Hi [[ session.user.profile.firstName ]]

How to Secure your Odoo Implementation

Glasswall BV provides a standardised security testing process of outward facing Odoo implementations. Using Open Source tooling (as used by Black Hat hackers) we generate in depth reports on known vulnerabilities and their remediation.

In addition to that Veracode brings an extra layer of security to the table. Using Veracode’s code review scanning capabilities, you can gain visibility on the most fundamental part of any software implementation, the code itself.

In this webinar Nabil Bousselham, Principal Application Security Consultant at Veracode will present the results of an analysis he performed on an example Python library using Veracode Static Analysis.

Those viewing will leave the talk with a more rounded understanding of possible routes towards safer Odoo implementations.
Recorded Feb 12 2019 46 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Nabil Bousselham, Principal Application Security Consultant
Presentation preview: How to Secure your Odoo Implementation

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Secure By Design: Internet of Things Jun 25 2019 10:00 am UTC 45 mins
    Fulya Sengil, Solution Architect at Veracode
    Many commentators observe that the IoT devices just aren’t up to scratch, when it comes to security. GDPR requires vendors to and service providers to design things with security as standard. In February 2019, the European Standards body ETSI published security guidelines for the consumer Internet of Things aligning with IOT Security Compliance Framework.

    IoT requires the best in all aspects of security — physical, operational technology, and cybersecurity. Thus, it makes sense to envisage IoT security as an ecosystem in itself. Unexpected challenges are likely to erupt because of the existence of several layers in the IoT ecosystem. This calls upon leaders to initiate regular automated risk assessments and simulations such that IoT specific breaches can be monitored closely. This helps businesses build reliable playbooks that enable organizations to respond to IoT security challenges.

    Software installed on these devices could be potentially vulnerable, if it has not an automated security assessment before deployment. We take a look at how it’s possible to make the software that drives these devices and the backend serverless technologies secure based on requirements in IOT Security Compliance Framework.
  • Ask the AppSec Expert: How to Secure the Applications you Build, Buy & Manage Jun 6 2019 2:15 pm UTC 30 mins
    Paul Farrington, EMEA CTO, Veracode
    Tomorrow's businesses need a simpler and more scalable way to increase the resiliency of global application infrastructure, without slowing innovation, today.

    Join this interactive 1-2-1 discussion where EMEA Chief Technology Officer, Paul Farrington (CISSP, MBCS) will share how leading businesses are;

    - Improving the level of security awareness and addressing the skills deficit
    - Enabling developers to fix flaws and prevent new ones
    - Prioritising and triaging the most exploitable flaws
    - Automating application security
    - Providing software development leaders with really useful security metrics
    - Incentivising secure development as part of their culture

    This session will show you how architects and developers are making smarter choices in designing secure software. You will also learn how to report success, and investment justification, to the board whilst setting realistic expectations throughout the software development lifecycle and not just at the destination.
  • Panel Discussion - Application Security in a DevOps World Jun 6 2019 10:30 am UTC 45 mins
    Moshe Lerner, Checkmarx | Paul Farrington, Veracode | Yotam Gutman
    With today's enterprises leveraging around 1000 applications and multiple clouds, application security is becoming a key area of focus. Application security testing is being integrated into the DevOps process early on, while automation, speed and coverage and becoming critical to the success of DevSecOps programs.

    Join this interactive panel of industry experts to learn more about:
    - Why application security is critical
    - Key principles for building application security into DevOps
    - Best practices for leveraging automation
    - Speed vs Security: Where do you draw the line?
    - Recommendations for improving security in 2019

    Paul Farrington, EMEA CTO, Veracode
    Moshe Lerner, SVP Product Strategy & Corporate Development, Checkmarx

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • 10 Full Stack Developer Commandments - Software Engineering Done Securely May 16 2019 10:00 am UTC 45 mins
    Chris Campbell, Solution Architect at Veracode
    The full stack developer is likely to play an increasingly important part in the future of web development, especially as the field continues to increase in scope and complexity. A developer who can communicate about and work on a website’s look and feel as well as manipulating data and managing its backend will offer a great deal of value to development teams and organisations.

    As applications continue to be the #1 vector for attackers seeking to breach enterprise security, the full stack developer must have a working knowledge of application security best practices. When writing code for web applications, developers must be able to avoid threats such as a cross site scripting vulnerability or Java SQL injection. Superior developers will also know how to integrate app security testing into the development process.

    Join Chris Campbell - Solution Architect at Veracode - for this live webinar, where he will delve into how a full stack engineer creates secure software from the start.
  • Securing the Sugar out of Azure DevOps Pipeline May 9 2019 10:00 am UTC 45 mins
    Colin Domoney DevSecOps Consultant at Veracode
    This webinar will provide a comprehensive look at the security features of the Azure DevOps CD/CD platform. The topics include built-in security features such as user access controls and branch policies; and an overview of best practice for the incorporation of various 3rd party security tooling such as Veracode Greenlight within your pipeline.

    Other topics include best practices for pipeline telemetry, reporting, pipeline protection and templates for security best practices. Whether you are a software developer using Azure DevOps, a security manager or a DevOps expert this webinar should further enhance your expertise in secure software delivery with Azure DevOps.

    Register for this live webinar where Colin Domoney - DevSecOps Consultant at Veracode - will leave you with a clear understanding of how to Secure your DevOps Pipeline.
  • Making Applications and Docker Containers Secure with Veracode Apr 30 2019 10:00 am UTC 45 mins
    Julian Totzek-Hallhuber, Solutions Architect at Veracode
    Containerisation of software is helping firms to completely change how applications are deployed to meet the demands of the business. The technology has the potential to radically reduce the cost of ownership of capability, and puts enormous power in the hands of the DevOps engineer.

    These benefits also change the nature of how risk may need to be addressed in the development lifecycle. Not only does the software application need to meet the security standards of the organisation within the Docker Container, but also the base image needs to be free from exploitable vulnerabilities.

    Join Julian Totzek-Hallhuber - Solution Architect at Veracode - for this live webinar where he will explore approaches that embrace the secure use of containers in pipelines.
  • Integrating Application Security Into Your Development Environment Recorded: Mar 27 2019 41 mins
    Pej Pourmousa, Vice President Security Program Management, Veracode and Johnny Wong, Director Presales, Veracode
    Once you define, adopt and standardize application security best practices for protecting your software, the next step is to determine how your program integrates into your existing environment. The Veracode Platform integrates with the development, security and risk-tracking tools you already use. Coupled with our broad range of APIs, your teams can create your own custom integrations or leverage those from open source community.

    Join Pej Pourmousa, Vice President Security Program Management at Veracode and Johnny Wong, Director Presales, Veracode for a webinar that will outline the ways your organization can integrate application security into your development environment. Specifically he will discuss how Veracode integrates into your development and DevOps processes using:
    •Integrated Development Environments (IDEs)
    •Build Servers
    •Defect Tracking Systems
  • Prove your company’s secure software practices with Veracode Verified Recorded: Mar 14 2019 44 mins
    Asha May, Customer Engagement, Veracode and Scott Mitchell, Security Architect, Blue Prism
    According to IDG, 84% of surveyed IT Leaders agree that their companies are concerned about the potential data security risk posed by third-party applications. How can companies assure customers that they will protect their critical data while maintaining a competitive advantage in the market?

    Join Asha May, Director Customer Engagement at Veracode as she provides an overview and latest highlights of how the Verified program has been helping our customers provide third party software assurance. Learn how Veracode works with software providers to:

    •Meet the demands of customers looking for proof that your software is secure
    •Provide a path to maturing their AppSec program
    •Help defend their AppSec budget by showing the value and adoption it brings
    •Verify the secure development process around an application by focusing on continuous AppSec integrated into development
    •Make their secure software a competitive advantage in a tightening market
  • How To Survive a Data Breach Recorded: Mar 5 2019 48 mins
    Chris Roberts (Attivo Networks), Matthew Rose (Checkmarx), Chris Eng (Veracode), Nathan Wenzler (Moss Adams)
    "Data breaches continuing to make the headlines and enterprises are no longer questioning ""if"" a breach will occur, but ""when."" With the organization's data assets and reputation at stake, having a breach response plan in place is becoming increasingly important.

    Join security thought leaders and experts for an interactive Q&A to learn more about:
    - Today’s cybersecurity threat landscape
    - The true costs of a breach
    - Preventing breaches: Key factors to consider
    - Why early breach detection is critical
    - How to develop an effective incident response plan and get C-Suite buy-in
    - How to keep your company secure in 2019"
  • Lo Stato Della Sicurezza Informatica: Guardando all’Europa Recorded: Mar 5 2019 45 mins
    Giuseppe Trovato, Principal Security Researcher at Veracode
    Il software ha cambiato il modo in cui comunichiamo, forniamo assistenza sanitaria, gestiamo affari, gestiamo i nostri governi, eleggiamo i nostri leader, diamo inizio a rivoluzioni e persino stimoliamo il cambiamento sociale. Nel mondo digitale, la creazione di software contribuirà a stimolare la crescita economica e migliorare la qualità della vita. Ma il nostro più grande catalizzatore per il cambiamento è rappresentato anche dalla fonte della vulnerabilità.

    Quando si tratta di assicurare il software che sviluppano, le aziende europee sono molto indietro rispetto alle loro controparti americane. IIn questo webinar dal vivo, presentato da Giuseppe Trovato, Principal Security Researcher per Veracode, verranno presentati i dati del rapporto annuale sullo stato della sicurezza del software, con particolare attenzione al modo in cui le società europee si confrontano con le società aventi sede negli Stati Uniti. Il software viene creato avendo il mente la sua utilizzabilita’ e le sue prestazioni, ma anni di dati, insieme a violazioni su violazioni, dimostrano che il software non è stato creato pensando alla sicurezza.
  • The State of Software Security: Looking at Europe Recorded: Feb 28 2019 32 mins
    Paul Farrington, Director of Solutions Architects at Veracode
    Software has changed the way we communicate, provide healthcare, conduct business, run our governments, elect our leaders, mount revolutions and even spur social change. In the digital world, the creation of software will help spur economic growth, and improve our quality of life. But our greatest catalyst for change is also the source of vulnerability.

    When it comes to securing the software they develop, European companies are far behind their American counterparts. In this live webinar, Paul Farrington, Director of Solutions Architects at Veracode, will present data from the annual State of Software Security Report, with a focus on how European companies compare to U.S.-based companies. Software is created with usability and performance in mind, but years of data, along with breach after breach demonstrates that software is not created with security in mind.
  • Kickstart Your Application Security Program Recorded: Feb 27 2019 17 mins
    Melissa Francis, Security Program Manager at Veracode
    You have taken the first step toward the fight against the proliferation of software vulnerabilities. Now is the time to define, adopt and standardize application security best practices for protecting software, data and users. With the right technology and program in place, you can implement application security best practices- such as testing, defining code standards, and creating standard policies- that integrate into the workflow of your development teams.

    Join this webinar to hear one of Veracode’s security program experts will show you how to define your application security programs and establish best practices in a simple and cost-effective way. Based on first-hand experience with onboarding customers, you will acquire practical tips on integrating security into the software development lifecycle- all the way to scaling an application security program using our cloud-based platform.
  • Der Zustand der Softwaresicherheit: ein Blick auf Europa Recorded: Feb 21 2019 31 mins
    Julian Totzek-Hallhuber, Solutions Architect at Veracode
    Software hat die Art und Weise verändert, wie wir kommunizieren, Gesundheitsfürsorge anbieten, Geschäfte abwickeln, Regierungen regieren, Führungspersönlichkeiten wählen, Revolutionen aufbauen und sogar soziale Veränderungen anstoßen. In der digitalen Welt wird die Erstellung von Software das Wirtschaftswachstum ankurbeln und unsere Lebensqualität verbessern. Unser größter Katalysator für Veränderungen ist jedoch auch die Ursache für Verwundbarkeit.

    Wenn es um die Sicherung der von ihnen entwickelten Software geht, liegen europäische Unternehmen weit hinter ihren amerikanischen Kollegen. In diesem Live-Webinar Julian Totzek-Hallhuber, Solutions Architect für Veracode werden Daten aus dem jährlichen Bericht zum Zustand der Software-Sicherheit präsentiert, in dem der Vergleich europäischer Unternehmen mit US-amerikanischen Unternehmen im Mittelpunkt steht. Software wird unter Berücksichtigung der Benutzerfreundlichkeit und der Leistung erstellt, aber langjährige Daten sowie ein Angriff nach dem anderen zeigen jedoch, dass Software mit nicht ausreichenden Sicherheitskonzpeten im Hintergrund erstellt wird.
  • L'état de la Sécurité des Logiciels en Europe Recorded: Feb 19 2019 40 mins
    Nabil Bousselham, Solutions Architect at Veracode
    Les logiciels ont changé notre façon de communiquer, de fournir des soins de santé, de mener des affaires, de gérer nos gouvernements, d’élire nos dirigeants et même de suivre les changements sociaux. Dans le monde numérique, la création de logiciels veut aider à augmenter la croissance économique et à améliorer notre qualité de vie. Mais notre plus grand catalyseur de changement est aussi une grande source de vulnérabilité.

    Sur le niveau de la sécurité applicative, les entreprises européennes sont loin derrière leurs contreparties américaines. Dans ce webinaire, Nabil Bousselham, Principal Solutions Architecte chez Veracode, souhaite vous présenter quelques résultats de notre rapport annuel sur l'état de la sécurité logicielle, en faisant référence aux sociétés basées aux États-Unis. Les logiciels sont créés plutôt avec un focus sur la fonctionnalité et la performance, mais plusieurs années de données, ainsi que les Data Breach successives démontrent clairement qu’il y’a encore un grand travail á faire au niveau de la sécurité logicielle.
  • El estado de la Seguridad del Software: mirando a Europa Recorded: Feb 14 2019 48 mins
    Antonio Reche, Solutions Architect at Veracode
    El software ha cambiado la forma en que nos comunicamos, brindamos atención médica, hacemos negocios, dirigimos nuestros gobiernos, elegimos a nuestros líderes, montamos revoluciones e incluso fomentamos el cambio social. En el mundo digital, la creación de software ayudará a estimular el crecimiento económico y mejorar nuestra calidad de vida. Pero nuestro mayor acelerador para el cambio es también una fuente de vulnerabilidad.

    Cuando se trata de asegurar el software desarrollado, las empresas europeas están muy por detrás de sus homólogas estadounidenses. En este seminario web en vivo, Antonio Reche, EMEA Solution Architect de Veracode, presentará los datos del Informe anual sobre el estado del software, con un enfoque en cómo las empresas europeas se comparan con las empresas de U.S. El software se crea teniendo en cuenta la facilidad de uso y el rendimiento, pero años de datos junto con múltiples y continuas brechas de seguridad, demuestran que el software no se crea teniendo en cuenta la seguridad.
  • How to Secure your Odoo Implementation Recorded: Feb 12 2019 46 mins
    Nabil Bousselham, Principal Application Security Consultant
    Glasswall BV provides a standardised security testing process of outward facing Odoo implementations. Using Open Source tooling (as used by Black Hat hackers) we generate in depth reports on known vulnerabilities and their remediation.

    In addition to that Veracode brings an extra layer of security to the table. Using Veracode’s code review scanning capabilities, you can gain visibility on the most fundamental part of any software implementation, the code itself.

    In this webinar Nabil Bousselham, Principal Application Security Consultant at Veracode will present the results of an analysis he performed on an example Python library using Veracode Static Analysis.

    Those viewing will leave the talk with a more rounded understanding of possible routes towards safer Odoo implementations.
  • The State of DevSecOps - Featuring Amy DeMartine of Forrester Research Recorded: Feb 7 2019 56 mins
    Chris Eng, Veracode Vice President of Research and Amy DeMartine, Forrester Research Principal Analyst
    In our recent State of Software Security Volume 9 report, Veracode examined fix rates across 2 trillion lines of code shows that the number of vulnerable applications remains staggeringly high. More than 85 percent of all applications contain at least one vulnerability following the first scan, and more than 13 percent of applications contain at least one very high severity flaw.

    One thing is certain: the sheer volume of vulnerabilities present in most organizations’ application portfolios makes it necessary for them to make daily tradeoffs between security, practicality, and speed.

    There are just too many vulnerabilities for organizations to tackle all at once, which means it requires smart prioritization to close the riskiest vulnerabilities first. For the first time, our report shows a very strong correlation between high rates of security scanning and lower long-term application risks, which we believe presents a significant piece of evidence for the efficacy of DevSecOps. In fact, the most active DevSecOps programs fix flaws more than 11.5 times faster than the typical organization, due to ongoing security checks during continuous delivery of software builds, largely the result of increased code scanning.

    Join guest presenter Amy DeMartine, Principal Analyst, Forrester Research Inc., and Veracode’s Chris Eng as they deliver valuable takeaways for business leaders, security practitioners and development teams seeking to secure their applications. Listeners will learn potential prioritizations and software development methods that could help their organizations reduce risk more quickly.
  • The Veracode Community: Powering Your AppSec Program Recorded: Jan 23 2019 22 mins
    Asha May, Customer Engagement at Veracode
    Veracode continues to build and expand a strong community to support the people and teams that make your organization’s software secure. The Veracode Community provides a resource and forum for customers as well as developers or security professionals seeking best practices about securing applications throughout the development lifecycle.

    Join this webinar to see how the Veracode Community can help you tackle tough application security issues while paving the way for an optimized program. We will provide:
    •An overview of the community – a space for developers and security practitioners to find answers and collaborate on application security best practices
    •Tips for community members to access resources, customer support, and forums for collaboration
    •Updates on latest community enhancements including newly-available access to all Veracode Integrations-related content and support
  • Optimizing Your AppSec Program with Veracode Recorded: Dec 19 2018 47 mins
    Brad Smith, Principal Security Program Manager, Veracode
    Hear from one of our customer-facing Services experts to learn how you can leverage the Veracode platform to optimize your application security program. You will start with assessing and managing security risk across your entire application portfolio and gain additional insights into how Veracode can help you adopt application security best practices in a simple and cost-effective way. Based on first-hand customer interactions, you will come away practical guidance to integrating testing into the software development lifecycle- all the way to scaling an application security program using the Veracode cloud-based platform.
  • Wie rechtfertigen Sie die Kosten eines AppSec-Programms? Recorded: Dec 18 2018 42 mins
    Julian Totzek-Hallhuber, Principal Solutions Architect at Veracode
    Traditionell haben die meisten Führungskräfte die IT Sicherheit als notwendiges Übel betrachtet - eine Investition, die nur erforderlich war, um ein schlechtes Ergebnis zu vermeiden, aber nicht als etwas, das neue Kunden einbringen oder den Umsatz steigern würde. Aber das scheint sich zu ändern. Wir stellen zunehmend fest, dass die Erstellung sicherer Software zu einem Wettbewerbsvorteil führt und das Endergebnis steigert.

    Dieses Webinar, das von Julian Totzek-Hallhuber - Principal Solutions Architect bei Veracode gehalten wird, hilft Ihnen dabei, AppSec zu unterstützen. Durch die Darstellung des möglichen ROI einer Cloud-basierten Anwendungssicherheitslösung, die in den Softwareentwicklungslebenszyklus integriert ist, stellen wir Ihnen die Tools zur Verfügung, die Sie zur Erstellung Ihres C-Level-Pitch benötigen.
Cloud-Based Application Security
Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-attackers can find and exploit them, Veracode helps enterprises deliver innovation to market faster — without sacrificing security.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How to Secure your Odoo Implementation
  • Live at: Feb 12 2019 12:30 pm
  • Presented by: Nabil Bousselham, Principal Application Security Consultant
  • From:
Your email has been sent.
or close