Hi [[ session.user.profile.firstName ]]

Build Software Securely. What the data tells us

Tim Jarrett of Veracode and Adrian Lane of Securois discuss the software development landscape across different industry verticals. They offer best practices for measuring application portfolio risk, remediating software vulnerabilities, and motivating development teams to embed these concepts into the software development lifecycle.
Recorded Oct 29 2015 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Tim Jarrett, Director Product Marketing, Veracode and Adrian Lane, Analyst & CTO, Securois
Presentation preview: Build Software Securely. What the data tells us

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Manage application risk with policy-based scanning Dec 20 2017 5:00 pm UTC 30 mins
    Glenn Whittemore, CA Veracode Solution Architect
    Ensure that all your applications are accurately assessed with policy-based scanning.
    Join this 20 minute webinar to see how Veracode can help you protect your organization against data breaches and meeting regulations and policies addressing cybersecurity and information security controls in a timely manner.
    See how the Veracode Platform provides built-in, automated compliance workflows to reduce communication overhead and provide a secure audit trail of your compliance processes, including notifications about policy changes. Veracode’s unified platform can also help you address OWASP security issues by integrating security seamlessly into software development and eliminating vulnerabilities at the most efficient and effective points in the development/deployment chain.
  • The Veracode Platform: Behind the Scenes Tips and Tricks! Recorded: Dec 13 2017 47 mins
    Mitch Horton, CA Veracode Principal Security Program Manager
    Hear from one of our customer-facing Services experts to learn the ins and outs of the Veracode platform. See how Veracode can you started with assessing and managing security risk across your entire application portfolio. With a wide range of security testing and threat mitigation techniques, all hosted on a central, cloud-based platform – your security program will be up and running and ready to scale.

    During this webinar, you will see a demo of the Veracode platform’s ability to scan all of the applications and components you build or buy, covering all major languages, frameworks, and application types. As a central repository for your applications and components, Veracode’s platform provides you with full visibility into your risk posture and integrates into each stage of your software development lifecycle, so you are building and delivering secure software.
  • Mobile Behavioral Analysis with Veracode Recorded: Dec 6 2017 10 mins
    Lupita Carabes, CA Veracode Solution Architect
    Keep tabs on your mobile applications with CA Veracode’s cloud-based Mobile Behavioral Analysis. CA Veracode’s Mobile Behavioral Analysis provides security-related findings for mobile applications.

    Join this 20-minute webinar to see how we can help you gain visibility into the risk exposure of your mobile applications in order to protect your customers and your business. During this time our experts will discuss a common security risk with mobile applications called over-permissioning, including:

    •How does it work?
    •What is the security risk?
    •Who does it help?
  • The Path From DevOps To DevSecOps Recorded: Nov 30 2017 51 mins
    Joseph Feiman, Chief Innovation Officer, Veracode
    DevOps has not yet fully transitioned to DevSecOps - leaving the DevOps inherently insecure. What is preventing security from integrating into DevOps? This discussion will offer an answer. Specifically, it will define capabilities that application security should adopt, explain how existing technologies should change, forecast emerging technologies, and estimate the pace of application security transformation within this era of DevOps.

    Join Joseph Feiman, Chief Innovation Officer at Veracode, will discuss the technology solutions needed for security to seamlessly integrate into DevOps – technologies that application development, operation, and security specialists don’t have to learn, see, or run. He’ll share insights into these technologies, forecast the pace of their adoption, and evaluate benefits of adopting one technology versus another. Attendees of this session will learn what will come to the market within the next few years, how to plan adoption, and what will or will not work when application security eventually transforms to enable DevSecOps.
  • Veracode Integrations For .NET Environments Recorded: Nov 29 2017 26 mins
    Austin Britt, CA Veracode Solution Architect
    Developers work best when tools don’t get in their way.

    Join this 20 minute webinar to see how Veracode integrates with .NET tools including Visual Studio. Veracode offers a Visual Studio extension that can compile .NET applications so developers can scan and review security findings before checking in code. Ensure that you catch security issues before they get further downstream by integrating Veracode into your Visual Studio Team Services or Team Foundation Server build or release pipelines. In addition, learn how you can easily see which findings violate your security policy and view the data path and call stack information to understand how your code may be vulnerable to attack.
  • Bringing Security to DevOps with Veracode Integrations Recorded: Nov 28 2017 25 mins
    Austin Britt, CA Veracode Solution Architect
    Keep in pace with the speed of DevOps and reap the benefits.

    Developers and security teams are both challenged to meet security goals in complex environments. Developers already need to manage many separate tools; new AppSec tools that do not integrate well or lack flexible APIs and customizable integrations are met with low adoption, high distraction and a steep learning curve.

    Join this 20 minute webinar to see how the Veracode Application Security Platform integrates with the development, security and risk-tracking tools you already use. Get a first-hand look at how our flexible API allows you to create your own custom integrations or use community integrations. Make security developer-friendly so you can go faster, without sacrificing security.
  • Know What’s In Your Software And Stay Ahead of Vulnerabilities Recorded: Nov 14 2017 19 mins
    Jessica Lavery, CA Veracode Director of Corporate Communications and Lupita Carabes, CA Veracode Solution Architect
    Open source components have become a critical part of code development --- and a top target for cyberattackers. With one component breach, an attacker can reach hundreds of thousands of applications. As we’ve seen, these breaches can target profitable personal information – leaving us to wonder what is coming next.

    Watch this webinar to learn how you can ensure which open source components are in use in your organization in order to protect yourself from a large-scale data breach. You will also get a sneak peek at Veracode’s Software Composition Analysis solution which creates a dynamic inventory of the components you are using, along with their versions and locations. Armed with this information, you can quickly patch when a big vulnerability hits the news.
  • The Impact Of Enterprise Web Application Trends Going Mainstream Recorded: Oct 26 2017 46 mins
    Saikrishna “Sai” Chavali, CA Veracode Product Manager
    Software is increasingly the lifeblood of every organization. We are faced with managing the rapid proliferation of web applications and services on which they rely to run their business. The mainstream nature of APIs, standalone and behind web apps, and DevSecOps practices are dramatically changing the potential attack surface for hackers and other threats.

    Watch this webinar to hear more about these trends and assess how you need to work within your organization to ensure the security of your application. Specific topics to be discussed include:
    •Single Page App-ish (SPA) Architecture to rule enterprise web apps
    •Rise of DevSecOps and how its practices demand even faster performance and security testing cycles
    •Standalone APIs are valuable attack surface for hackers
  • Get Laser-Focused Visibility into the Risk Posture of your Web Applications Recorded: Oct 25 2017 12 mins
    Nathan Michalov, CA Veracode Solution Architect
    Expand your static analysis capabilities and begin scanning earlier in the software testing phase.

    Join this 20 minute webinar to see how Veracode can help you unlock the capabilities of DynamicDS and Virtual Scan Appliance (VSA). With these deeper scanning abilities, your organization can identify and remediate application vulnerabilities before cyber criminals can find and exploit them.

    These technologies can help you ensure ongoing security assessments as an automated cloud-based service — backed by Veracode’s world-class application security experts. Enable your teams to discover and address vulnerabilities during the production and pre-production phases of the software development lifecycle (SDLC). Specifically you’ll see how you can:

    •Start Scanning Immediately: Easy to deploy: cloud-based and no hardware to purchase
    •Integrate with Central Cloud Platform: Uploads all test results to our cloud platform that can be aggregated and evaluated using a single set of centralized policies and reports
    •Generate Verified and Actionable Results: Our security experts examine results to distinguish real problems from false positives and helps you deliver complete threat information to help development and QA teams remediate flaws
  • Lacking AppSec Resources? Veracode Has Your Path Forward! Recorded: Oct 11 2017 24 mins
    Austin Britt, CA Veracode Solution Architect
    A successful application security program takes more than powerful technology.

    Join this 20 minute webinar to get your application security program off the ground with Veracode’s Services offerings. Learn how Veracode can lend its expertise to help your security teams and developers work together to rapidly identify, understand and remediate critical vulnerabilities — and help transform decentralized, ad hoc application security processes into ongoing, policy-based governance. Hear one of Veracode’s experts provide an overview of Services offerings such as:

    •Program Management: implement enterprise-wide governance models and day-to-day tactics to systematically reduce risk from application-layer attacks, based on best practices
    •Developer Coaching: work with developers to understand assessment results, prioritize remediation efforts and integrate with existing SDLC tools and processes
    •Developer Training: empower developers, testers and security leads to develop secure applications, providing the critical skills they need to identify and address potential vulnerabilities
  • The Veracode Community: Manage Your AppSec and DevSecOps Initiatives Recorded: Sep 28 2017 21 mins
    Asha May, CA Veracode Community Lead
    Veracode is building a strong community to support the people who build and secure today’s software. The Veracode Community is open to all -- for Veracode customers, and for any developer or security professional seeking resources about securing applications throughout the development process.

    Join this webinar to see how the Veracode Community can help you solve your tough application security problems. We’ll discuss:

    •The purpose of the community – a space for developers and security practitioners to find answers and collaborate on application security best practices
    •How Community members can access resources, customer support, and forums for collaboration
    •Plus, see a demo of the community’s user-friendly platform
  • Protect Your Organization and Build Secure Code with Developer Training Recorded: Sep 27 2017 9 mins
    Patrick Hayes, CA Veracode Solution Architect
    Learn how Veracode Developer Training can help your development team code more securely!
    Join this 20 minute webinar to get your application security program and secure DevOps initiatives off the ground with Veracode Developer Training. Learn how your developers can address important security concerns, such as:
    •OWASP Top 10 and PCI requirements
    •Secure coding for multiple languages (e.g., Java, .Net, CC++) and architectures (e.g., Mobile, Web and ClientServer)
    •Proactive techniques, such as Threat Modeling and Secure Architecture that can be used in the early stages of the Software Development Life Cycle (SDLC), minimizing the number of security defects in the code
  • Securing Your Software Supply Chain Recorded: Sep 19 2017 32 mins
    Colin Domoney, Consultant Solutions Architect - Veracode
    As organisations use CI/CD pipelines to build, test and deploy software at ever increasing speed it becomes imperative that the software supply chain should be secured to prevent the deployment of code of unknown provenance or with known vulnerabilities. In this webinar we will examine this topic from the following perspectives:
    1. Ensuring that a ‘chain of custody’ is maintained from source control through to deployed production code.
    2. Understanding how software components and artefacts are introduced into the supply chain.
    3. Best practices for controlling and assessing third party components in the supply chain.
  • Build secure software and manage application risk with the Veracode platform Recorded: Sep 13 2017 30 mins
    Jacob Martel, Solution Architect, Veracode
    See why Gartner has named Veracode a Leader in the Magic Quadrant for Application Security for the fourth time!

    Join this 20 minute webinar to see how Veracode can help you manage security risk across your entire application portfolio through a wide range of security testing and threat mitigation techniques, all hosted on a central, cloud-based platform.

    During this webinar, you will see a demo of the Veracode platform’s ability to scan all of the applications and components you build or buy, covering all major languages, frameworks, and application types. As a central repository for your applications and components, Veracode’s platform provides you with full visibility into your risk posture and integrates into each stage of your software development lifecycle, so you are building secure software.
  • Survey Says! You Too Can Boast a DevOps Model from Development to Production Recorded: Sep 6 2017 20 mins
    Pete Chestna, Director of Developer Engagement, CA Veracode and Alan Shimel, Editor-in-Chief, DevOps.com
    Join Alan Shimel Editor-in-chief of DevOps.com and Pete Chestna, Director of Development Engagement of CA Veracode as they engage in an interactive discussion on the current state of DevSecOps global skills based on findings from a recent survey conducted with DevOps professionals. Specifically they will discuss:

    -Factors causing the scarcity of DevOps-related skills
    -Benefits and drawbacks of various education models for IT and development teams
    -Establishing effective security training for developers and operations to securely deliver software at DevOps speeds and fully embrace DevSecOps principles
  • It's Not All Gloom and Doom: Security and Development Are More Aligned Than Ever Recorded: Sep 6 2017 63 mins
    Pete Chestna, Director of Developer Engagement, CA Veracode and Doug Cahill, Senior Analyst, ESG
    Despite the popular belief that security and development teams have conflicting priorities, the creation of DevOps has now aligned the two teams toward a common goal, creating secure software. Since software continues to be a major driver of innovation and economic growth, eliminating the perception of friction between security and development is a top priority for IT professionals. In a recent study conducted between Enterprise Strategy Group (ESG) and Veracode, 58 percent of respondents stated their organization is taking a collaborative approach to securing applications.

    Join Doug Cahill, Senior Analyst at ESG and Pete Chestna, Director of Developer Engagement at Veracode as they take a deeper dive into the results of this survey and what it means for your organization.
  • Full Spectrum Engineering – The new full stack Recorded: Sep 5 2017 61 mins
    Pete Chestna, Director of Developer Engagement, CA Veracode
    In this webinar, Pete Chestna, Veracode Director of Developer Engagement, will share his insights on what a full-spectrum developer is and how they are crucial for organizations transitioning to DevSecOps.
  • Getting Started With Secure DevOps Recorded: Sep 5 2017 56 mins
    Vineeta Puranik and Janet Worthington, Veracode
    To keep up with the need for fast deployment, organizations are combining the work of development and operations teams into one process known as DevOps. Organizations often focus on the speed DevOps offers, but forget about the security implications. Watch this webinar to learn how Veracode Greenlight can help secure your DevOps process.
  • Struts-Shock: Current Attacks Against Struts 2 and How to Defend Against Them Recorded: Sep 5 2017 44 mins
    Johannes Ullrich Dean of Research, SANS Technology Institute
    The critical vulnerability recently discovered in Apache Struts 2 demonstrated the risks associated with open source components. Watch this on-demand webinar to learn about preventing open source vulnerabilities and defending against potential attacks.
  • The Human Side of DevSecOps Recorded: Sep 5 2017 61 mins
    Tim Jarrett, Sr. Director of Enterprise Security Strategy, Veracode
    This webinar is focused on organizational and cultural aspects of DevOps with an emphasis on the role of “security champions”—developers cross-trained in information security basics—in executing a successful DevSecOps transformation.
Cloud-Based Application Security
Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-attackers can find and exploit them, Veracode helps enterprises deliver innovation to market faster — without sacrificing security.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Build Software Securely. What the data tells us
  • Live at: Oct 29 2015 3:25 pm
  • Presented by: Tim Jarrett, Director Product Marketing, Veracode and Adrian Lane, Analyst & CTO, Securois
  • From:
Your email has been sent.
or close