Hi [[ session.user.profile.firstName ]]

Application Security: Demonstrating True ROI

The application-layer is the number one attack vector, yet 2/3 of applications remain untested for vulnerabilities. This is because security professionals struggle to demonstrate the business case for a mature application security programme.
Recorded Jun 1 2015 27 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Veracode’s Security Programme Manager, Gearoid O'Connor
Presentation preview: Application Security: Demonstrating True ROI

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Application Security Within The Financial Market - An Interactive Case Study Dec 8 2016 11:00 am UTC 45 mins
    Arun Vohra, Services Manager
    With yet more cyber-attacks targeting the financial sector, it has never been more important to implement a robust application security programme within your cyber security strategy.

    Join our Live Interactive Case Study to learn how Veracode Customer Success Managers have Defined, Executed & Optimised successful AppSec programmes for our financial sector clients, and how you could use this within your organisation to help reduce the risk of a breach.”
  • What if your Web Applications could protect themselves? Recorded: Sep 28 2016 48 mins
    Dr. Joseph Feiman, Chief Innovation Officer at Veracode, and Joe Pelletier, Product Manager at Veracode
    To better protect against cyberattacks, it’s not enough to find and fix application vulnerabilities during development and testing. You also have to block malicious activity against applications already in production. Runtime Application Self-Protection, or RASP, is an emerging technology that helps detect and stop these common attacks in real time.

    Join this webcast to learn:

    • Emerging trends in web application security from our leading experts
    • Why detecting attacks from inside the application matters
    • How to integrate runtime protection in your development and DevOps processes
    • How Veracode Runtime Application Self-Protection can work for you
  • Why You Need Application Security Recorded: Jul 21 2016 39 mins
    Colin Domoney, Senior Product Innovation Manager
    With our increased reliance on software, faulty and insecure applications put your data and the data of your business partners at risk. This can have repercussions well beyond any one incident and application security is the only way to protect against the risk.
    Join Colin Domoney, previously Head of Appsec at Deutche Bank, as he discusses why applications are so risky, why you need to include application security in your security programme, as well as how he got started with Application Security.
  • Revealing the Truth Behind Software Security Myths and Realities Recorded: Jun 23 2016 37 mins
    Chris Campbell, Solutions Architect
    While web and mobile applications account for more than a third of data breaches (source: 2014 Verizon Data Breach Investigations Report), most organizations are not spending time or money on application security. So why the disconnect? One reason is that fallacies abound when it comes to application security. Many of these fallacies stem from the traditional, on-premises tools-based approach to application security, which has fostered the misconception that application security programs are expensive and difficult to manage. But as breaches continue to make headlines, organizations are realizing the serious risk posed by applications.
  • How do vulnerabilities get into software? Recorded: May 17 2016 44 mins
    Laurie Mercer, Solutions Architect, Veracode
    Research reveals that 63% of internally developed applications are initially out of compliance with OWASP Top 10 standards. Join this webinar to learn how vulnerabilities end up in your software.
  • Don't Just Find Software Flaws, Fix Them Recorded: Apr 19 2016 50 mins
    John Smith, Senior Security Architect, Veracode
    Reducing software risk is not just about finding vulnerabilities, it's about fixing them too. Join us to discover the different security testing technologies, and how each of them affect the areas of a business.
  • How Your Applications Can Protect Themselves from Cyber-Threats Recorded: Apr 13 2016 57 mins
    Dr. Joseph Feiman, Chief Innovation Officer at Veracode, and Sam King, Chief Strategy Office at Veracode
    Applications are a top attack vector for cyber criminals. That’s why application security is evolving to become an integral part of the software development and DevOps processes. But that’s not enough. To protect the enterprise, you also need to ensure the safety of applications that are already in production. As classic security defenses have failed to keep pace with the evolving threat landscape, your applications now need to protect themselves against real-time attacks. Join Dr. Joseph Feiman, Chief Innovation Officer at Veracode, and Sam King, Chief Strategy Office at Veracode as they explain how these trends will play out, and how you can build powerful and transformative self-protection into your applications as part of a more intrinsically secure DevOps and Security Operations process.
  • Benchmarking AppSec: A Metrics Pyramid Recorded: Mar 22 2016 60 mins
    SANS Instructor Jim Bird and Tim Jarrett
    So you think you've assessed your applications, scanned them, patched them and reduced your vulnerabilities, but how do you know if these actions have actually improved your organizational risk profile?

    In the 2015 SANS survey on application security, only 31% of respondents felt their IT security spending was adequate, while 47% of those able to assess their environments felt their programs needed improvement.

    Do you measure improvement by number of breaches? Can you prove reduction in attack surface? Did you improve compliance posture and if so by how much? What benchmarks does management actually care about?

    In this webcast, SANS instructor and application expert Jim Bird will introduce his metrics pyramid covering technical, operational and executive level benchmark requirements and resources.

    Attend this webcast and be among the first to receive the associated whitepaper written by SANS Instructor Jim Bird.
  • Getting Started with Application Security Recorded: Mar 15 2016 56 mins
    John Smith, Senior Security Architect, Veracode
    Application-layer attacks are growing much more rapidly than infrastructure attacks, yet many organisations remain hesitant to create an application security programme as they believe it will require excessive time and resources.

    Join our webinar to discover how any organisation, regardless of size or resources, can create an effective application security programme.
  • Getting Started with Web Application Security Recorded: Feb 24 2016 60 mins
    Gregory Leonard, co-author and instructor for the SANS DEV541 course; Joseph Feiman, CIO, Veracode
    Chances are, at any given moment, your organization's web applications are under attack (if not already exploited). Attackers see web applications as the front door: just one vulnerability allows them entry - perhaps to the database supporting the web application or maybe to your business partners, such as the payment processing vendor supporting your application.

    In this webcast, learn why Cross Site Scripting, SQL Injection, Input Validation and other common vulnerabilities continue to plague web applications. Speakers will discuss what types of web apps are most targeted (such as Java and .NET, according to the 2015 SANS Application Security Survey), why these types of applications are targeted, and what the common outcomes of these types of breaches are.

    Presenters will also provide educational and technical resources to help security operations teams proactively manage their web applications by finding and reducing vulnerabilities - before attackers can take advantage of them.

    Attend this webcast and be among the first to receive the associated whitepaper written by SANS Instructor, Gregory Leonard.
  • Why You Need Application Security Recorded: Feb 4 2016 61 mins
    Johannes B. Ullrich, Ph.D., dean of research at SANS and Joseph Feiman, CIO, Veracode
    Inherent risks in web, mobile and cloud applications are keeping security practitioners up at night, according to the 2015 SANS survey on application security.

    In this webcast, learn about the growing threats against applications, why applications are so risky, why you need to include application security in your enterprise security program, and how to get started.

    Attend this webcast and be among the first to receive the associated whitepaper written by SANS Dean of Research, Johannes B. Ullrich, Ph.D.
  • Build Software Securely. What the data tells us Recorded: Oct 29 2015 62 mins
    Tim Jarrett, Director Product Marketing, Veracode and Adrian Lane, Analyst & CTO, Securois
    Tim Jarrett of Veracode and Adrian Lane of Securois discuss the software development landscape across different industry verticals. They offer best practices for measuring application portfolio risk, remediating software vulnerabilities, and motivating development teams to embed these concepts into the software development lifecycle.
  • The Fantastic Four: Metrics You Can’t Ignore When Reducing Application-Layer Ris Recorded: Sep 18 2015 62 mins
    Tim Mathias of Thomson Reuters, Mike Gleiter of Thomson Reuters and Tim Jarrett of Veracode
    You’re starting to get the hang of application security as an organization. But you have these nagging thoughts:
    Are my applications more or less secure than my peers’ apps? How can I convince my software suppliers to move faster? How can I demonstrate that our appsec program is making a difference?
  • Understanding the Board’s Perspective on Cybersecurity Recorded: Sep 3 2015 61 mins
    Andy Ellis, CSO of Akamai and Chris Wysopal, CTO & CISO of Veracode
    Following the onslaught of high-profile cyberattacks reported in the past twelve to eighteen months, cyber security has become a more frequent topic in board-level conversations. How should the CISO respond to these new challenges and pressures?
    Using data from an NYSE survey of nearly 200 corporate directors, two of the industry’s best-known voices – Andy Ellis, CSO of Akamai and Chris Wysopal, CTO & CISO of Veracode –discuss how CISOs can elevate the security conversation to a board-level discussion.
    Wysopal and Ellis also discuss key questions such as:
    •What are board members’ biggest fears regarding cyberattacks?
    •Who do board members hold accountable when a major breach does occur at your company?
    •How do board members prefer information be presented about risk posture and strategies?
    •What metrics are most effective for gaining buy-in for your risk reduction strategy?
  • The Changing Role of the Chief Information Security Officer Recorded: Aug 27 2015 6 mins
    Chris Wysopal, CTO & CISO of Veracode and Jim Nelms, CISO of The Mayo Clinic
    In this special videocast sponsored by Veracode and moderated by Dark Reading, two of the IT security industry’s best-known voices – Chris Wysopal, CTO & CISO of Veracode and Jim Nelms, CISO of The Mayo Clinic – will discuss the changing role of the CISO and how the importance of that role is growing within the organization.
  • The Internet of Things, the Software Supply Chain and Cybersecurity Recorded: Aug 27 2015 62 mins
    Chris Eng, VP of Research at Veracode; Josh Corman, CTO of Sonatyp
    As enterprises increasingly rely on connected devices, CISOs and CIOs should understand the critical implications of cybersecurity for the Internet of Things (IoT). Join Chris Eng, VP of Research at Veracode; Josh Corman, CTO of Sonatype; and DarkReading moderator Eric Ogren for a live-streaming videocast discussing how IoT changes how we develop applications and assess them for risk.
  • NYSE Survey: Understanding Cybersecurity in the Boardroom Recorded: Aug 27 2015 56 mins
    Chris Wysopal, Veracode co-founder, CTO and CISO
    CISOs can become more effective, strategic leaders by understanding prevailing perceptions about cybersecurity before stepping foot into the boardroom. Listen to this webinar to gain strategic insights from NYSE’s survey of nearly 200 board members about how they perceive and prioritize cybersecurity. Chris Wysopal, Veracode co-founder, CTO and CISO, will also share his recommendations based on his own experience presenting to boards and his ongoing conversations with fellow CISOs.
  • What You Need To Know About Stagefright Recorded: Aug 27 2015 59 mins
    Brian LaFlamme and Frank Kim
    Veracode’s director of solutions enablement, Brian LaFlamme and Frank Kim, CISO for SANS, discuss new details regarding the Stagefright vulnerability and why vulnerabilities in graphic libraries keep cropping up.
  • Why Enterprises Are Finally Discussing the Elephant in the Room Recorded: Jun 26 2015 58 mins
    Wendy Nather, 451 Research and Chris Wysopal, Veracode
    During this webinar, 451 Research Analyst Wendy Nather will present the findings from a series of in-depth interviews with security executives regarding how they are working to secure the software supply chain. Additionally, Chris Wysopal, Veracode co-founder and CISO, will provide analysis of how enterprises are addressing this growing challenge.
  • The ISV Experience: Security Gains, Cost Savings, and Business Benefits Recorded: Jun 25 2015 44 mins
    Sean Owens, Consultant, Forrester Research and Anne Nielsen, Product Manager, Veracode
    Watch this on-demand webinar featuring Forrester Research for a sneak peek into how this study found independent software suppliers benefited from Veracode's cloud-based service, and how you can use this analysis to develop your own business case.
Cloud-Based Application Security
Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-attackers can find and exploit them, Veracode helps enterprises deliver innovation to market faster — without sacrificing security.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Application Security: Demonstrating True ROI
  • Live at: Jun 1 2015 3:00 pm
  • Presented by: Veracode’s Security Programme Manager, Gearoid O'Connor
  • From:
Your email has been sent.
or close