Visual Studio Team Services or Team Foundation Server build or release pipelines. In addition, learn how you can easily see which findings violate your security policy and view the data path and call stack information to understand how your code may be vulnerable to attack.
  • Bringing Security to DevOps with Veracode Integrations Recorded: Nov 28 2017 25 mins
    Austin Britt, CA Veracode Solution Architect
    Keep in pace with the speed of DevOps and reap the benefits.

    Developers and security teams are both challenged to meet security goals in complex environments. Developers already need to manage many separate tools; new AppSec tools that do not integrate well or lack flexible APIs and customizable integrations are met with low adoption, high distraction and a steep learning curve.

    Join this 20 minute webinar to see how the Veracode Application Security Platform integrates with the development, security and risk-tracking tools you already use. Get a first-hand look at how our flexible API allows you to create your own custom integrations or use community integrations. Make security developer-friendly so you can go faster, without sacrificing security.
  • Know What’s In Your Software And Stay Ahead of Vulnerabilities Recorded: Nov 14 2017 19 mins
    Jessica Lavery, CA Veracode Director of Corporate Communications and Lupita Carabes, CA Veracode Solution Architect
    Open source components have become a critical part of code development --- and a top target for cyberattackers. With one component breach, an attacker can reach hundreds of thousands of applications. As we’ve seen, these breaches can target profitable personal information – leaving us to wonder what is coming next.

    Watch this webinar to learn how you can ensure which open source components are in use in your organization in order to protect yourself from a large-scale data breach. You will also get a sneak peek at Veracode’s Software Composition Analysis solution which creates a dynamic inventory of the components you are using, along with their versions and locations. Armed with this information, you can quickly patch when a big vulnerability hits the news.
  • The Impact Of Enterprise Web Application Trends Going Mainstream Recorded: Oct 26 2017 46 mins
    Saikrishna “Sai” Chavali, CA Veracode Product Manager
    Software is increasingly the lifeblood of every organization. We are faced with managing the rapid proliferation of web applications and services on which they rely to run their business. The mainstream nature of APIs, standalone and behind web apps, and DevSecOps practices are dramatically changing the potential attack surface for hackers and other threats.

    Watch this webinar to hear more about these trends and assess how you need to work within your organization to ensure the security of your application. Specific topics to be discussed include:
    •Single Page App-ish (SPA) Architecture to rule enterprise web apps
    •Rise of DevSecOps and how its practices demand even faster performance and security testing cycles
    •Standalone APIs are valuable attack surface for hackers
  • Get Laser-Focused Visibility into the Risk Posture of your Web Applications Recorded: Oct 25 2017 12 mins
    Nathan Michalov, CA Veracode Solution Architect
    Expand your static analysis capabilities and begin scanning earlier in the software testing phase.

    Join this 20 minute webinar to see how Veracode can help you unlock the capabilities of DynamicDS and Virtual Scan Appliance (VSA). With these deeper scanning abilities, your organization can identify and remediate application vulnerabilities before cyber criminals can find and exploit them.

    These technologies can help you ensure ongoing security assessments as an automated cloud-based service — backed by Veracode’s world-class application security experts. Enable your teams to discover and address vulnerabilities during the production and pre-production phases of the software development lifecycle (SDLC). Specifically you’ll see how you can:

    •Start Scanning Immediately: Easy to deploy: cloud-based and no hardware to purchase
    •Integrate with Central Cloud Platform: Uploads all test results to our cloud platform that can be aggregated and evaluated using a single set of centralized policies and reports
    •Generate Verified and Actionable Results: Our security experts examine results to distinguish real problems from false positives and helps you deliver complete threat information to help development and QA teams remediate flaws
  • Lacking AppSec Resources? Veracode Has Your Path Forward! Recorded: Oct 11 2017 24 mins
    Austin Britt, CA Veracode Solution Architect
    A successful application security program takes more than powerful technology.

    Join this 20 minute webinar to get your application security program off the ground with Veracode’s Services offerings. Learn how Veracode can lend its expertise to help your security teams and developers work together to rapidly identify, understand and remediate critical vulnerabilities — and help transform decentralized, ad hoc application security processes into ongoing, policy-based governance. Hear one of Veracode’s experts provide an overview of Services offerings such as:

    •Program Management: implement enterprise-wide governance models and day-to-day tactics to systematically reduce risk from application-layer attacks, based on best practices
    •Developer Coaching: work with developers to understand assessment results, prioritize remediation efforts and integrate with existing SDLC tools and processes
    •Developer Training: empower developers, testers and security leads to develop secure applications, providing the critical skills they need to identify and address potential vulnerabilities
  • The Veracode Community: Manage Your AppSec and DevSecOps Initiatives Recorded: Sep 28 2017 21 mins
    Asha May, CA Veracode Community Lead
    Veracode is building a strong community to support the people who build and secure today’s software. The Veracode Community is open to all -- for Veracode customers, and for any developer or security professional seeking resources about securing applications throughout the development process.

    Join this webinar to see how the Veracode Community can help you solve your tough application security problems. We’ll discuss:

    •The purpose of the community – a space for developers and security practitioners to find answers and collaborate on application security best practices
    •How Community members can access resources, customer support, and forums for collaboration
    •Plus, see a demo of the community’s user-friendly platform
  • Protect Your Organization and Build Secure Code with Developer Training Recorded: Sep 27 2017 9 mins
    Patrick Hayes, CA Veracode Solution Architect
    Learn how Veracode Developer Training can help your development team code more securely!
    Join this 20 minute webinar to get your application security program and secure DevOps initiatives off the ground with Veracode Developer Training. Learn how your developers can address important security concerns, such as:
    •OWASP Top 10 and PCI requirements
    •Secure coding for multiple languages (e.g., Java, .Net, CC++) and architectures (e.g., Mobile, Web and ClientServer)
    •Proactive techniques, such as Threat Modeling and Secure Architecture that can be used in the early stages of the Software Development Life Cycle (SDLC), minimizing the number of security defects in the code
  • Securing Your Software Supply Chain Recorded: Sep 19 2017 32 mins
    Colin Domoney, Consultant Solutions Architect - Veracode
    As organisations use CI/CD pipelines to build, test and deploy software at ever increasing speed it becomes imperative that the software supply chain should be secured to prevent the deployment of code of unknown provenance or with known vulnerabilities. In this webinar we will examine this topic from the following perspectives:
    1. Ensuring that a ‘chain of custody’ is maintained from source control through to deployed production code.
    2. Understanding how software components and artefacts are introduced into the supply chain.
    3. Best practices for controlling and assessing third party components in the supply chain.
  • Build secure software and manage application risk with the Veracode platform Recorded: Sep 13 2017 30 mins
    Jacob Martel, Solution Architect, Veracode
    See why Gartner has named Veracode a Leader in the Magic Quadrant for Application Security for the fourth time!

    Join this 20 minute webinar to see how Veracode can help you manage security risk across your entire application portfolio through a wide range of security testing and threat mitigation techniques, all hosted on a central, cloud-based platform.

    During this webinar, you will see a demo of the Veracode platform’s ability to scan all of the applications and components you build or buy, covering all major languages, frameworks, and application types. As a central repository for your applications and components, Veracode’s platform provides you with full visibility into your risk posture and integrates into each stage of your software development lifecycle, so you are building secure software.
  • Survey Says! You Too Can Boast a DevOps Model from Development to Production Recorded: Sep 6 2017 20 mins
    Pete Chestna, Director of Developer Engagement, CA Veracode and Alan Shimel, Editor-in-Chief, DevOps.com
    Join Alan Shimel Editor-in-chief of DevOps.com and Pete Chestna, Director of Development Engagement of CA Veracode as they engage in an interactive discussion on the current state of DevSecOps global skills based on findings from a recent survey conducted with DevOps professionals. Specifically they will discuss:

    -Factors causing the scarcity of DevOps-related skills
    -Benefits and drawbacks of various education models for IT and development teams
    -Establishing effective security training for developers and operations to securely deliver software at DevOps speeds and fully embrace DevSecOps principles
  • It's Not All Gloom and Doom: Security and Development Are More Aligned Than Ever Recorded: Sep 6 2017 63 mins
    Pete Chestna, Director of Developer Engagement, CA Veracode and Doug Cahill, Senior Analyst, ESG
    Despite the popular belief that security and development teams have conflicting priorities, the creation of DevOps has now aligned the two teams toward a common goal, creating secure software. Since software continues to be a major driver of innovation and economic growth, eliminating the perception of friction between security and development is a top priority for IT professionals. In a recent study conducted between Enterprise Strategy Group (ESG) and Veracode, 58 percent of respondents stated their organization is taking a collaborative approach to securing applications.

    Join Doug Cahill, Senior Analyst at ESG and Pete Chestna, Director of Developer Engagement at Veracode as they take a deeper dive into the results of this survey and what it means for your organization.
  • Full Spectrum Engineering – The new full stack Recorded: Sep 5 2017 61 mins
    Pete Chestna, Director of Developer Engagement, CA Veracode
    In this webinar, Pete Chestna, Veracode Director of Developer Engagement, will share his insights on what a full-spectrum developer is and how they are crucial for organizations transitioning to DevSecOps.
Cloud-Based Application Security
Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-attackers can find and exploit them, Veracode helps enterprises deliver innovation to market faster — without sacrificing security.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Application Security: Demonstrating True ROI
  • Live at: Jun 1 2015 3:00 pm
  • Presented by: Veracode’s Security Programme Manager, Gearoid O'Connor
  • From:
Your email has been sent.
or close