Veracode’s director of solutions enablement, Brian LaFlamme and Frank Kim, CISO for SANS, discuss new details regarding the Stagefright vulnerability and why vulnerabilities in graphic libraries keep cropping up.
RecordedAug 27 201559 mins
Your place is confirmed, we'll send you email reminders
Did you know the Veracode Application Security Platform integrates with the development, security and risk-tracking tools you already use? And our flexible APIs allow you to create your own custom integrations or use community integrations, built by the open source community.
Join us for a webinar as we explore ways in which you can use integrations to help you go faster, without sacrificing security. Below are a few ways Veracode can integrate into your Agile and DevOps processes:
• Integrated Development Environments (IDEs)
• Build Servers
• Defect Tracking Systems
• Governance, Risk and Compliance Solutions
Amy DeMartine, Principal Analyst, Security & Risk, Forrester & Bhavna Sarathy, Principal Product Manager, Veracode
Security breaches continue to make headlines and negatively impact the reputation and bottom line for many businesses. According to Cybersecurity Ventures, global annual cybercrime costs will double between now and 2021. More than 50% of all cyberattacks target the software application layer* and the number of these attacks grows at a rate of about 25% per year**.
Enter DevOps- a delivery approach that focuses on continuous software delivery and gives organizations an opportunity to reduce overall security risks in applications. It offers development teams the ability to introduce security earlier in the development lifecycle so they can identify and address vulnerabilities faster.
While traditional methodologies typically introduce security during later phases of development, DevOps enables security visibility across the lifecycle to decrease discovery and remediation time.
In this webinar, guest speaker Amy DeMartine, Principal Analyst at Forrester Research and Bhavna Sarathy, Principal Product Manager at Veracode will provide an overview of the current state of cybersecurity and the DevOps movement, how security is changing the way that software is being built and deployed, and the technologies and best practices organizations should consider in order to reduce the likelihood of a data breach. Specific topics addressing the threat of data breaches to be discussed include:
• The organizational gaps that both security and development teams are currently tackling with regards to data breach prevention
• Practical steps both teams can take to transition to a secure DevOps environment
• Leveraging technologies such as Web Application Scanning which enable teams to discover and address vulnerabilities during the production and pre-production phases of the software development lifecycle
Tim Jarrett, Sr. Director, Product Marketing & Tim Mathias, Cyber Security Executive
The New York State Department of Financial Services new Cybersecurity Regulations went into effect on March 1. These regulations, which cover financial services companies licensed by or operating in New York State, are more comprehensive and prescriptive than other cybersecurity regulations to date, and are most likely a taste of regulations to come. In particular, they introduce requirements around application security that are more specific and wide-ranging than most. What do financial services companies need to know about these regulations?
This webinar will get those affected by these requirements up to speed on:
> What the new regulations entail
> How best to approach these requirements
> How Veracode can help with compliance
Adrian Lane, CTO, Securosis, Jeff Craty, Dir. of Engineering, Veracode, & Tim Jarrett, Sr Dir. of Product Mktg at Veracode
DevOps increases teamwork, visibility and overall software quality. Yet, integrating security can be challenging for cultural and technological reasons.
This webinar, featuring Adrian Lane of Securosis and Tim Jarrett and Jeff Cratty of Veracode, dives into what DevOps is, explain how delivering secure code lends itself to the larger goals of DevOps, and discusses the challenging process and technical requirements for integrating security into DevOps.
Learn how you can have both development velocity and security without compromising either one.
With the mainstream adoption of DevOps, what does this mean for heavily regulated industries, such as financial services? How can an organisation that requires a clear segregation of duties between Dev and Ops, as well as strict regulations adopt the DevOps way?
Join this webinar for an optimistic view of how Dev(Sec)Ops can be applied in such challenging environments as well as examples of industry best practices.
Colin Domoney, Sr Product Innovations Manager at Veracode
With application security rapidly moving towards a DevSecOps approach, it's important to understand from each team's perspective how to be the successful in the new agile process.
Join this webinar to understand from a Developer's perspective both the challenges and benefits of a DevSecOps approach, and how to integrate with the rest of the security and operations teams.
With yet more cyber-attacks targeting the financial sector, it has never been more important to implement a robust application security programme within your cyber security strategy.
Join our Live Interactive Case Study to learn how Veracode Customer Success Managers have Defined, Executed & Optimised successful AppSec programmes for our financial sector clients, and how you could use this within your organisation to help reduce the risk of a breach.”
Dr. Joseph Feiman, Chief Innovation Officer at Veracode, and Joe Pelletier, Product Manager at Veracode
To better protect against cyberattacks, it’s not enough to find and fix application vulnerabilities during development and testing. You also have to block malicious activity against applications already in production. Runtime Application Self-Protection, or RASP, is an emerging technology that helps detect and stop these common attacks in real time.
Join this webcast to learn:
• Emerging trends in web application security from our leading experts
• Why detecting attacks from inside the application matters
• How to integrate runtime protection in your development and DevOps processes
• How Veracode Runtime Application Self-Protection can work for you
With our increased reliance on software, faulty and insecure applications put your data and the data of your business partners at risk. This can have repercussions well beyond any one incident and application security is the only way to protect against the risk.
Join Colin Domoney, previously Head of Appsec at Deutche Bank, as he discusses why applications are so risky, why you need to include application security in your security programme, as well as how he got started with Application Security.
While web and mobile applications account for more than a third of data breaches (source: 2014 Verizon Data Breach Investigations Report), most organizations are not spending time or money on application security. So why the disconnect? One reason is that fallacies abound when it comes to application security. Many of these fallacies stem from the traditional, on-premises tools-based approach to application security, which has fostered the misconception that application security programs are expensive and difficult to manage. But as breaches continue to make headlines, organizations are realizing the serious risk posed by applications.
Reducing software risk is not just about finding vulnerabilities, it's about fixing them too. Join us to discover the different security testing technologies, and how each of them affect the areas of a business.
Dr. Joseph Feiman, Chief Innovation Officer at Veracode, and Sam King, Chief Strategy Office at Veracode
Applications are a top attack vector for cyber criminals. That’s why application security is evolving to become an integral part of the software development and DevOps processes. But that’s not enough. To protect the enterprise, you also need to ensure the safety of applications that are already in production. As classic security defenses have failed to keep pace with the evolving threat landscape, your applications now need to protect themselves against real-time attacks. Join Dr. Joseph Feiman, Chief Innovation Officer at Veracode, and Sam King, Chief Strategy Office at Veracode as they explain how these trends will play out, and how you can build powerful and transformative self-protection into your applications as part of a more intrinsically secure DevOps and Security Operations process.
Johannes B. Ullrich, Ph.D., dean of research at SANS and Joseph Feiman, CIO, Veracode
Inherent risks in web, mobile and cloud applications are keeping security practitioners up at night, according to the 2015 SANS survey on application security.
In this webcast, learn about the growing threats against applications, why applications are so risky, why you need to include application security in your enterprise security program, and how to get started.
Attend this webcast and be among the first to receive the associated whitepaper written by SANS Dean of Research, Johannes B. Ullrich, Ph.D.
Tim Jarrett, Director Product Marketing, Veracode and Adrian Lane, Analyst & CTO, Securois
Tim Jarrett of Veracode and Adrian Lane of Securois discuss the software development landscape across different industry verticals. They offer best practices for measuring application portfolio risk, remediating software vulnerabilities, and motivating development teams to embed these concepts into the software development lifecycle.
Tim Mathias of Thomson Reuters, Mike Gleiter of Thomson Reuters and Tim Jarrett of Veracode
You’re starting to get the hang of application security as an organization. But you have these nagging thoughts:
Are my applications more or less secure than my peers’ apps? How can I convince my software suppliers to move faster? How can I demonstrate that our appsec program is making a difference?
Andy Ellis, CSO of Akamai and Chris Wysopal, CTO & CISO of Veracode
Following the onslaught of high-profile cyberattacks reported in the past twelve to eighteen months, cyber security has become a more frequent topic in board-level conversations. How should the CISO respond to these new challenges and pressures?
Using data from an NYSE survey of nearly 200 corporate directors, two of the industry’s best-known voices – Andy Ellis, CSO of Akamai and Chris Wysopal, CTO & CISO of Veracode –discuss how CISOs can elevate the security conversation to a board-level discussion.
Wysopal and Ellis also discuss key questions such as:
•What are board members’ biggest fears regarding cyberattacks?
•Who do board members hold accountable when a major breach does occur at your company?
•How do board members prefer information be presented about risk posture and strategies?
•What metrics are most effective for gaining buy-in for your risk reduction strategy?
Chris Wysopal, CTO & CISO of Veracode and Jim Nelms, CISO of The Mayo Clinic
In this special videocast sponsored by Veracode and moderated by Dark Reading, two of the IT security industry’s best-known voices – Chris Wysopal, CTO & CISO of Veracode and Jim Nelms, CISO of The Mayo Clinic – will discuss the changing role of the CISO and how the importance of that role is growing within the organization.
Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-attackers can find and exploit them, Veracode helps enterprises deliver innovation to market faster — without sacrificing security.