Name: Application Security Virtual Roadshow: Best Practices vs Practicality
Start: 2020-04-07T17:00:00Z
End: 2020-04-07T17:00:59.000Z
Location: BrightTALK
Rating: 4.9

Veracode is intelligent software security. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Prompted by powerful AI trained by trillions of lines of code, Veracode customers fix flaws faster with high accuracy. Trusted by security teams, developers, and business leaders from thousands of the world’s leading organizations, Veracode is the pioneer, continuing to redefine what intelligent software security means. 

Learn more at www.veracode.com

Veracode’s latest software security research shows that 32% of applications contain security flaws at the first scan, and this jumps to 70% by the five-year mark. We dug into 17 years of data and analyzed three-quarters of a million applications to answer a crucial question: What can be done to avoid introducing security flaws in the first place? Watch this short video to learn data-backed steps you can take to reduce flaw introduction, remediate flaws faster and lower security debt.

VeraTalk: Fast 15 on 2023's State of Software Security

Maturing DevSecOps with data-driven security education
If you want to produce secure software, you need a modern software development workflow built around security from the get-go.  

Join our DevSecOps experts for a webinar where you’ll learn how to: 

Establish a continuous feedback loop to monitor compliance and security issues   

Leverage reporting to draw insights and identify areas that require security education  

Build a training curriculum into sprint planning  

Provide developers with contextual – and intelligent – remediation tools

Maturing DevSecOps with Data-Driven Security Education

Moving your workloads to the cloud lets your development team innovate faster, but improper planning leads to a more vulnerable SDLC. How can you reap the benefits of the cloud while avoiding costly vulnerabilities that can hold you back? In this fireside chat you will gain critical insights from our experts on how to migrate your workloads to the cloud safely and securely.

The Roadmap To a More Secure and Modernized SDLC

How do you build trust in AI?

For all the speculation about what AI might do and debate over what it should do, examples of responsible AI in practice are few and far between. Check out this interview with Veracode’s Brian Roche and learn about Veracode Fix as an example of responsible AI that saves developers time AND improve security outcomes without compromising data, violating open-source licenses, or reproducing code insecurities.

Generative AI's Role in Secure Software Development

Developers spend too much time manually fixing security issues and often create new flaws faster than they can fix old ones.  Veracode Fix changes this.  Watch this video to see how Veracode Fix empowers you to save time and secure more by generating security patches developers can review and implement without manually writing a single line of code. So, you can address security flaws that would otherwise persist for months in minutes, at scale, with less effort and cost.

Accelerate Secure Software Development with Veracode Fix

APIs, containers, and clouds, oh my! Organizations use modern software development to deliver incredible user experiences and better performance. Just don’t look behind the curtain; behind that curtain, ingress points and opportunities for attackers are proliferating. That’s why securing cloud-native applications needs to mature beyond run-time protection.

In this webinar, you’ll learn the steps for integrating security into your entire SDLC to pay down your security debt and prevent future risks. Join Veracode’s Scott Simpson and Optiv’s Jim Canup to hear real-world experiences, best practices, and insights into how customers can apply these principles and deliver positive results at scale.

How To Mature Cloud-native Application Security Programs

Software security flaws are created faster than they are fixed. There is a simple explanation for this: We create software with automation. We fix it with manual remediation.  
 
Veracode is changing this.  
 
Tune in for an inside look at Veracode Fix – the new intelligent remediation solution that automates fixes for insecure code – and learn how you can leverage specialized AI to manage software risk at scale and deliver more secure software, faster, for less effort and cost. 
 
Watch Now!

Manage Software Risk at Scale with Suggested Fixes for Insecure Code

Software-Sicherheitslücken entstehen schneller als sie behoben werden. Dafür gibt es eine einfache Erklärung: Wir erstellen Software mit Automatisierung. Wir beheben das Problem durch manuelle Korrekturen. 
Veracode verändert das. 
Nehmen Sie Teil für einen Einblick in Veracode Fix – die neue intelligente Lösung zur Behebung von Schwachstellen, die Korrekturen für unsicheren Code automatisiert – und erfahren Sie, wie Sie spezielle KI nutzen können, um Softwarerisiken in großem Maßstab zu verwalten und sicherere Software schneller bereitzustellen, bei weniger Aufwand und geringeren Kosten.

Veracode Fix: Die Zukunft intelligenter Software Security

Les failles de sécurité sont créées plus rapidement qu’elles ne sont corrigées. Il y a une explication très simple à cela : de plus en plus, les applications sont créées au travers de processus automatisés alors que les corrections des failles de sécurité sont toujours faites manuellement.
Veracode change cela aujourd’hui!
Rejoignez-nous pour une présentation de Veracode Fix – la nouvelle solution de remédiation intelligente qui automatise la correction des codes non sécurisés - découvrez comment tirer parti de l’intelligence artificielle spécialisée pour gérer les risques applicatifs à grande échelle et fournir des applications plus sûres, plus rapidement, avec moins d’efforts et de coûts.

Veracode Fix: Le futur de l’Intelligent Software Security

Las vulnerabilidades de seguridad se crean más rápido de lo que se solucionan. Hay una explicación muy simple para esto: cada vez más, las aplicaciones se crean a través de procesos automatizados, mientras que las correcciones de dichas vulnerabilidades aún se realizan manualmente. ¡Veracode está cambiando esto! 
En esta sesión presentamos Veracode Fix, la nueva solución de remediación inteligente que automatiza la remediación de código inseguro. Aprenda cómo aprovechar la inteligencia artificial especializada para administrar los riesgos de las aplicaciones a escala y entregar aplicaciones más seguras, más rápidas, con menos esfuerzo y coste.

Veracode Fix: el futuro de la seguridad de Software Inteligente

Leveraging open-source libraries can speed development times, but how do you determine what’s safe to use? Learn the latest research behind the answer to this question from Forrester and the State of Software Security 2023 in our webinar: The Fragility of Open Source.

The Fragility of Open Source

Almost one-third of applications entering production contain security flaws. What can be done to reduce the introduction (and accumulation) of flaws over time? Our recent report analysed 17 years of data and three-quarters of million apps to answer this question.  
 
Tune in and learn the report’s key insights from the Pros of DevSecOps. You’ll discover:
 
• Riskiest “ages” across the application lifecycle
• Flaw profiles by language 
• Concrete steps to reduce introduction and accumulation of security flaws 
• Open-source findings that turn conventional wisdom on its head

Data-Backed Ways to Reduce Security Debt

Casi un tercio de las aplicaciones tienen vulnerabilidades cuando pasan a producción. A medida que pasa el tiempo, se acumulan más fallos, lo que genera un aumento de la deuda de seguridad. Pero, ¿qué sucedería si pudieramos evitar la introducción de vulnerabilidades en las primeras etapas de su desarrollo? Nuestro informe anual sobre el estado de la seguridad de las aplicaciones, “State of Software Security 2023”, proporciona importantes hallazgos para mejorar la seguridad del software. En esta sesión trataremos:

- Fases que potencialmente suponen un mayor riesgo a lo largo del ciclo de vida de la aplicación 
- Lenguajes y Framework: principales vulnerabilidades 
- Pasos concretos para reducir la introducción y acumulación de vulnerabilidades 
- Hallazgos de código abierto que cambian por completo el concepto tradicional

Reducir la introducción de vulnerabilidades en fases tempranas del desarrollo

Wir haben Daten aus 17 Jahren und eine dreiviertel Million Apps analysiert, um eine entscheidende Frage zur Softwaresicherheit zu beantworten: Wie können Unternehmen verhindern, dass Sicherheitslücken überhaupt entstehen? 

Finden Sie heraus, was wir entdeckt haben, und weitere wichtige Erkenntnisse aus dem neuen Veracode State of Software Report 2023, darunter: 
> Die riskantesten „Zeiten“ im gesamten Anwendungslebenszyklus 
> Top-Fehler nach Sprache 
> Konkrete Schritte zur Verringerung der Einführung und Häufung von Sicherheitslücken 
> Open-Source-Erkenntnisse, die herkömmliche Weisheiten auf den Kopf stellen

Wie die neusten Forschungsergebnisse von Veracode Ihre Software security

Establishing an application security program is an ongoing process – there are always steps you can take to improve your program. Join us for our virtual roadshow where Veracode CTO, Chris Wysopal, will be teaming up with Bugcrowd CTO, Casey Ellis, ZeroNorth CTO, John Steven and Optiv Director of Threat Management, Luis Jimenez for a one-hour panel discussion on best practices for maturing your AppSec program. And, if you’re just starting your AppSec journey, our experts will also be providing some practical first steps you can take that will prepare your AppSec program for improvements in the future.

Application Security Virtual Roadshow: Best Practices vs Practicality

Application Security

DevOps

IT Security

CISO

Developers

Development

SecOps

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Application Security Virtual Roadshow: Best Practices vs Practicality

Presented by

About this talk

More from this channel