Name: AppSec Beyond Technology
Start: 2020-03-12T13:00:00Z
End: 2020-03-12T13:00:45.000Z
Location: BrightTALK
Rating: 5

Veracode is intelligent software security. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Prompted by powerful AI trained by trillions of lines of code, Veracode customers fix flaws faster with high accuracy. Trusted by security teams, developers, and business leaders from thousands of the world’s leading organizations, Veracode is the pioneer, continuing to redefine what intelligent software security means. 

Learn more at www.veracode.com

En nuestras constantes conversaciones con clientes y socios de negocios encontramos como factores regulares de complejidad para DAST, la dificultad en la asignación de tiempo y recursos para la ejecución periódica de tales análisis, el ruido constante generado por las configuraciones necesarias y la demora para solucionar los problemas de seguridad debido al momento tardío (dentro del SDLC) en el que normalmente se ejecuta.

Veracode DAST Essentials entrega una forma más fácil y ágil de:
- Escanear sus aplicaciones web y APIs
- Lanzar análisis rápidos bajo demanda en una etapa más temprana del ciclo de desarrollo de software
- Integrar con facilidad en su stack de desarrollo actual
- Impulsar el escaneo con más modularidad, personalización y resiliencia

Veracode DAST Essentials. Asegurando WebApps & APIs

Balancing speedy development with security is challenging. Join us for a webinar to see how you can launch dynamic scans with a few clicks to rapidly find and fix runtime vulnerabilities, helping you secure your web applications and APIs faster than before.

Veracode DAST Essentials helps developers and security teams make dynamic testing part of their software release process more quickly and easily. Teams can seamlessly integrate agile security testing into their pipelines that works and scales within their DevOps speed and release frequency.

Why Veracode DAST Essentials: In 2022, 40% of breaches were attributed to web applications.* Discover how Veracode enables you keep pace with evolving threats at the speed and scale of modern development processes.
Find & Fix Runtime Vulnerabilities Faster: Explore how DAST Essentials helps you balance speedy development with security enabling you to secure web assets within your DevOps speed and release frequency.
Getting Started with DAST Essentials in Minutes: Learn the step-by-step process, from creating scan targets to interpreting results and remediating runtime vulnerabilities – all with a few clicks.

Securing Your Web Assets at Speed with Veracode DAST Essentials

Les failles de sécurité sont créées plus rapidement qu’elles ne sont corrigées. Il y a une explication très simple à cela : de plus en plus, les applications sont créées au travers de processus automatisés alors que les corrections des failles de sécurité sont toujours faites manuellement.
Veracode change cela aujourd’hui!
Rejoignez-nous pour une présentation de Veracode Fix – la nouvelle solution de remédiation intelligente qui automatise la correction des codes non sécurisés - découvrez comment tirer parti de l’intelligence artificielle spécialisée pour gérer les risques applicatifs à grande échelle et fournir des applications plus sûres, plus rapidement, avec moins d’efforts et de coûts.

Veracode Fix: Le futur de l’Intelligent Software Security

Las vulnerabilidades de seguridad se crean más rápido de lo que se solucionan. Hay una explicación muy simple para esto: cada vez más, las aplicaciones se crean a través de procesos automatizados, mientras que las correcciones de dichas vulnerabilidades aún se realizan manualmente. ¡Veracode está cambiando esto! 
En esta sesión presentamos Veracode Fix, la nueva solución de remediación inteligente que automatiza la remediación de código inseguro. Aprenda cómo aprovechar la inteligencia artificial especializada para administrar los riesgos de las aplicaciones a escala y entregar aplicaciones más seguras, más rápidas, con menos esfuerzo y coste.

Veracode Fix: el futuro de la seguridad de Software Inteligente

In today's fast-paced digital landscape, ensuring the security of your applications is more critical than ever. That's why we've partnered with Delaware and Veracode to bring you a game-changing webinar that will show you how to harness the power of Artificial Intelligence (AI) and Leading Language Models (LLM) to supercharge your application security.

In this webinar, you will learn about:
Unlock the Power of AI in Application Security

Accelerate Threat Detection: Learn how AI can swiftly identify vulnerabilities and threats within your applications, allowing you to stay one step ahead of cybercriminals.

Collaborate Seamlessly: Discover how AI/LLM can bridge the gap between development and security teams, creating a synergy that accelerates security issue resolution without sacrificing control.

Leveraging AI to Accelerate Application Security

Software-Sicherheitslücken entstehen schneller als sie behoben werden. Dafür gibt es eine einfache Erklärung: Wir erstellen Software mit Automatisierung. Wir beheben das Problem durch manuelle Korrekturen. 
Veracode verändert das. 
Nehmen Sie Teil für einen Einblick in Veracode Fix – die neue intelligente Lösung zur Behebung von Schwachstellen, die Korrekturen für unsicheren Code automatisiert – und erfahren Sie, wie Sie spezielle KI nutzen können, um Softwarerisiken in großem Maßstab zu verwalten und sicherere Software schneller bereitzustellen, bei weniger Aufwand und geringeren Kosten.

Veracode Fix: Die Zukunft intelligenter Software Security

Las vulnerabilidades de seguridad se crean más rápido de lo que se solucionan. Hay una explicación muy simple para esto: cada vez más, las aplicaciones se crean a través de procesos automatizados, mientras que las correcciones de dichas vulnerabilidades aún se realizan manualmente. 
¡Veracode está cambiando esto! 
En este webinar presentaremos Veracode Fix, la nueva solución de remediación inteligente que automatiza la remediación de código inseguro. Descubra cómo aprovechar la inteligencia artificial especializada para administrar los riesgos de las aplicaciones a escala y entregar aplicaciones más seguras, más rápidas, con menos esfuerzo y coste.

Veracode Fix: El futuro de la Seguridad de Software Inteligente

Join us for a concise yet comprehensive webinar on Software Supply Chain Security. In an era of escalating cyber threats, safeguarding your software supply chain is paramount. This webinar will provide essential insights into identifying vulnerabilities, implementing robust security practices, and ensuring the integrity of your software ecosystem. 

In this webinar, you will learn about:


Securing the open-source components underpinning most modern software development

Ensuring that the software build process is hardened against compromise.

How you can provide assurance to your customers that your software is secure. 

How Veracode solutions and services help you create a more secure supply chain.

Securing Your Software Supply Chain for Ultimate Application Security

Veracode’s latest software security research shows that 32% of applications contain security flaws at the first scan, and this jumps to 70% by the five-year mark. We dug into 17 years of data and analyzed three-quarters of a million applications to answer a crucial question: What can be done to avoid introducing security flaws in the first place? Watch this short video to learn data-backed steps you can take to reduce flaw introduction, remediate flaws faster and lower security debt.

VeraTalk: Fast 15 on 2023's State of Software Security

Maturing DevSecOps with data-driven security education
If you want to produce secure software, you need a modern software development workflow built around security from the get-go.  

Join our DevSecOps experts for a webinar where you’ll learn how to: 

Establish a continuous feedback loop to monitor compliance and security issues   

Leverage reporting to draw insights and identify areas that require security education  

Build a training curriculum into sprint planning  

Provide developers with contextual – and intelligent – remediation tools

Maturing DevSecOps with Data-Driven Security Education

Moving your workloads to the cloud lets your development team innovate faster, but improper planning leads to a more vulnerable SDLC. How can you reap the benefits of the cloud while avoiding costly vulnerabilities that can hold you back? In this fireside chat you will gain critical insights from our experts on how to migrate your workloads to the cloud safely and securely.

The Roadmap To a More Secure and Modernized SDLC

How do you build trust in AI?

For all the speculation about what AI might do and debate over what it should do, examples of responsible AI in practice are few and far between. Check out this interview with Veracode’s Brian Roche and learn about Veracode Fix as an example of responsible AI that saves developers time AND improve security outcomes without compromising data, violating open-source licenses, or reproducing code insecurities.

Generative AI's Role in Secure Software Development

Developers spend too much time manually fixing security issues and often create new flaws faster than they can fix old ones.  Veracode Fix changes this.  Watch this video to see how Veracode Fix empowers you to save time and secure more by generating security patches developers can review and implement without manually writing a single line of code. So, you can address security flaws that would otherwise persist for months in minutes, at scale, with less effort and cost.

Accelerate Secure Software Development with Veracode Fix

APIs, containers, and clouds, oh my! Organizations use modern software development to deliver incredible user experiences and better performance. Just don’t look behind the curtain; behind that curtain, ingress points and opportunities for attackers are proliferating. That’s why securing cloud-native applications needs to mature beyond run-time protection.

In this webinar, you’ll learn the steps for integrating security into your entire SDLC to pay down your security debt and prevent future risks. Join Veracode’s Scott Simpson and Optiv’s Jim Canup to hear real-world experiences, best practices, and insights into how customers can apply these principles and deliver positive results at scale.

How To Mature Cloud-native Application Security Programs

Software security flaws are created faster than they are fixed. There is a simple explanation for this: We create software with automation. We fix it with manual remediation.  
 
Veracode is changing this.  
 
Tune in for an inside look at Veracode Fix – the new intelligent remediation solution that automates fixes for insecure code – and learn how you can leverage specialized AI to manage software risk at scale and deliver more secure software, faster, for less effort and cost. 
 
Watch Now!

Manage Software Risk at Scale with Suggested Fixes for Insecure Code

Las vulnerabilidades de seguridad se crean más rápido de lo que se solucionan. Hay una explicación muy simple para esto: cada vez más, las aplicaciones se crean a través de procesos automatizados, mientras que las correcciones de dichas vulnerabilidades aún se realizan manualmente. ¡Veracode está cambiando esto! 
En este webinar presentamos Veracode Fix, la nueva solución de remediación inteligente que automatiza la remediación de código inseguro. Aprenda cómo aprovechar la inteligencia artificial especializada para administrar los riesgos de las aplicaciones a escala y entregar aplicaciones más seguras, más rápidas, con menos esfuerzo y coste.

Veracode Fix: el futuro de la seguridad de software inteligente

Join this panel discussion between a security expert, a Veracode security program manager, and a Veracode customer to get a true picture of implementing and growing an AppSec program. We’ll discuss the triumphs, pitfalls, and lessons learned from real-world AppSec initiatives.

Presented by... 

Chris Kirsch | Director, Product Marketing at Veracode

Chris works on product strategy at Veracode and has 23 years of experience in security, particularly in the areas of application security testing, security assessments, incident response, and cryptography.  He is the winner of the Social Engineering CTF Black Badge competition at DEF CON 25. 

Arun Vohra | Services Strategy and Product Manager at Veracode

Arun comes from background in IT Risk and Assurance (KPMG), along with technical/management consulting experience in large scale IT Transformation programs (Accenture). Arun also leads Veracode’s Program Management function in EMEA and APAC, supporting Veracode’s customers define and execute successful AppSec programs.

Michael Man | DevSecOps Consultant

Michael has over 20 years of experience within the IT security industry, helping large enterprises be secure while complying with regulations, such as PCI DSS and factoring security into modern development practices.

He is the founder and organiser of one of the largest community meetups "DevSecOps - London Gathering" and has co-organised the conference "DevSecOps Days London"

Stewart Dawson | Global Security Architect at Veracode Customer (Financial Services)

Stewart is an Enterprise Security Architect at a global financial services company. Prior to his current role, Stewart spent approx. 20 years working in Software Development, across a variety of roles and technologies. He specialises in Application Security and works with internal Development teams to help ensure that security is built into their products.

Panel Discussion - AppSec in Practice: The View From the Front Lines

AppSec programs fail when developers are not engaged or empowered to fix vulnerabilities and security teams are only incentivized to find vulnerabilities but not to fix them. Too often, security teams dictate rather than partner with development teams and have unrealistic expectations. The result is a strained relationship between security and development. 

Join this session to learn:
•How to help developers fix the security findings
•How to work with developers to reduce the introduction of new security flaws
•How to develop a security champions program

Fix What You Find With Developer Engagement

There is no AppSec silver bullet. Each analysis type – static analysis, dynamic analysis, software composition analysis, interactive analysis, and penetration testing – has a role to play, and they all work together to fully secure your application layer. The different analysis types have different strengths in finding security issues, and they lend themselves to different stages of the SDLC.
For instance, we recommend that you shift left to catch issues as early as possible because they are cheaper to fix. However, when scanning only parts of the application, you don’t have the full scope of the application. It’s like providing feedback on one chapter of a book without knowing the other chapters. You can provide feedback if it makes sense, but you can’t assess it in the context of all of the other chapters. The same is true for application security. That’s why you need to scan parts early but also scan when the application is fully assembled. 

Join this session to find out:
•The strengths and weaknesses of the different AppSec analysis types 
•Where each analysis type fits in the SDLC
•Why pipeline integrations are critical

Debunking the AppSec Silver Bullet Myth

Application security is not a one-and-done project, and there is no AppSec silver bullet. Application security is an ongoing program that assesses software at different stages of the development lifecycle in different ways. In this way, DevOps becomes DevSecOps. However, there are a few common obstacles that often hinder AppSec progress. Tune into this session to learn how to overcome the following:

•Developers not empowered to fix what they find
•AppSec solutions that are hard to manage and scale
•Security teams with limited bandwidth to manage an AppSec program

DevSecOps Done Right

The Keys to AppSec Success

Technology alone cannot solve your AppSec challenges, you need to keep people and processes in mind as well. Effective AppSec programs get stakeholders aligned on the vision and execute on a roadmap for the program. But this is easier said than done. Join this session to learn:

•How to define a program that achieves your goals, which may include risk reduction as well as compliance with internal policies, contractual requirements, laws and regulations. 
•How to scale your AppSec program. 
•How to use metrics to sell the value of AppSec to stakeholders as diverse as senior leadership, developers, and customers.

AppSec Beyond Technology

Cyber Security

Cloud

Cyber Attacks

IT Security

Digital Transformation

Security

Cloud Security

Compliance

devops

Information Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

AppSec Beyond Technology

Presented by

About this talk

Veracode