Hi [[ session.user.profile.firstName ]]

VeraTalks: Cybersecurity: The Next Chapter

What do you need to know about cybersecurity trends in 2021 and beyond? What’s on the horizon, where will budgets be focused, and what will be the biggest innovations?

Tune in to our next VeraTalk to find out. Veracode Sr. Director, Corporate Marketing Amy Aylward sits down with Veracode CTO and co-founder Chris Wysopal to talk about the cybersecurity game-changer that was 2020, and what that means for the future – both short and long term.

Don’t miss Amy and Chris’ talk to find out:
•How 2020’s digital transformation affects cybersecurity
•Trends that will shape the future of cybersecurity in the next five years
•Four innovation drivers that will affect the application security market in the next three to five years
Live online Jun 30 9:00 am UTC
or after on demand 31 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Amy Aylward, Veracode Sr. Director, Corporate Marketing, Chris Wysopal, Veracode Co-Founder & CTO
Presentation preview: VeraTalks: Cybersecurity: The Next Chapter

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The Life and Times of Open Source Libraries Jul 29 2021 10:00 am UTC 60 mins
    Tom Smith / Sr Solution Architect
    Software today is rarely completely made of first-party code, and is more often “assembled” from other sources. This reusable code and functionality that developers have become more reliant on also comes with reusable vulnerabilities, and this open-source foundation most apps are now built upon is not like a solid, cement house foundation, but more like a shifting pile of gravel and sand. These libraries are in a constant state of flux, including their security status. Join this talk to get the data and analysis of our latest State of Software Security report, we analysed over 301,000 open-source libraries.

    Join this session to learn:
    - The most popular vulnerable libraries
    - How developers choose libraries for their applications
    - How often open-source libraries are updated, and why that matters
    - What is holding developers back from addressing security vulnerabilities in open-source code
    - The scope of the fixes required to address vulnerabilities in open-source code
    - Best practices for managing open-source libraries
  • The Right AppSec Partner Today Keeps the Regulator Away Jul 15 2021 9:00 am UTC 60 mins
    Julian Totzek-Hallhuber, Principal Solutions Architect
    Transactions across Europe are progressively changing to digital. Figures show in 2020, the value of transactions reached £703.3 bn with the UK estimated to be responsible for at least 25 percent of this figure. Needless to say, the software supporting these payment systems must be reliable and secure. Without secure payment platforms, payment transactions and data could be compromised.

    Join this Session to learn:

    •How static analysis maps against PCI requirements
    •How to determine which software security controls and features best serveyour organisations specific business needs
    •The importance of automated AppSec as a means of keeping up with the faster and more iterative payment systems of today
    •Best practices in setting up an effective application security program with consideration for both traditional and modern payment platforms and evolving development practices
  • VeraTalks: Cybersecurity: The Next Chapter Jun 30 2021 9:00 am UTC 31 mins
    Amy Aylward, Veracode Sr. Director, Corporate Marketing, Chris Wysopal, Veracode Co-Founder & CTO
    What do you need to know about cybersecurity trends in 2021 and beyond? What’s on the horizon, where will budgets be focused, and what will be the biggest innovations?

    Tune in to our next VeraTalk to find out. Veracode Sr. Director, Corporate Marketing Amy Aylward sits down with Veracode CTO and co-founder Chris Wysopal to talk about the cybersecurity game-changer that was 2020, and what that means for the future – both short and long term.

    Don’t miss Amy and Chris’ talk to find out:
    •How 2020’s digital transformation affects cybersecurity
    •Trends that will shape the future of cybersecurity in the next five years
    •Four innovation drivers that will affect the application security market in the next three to five years
  • VeraTalks: Tackling Developer Security Training Recorded: Jun 23 2021 26 mins
    Rey Bango, Veracode Director of Developer Relations
    Most AppSec programs forget that there is only one team that can fix security findings: the development team. While an AppSec strategy based on scanning will help you find flaws, the best approach also avoids creating flaws in the first place. Yet developers often don’t have the training they need to prevent, identify, or remediate code vulnerabilities. Very few university engineering programs include cybersecurity courses, and in a recent ESG survey of cybersecurity professionals, 35% of respondents reported that that less than half of their development teams are participating in formal security training. In addition, security teams often don't have the bandwidth or expertise to teach development teams themselves.
    At the same time, existing training solutions are lengthy, generic, often just plain boring, and produce lackluster results.
    How can organizations enable their development teams with the skills they need to code securely?

    Tune in to our next VeraTalk where Veracode's Director of Developer Relations Rey Bango will be digging into this developer security training conundrum. Don't miss this discussion based on his own experiences with secure coding and security training. He’ll cover:
    • The security skills and know-how developers need today
    • The types of security training that work
    • The role of security champions
    • How the security and development teams can work together to ensure code is create securely from the start
  • VeraTalks: The Future of Cybersecurity Regulations Recorded: Jun 16 2021 31 mins
    Chris Wysopal, Veracode Founder and CTO
    In 1998, Veracode founder Chris Wysopal testified before Congress on the dangers of vulnerable software, famously reporting that he and his hacker friends could “take down the entire Internet in 30 minutes.” And, it took 23 years, but the government is finally responding.

    The Biden administration just released an executive order on cybersecurity that includes new security requirements for software vendors selling software to the U.S. government. There are also indications that these practices will make their way into the private sector. The order requires the development of pilot programs to develop ratings and labeling for the security of consumer software, including IoT devices. It also mandates the development of a Cyber Safety Review Board that will operate like an NTSB for cyber, investigating attacks and sharing information on how and why they happened.

    Just as we originally built cars without thinking about safety, we started building software years ago without thinking about security. In both cases, the risk eventually became very evident, and the government got involved with regulations. Where do we go from here? This executive order is more far-reaching and prescriptive than any cybersecurity legislation we’ve seen – how will this affect cybersecurity regulations of the future? Join our new VeraTalk with Chris Wysopal as he explores the future of cybersecurity regulations.
  • What Our Data Tells Us About Open Source Risk: And How to Address It Recorded: Jun 16 2021 21 mins
    Brittany O’Shea, Veracode Senior Product Marketing Manager
    Our research for this year’s State of Software Security v11 report found that almost a third of applications have more security findings in their third-party libraries than in their first-party code. Bottom line: If you are only assessing the security of your first-party code, your attack surface is much bigger than you think. But how can you realistically address the security of so much code you didn’t write in-house? Attend this session with Brittany O’Shea, Veracode senior product marketing manager, to hear more about our data on open source risk, and how to address it.

    You’ll learn:
    • What our new data reveals about the extent and the security third-party code in modern applications
    • Best practices surrounding identifying security vulnerabilities in open source libraries
    • Realistic and practical ways to address the problem of open source risk
  • 2020: The Year Software Took Center Stage Recorded: Jun 8 2021 25 mins
    John Smith, Director Solution Architects EMEA & APAC
    From communication and education, to commerce and healthcare — every organization, institution, agency, and corporation is transforming digitally — and the transformation has been kicked into high gear by Covid-19. With more than 50 percent of people worldwide now online, software has become the backbone of modern business and society — and one of its biggest sources of risk. This year’s version of our annual State of Software Security (SOSS) report found that the vast majority of applications have at least one security flaw. With software’s increased importance, how do you ensure it’s not increasing your risk of breach? What can we learn from our analysis of 130,000 applications for this year’s SOSS report to inform the direction of application security programs? Tune in to Veracode’s Director of Solution Architects John Smith’s keynote address to hear more about how to apply the lessons of 2020 to keep your organization secure.

    Interested in learning more about the findings from our State of Software Security report?
    Tune into sessions from this year's Hot SOSS virtual summit: https://www.veracode.com/hot-soss-virtual-summit
  • Innovations Driving the Future of Software Security Recorded: Jun 2 2021 59 mins
    Sandy Carielli, Forrester Research Principal Analyst and Chris Wysopal, Veracode CTO
    From communication and education to commerce and healthcare — every organization, institution, agency, and corporation is transforming digitally — and the transformation continues to accelerate. With more than 50 percent of people worldwide now online, software has become the backbone of modern business and society — and one of its biggest sources of risk. Our own data illustrates both the growth and the risk. In Veracode’s State of Software Security Volume 11 report, we analyzed 130,000 apps and found that 76 percent of applications have at least one vulnerability. As companies transform through software, the digital attack surface is growing exponentially, and fixing defects in software must keep pace with this reality.

    Watch Veracode founder and Chief Technology Officer, Chris Wysopal and guest speaker Forrester Research Principal Analyst, Sandy Carielli in a live webinar as they discuss the trends and innovations shaping software security, and how companies must strategize for this future and prepare their developers to integrate security into their workflows.
  • Secure Coding's Impact on an Organisation – Panel Discussion Recorded: May 27 2021 62 mins
    John Smith Veracode, Michael Man, Srimant Achayra TCS, Adam Casey i3Secure
    Software security is about more than avoiding costly breaches. It’s about giving your organization the confidence to create, innovate, and bring solutions to market … before the competition. And the key to software security today? Education.

    When it comes to software, developers are really the only ones in an organisation who can fix the vulnerabilities in their code. Yet most developers don’t have the training they need to identify or remediate vulnerabilities, and security teams don't have the bandwidth to train them. This leaves the development team with ineffective training content that is too long, irrelevant to an organization's tech stack, or not engaging.

    Join us on May 27th for a panel discussion hosted by Director of Solution Architects at Veracode John Smith, joined by DevSecOps practitioner Michael Mann, Srimant Achayra, Global Head Enterprise Vulnerability Management CoE, TCS Cyber Security and Adam Casey, ex-CISO, now Director Cyber Security and Data Protection at consultancy i3Secure.
    We will be discussing:

    - Why developers need training on secure coding
    - Why the best approach in an AppSec strategy in addition to scanning includes avoiding creating flaws in the first place
    - How shifting left in the development process is a route to competitive advantage
    - Best practice in designing customized AppSec education based on organization’s unique tech stack and business objectives
  • What Our Data Tells Us About Open Source Risk: And How to Address It Recorded: May 26 2021 21 mins
    Brittany O’Shea, Veracode Senior Product Marketing Manager
    Our research for this year’s State of Software Security v11 report found that almost a third of applications have more security findings in their third-party libraries than in their first-party code. Bottom line: If you are only assessing the security of your first-party code, your attack surface is much bigger than you think. But how can you realistically address the security of so much code you didn’t write in-house? Attend this session with Brittany O’Shea, Veracode senior product marketing manager, to hear more about our data on open source risk, and how to address it.

    You’ll learn:
    • What our new data reveals about the extent and the security third-party code in modern applications
    • Best practices surrounding identifying security vulnerabilities in open source libraries
    • Realistic and practical ways to address the problem of open source risk
  • Exigences de conformité, violation des données et sécurité applicative Recorded: May 25 2021 51 mins
    Nabil Bousselham, Principal Solutions Architect, Veracode
    Les chiffres actuels du GDPR Enforcement Tracker montrent que de nombreuses sanctions continuent d'être infligées aux organisations, dont beaucoup prouvent que la conformité et la sécurité des données représentent toujours un défi majeur pour les entreprises.

    Que peuvent donc faire les organisations - grandes et petites - si elles ont encore des difficultés à se conformer à la RGPD ? L'une des mesures les plus importantes et essentielles pour réduire au minimum les atteintes à la protection des données consiste à identifier les lacunes et les vulnérabilités en matière de sécurité. Les entreprises jonglent aujourd'hui avec un certain nombre d'applications qui stockent souvent des données sensibles. C'est là que les violations de la conformité peuvent se produire.

    Écoutez Nabil Bousselham, Principal Solutions Architect chez Veracode, qui vous donnera des conseils sur la manière de naviguer entre les exigences de conformité et les réglementations en matière de sécurité des applications et de développement sécurisé. Voici quelques-uns de ces points de discussion :

    •L'impact des principaux règlements - le règlement général sur la protection des données de l'UE (EU GDPR) sur les normes de sécurité des applications et les pratiques de développement sécurisé

    •Exemples d'organisations qui ont été sanctionnées et comment elles auraient pu l’éviter

    •Comment développer de manière sécurisée afin de répondre efficacement aux exigences RGPD

    •Comment mettre en place un processus de développement de logiciels qui soit continuellement sûr, mesurable et transparent
  • Comment réduire les coûts de votre programme AppSec grâce à Veracode Recorded: May 20 2021 59 mins
    Nabil Bousselham, Principal Solutions Architect, Veracode
    La plateforme de Veracode fournit un système central en mode SaaS pour aider nos clients à créer un environnement DevSecOps robuste au sein de leur organisation. Grâce à Veracode, les clients peuvent trouver et résoudre les failles de sécurité plus tôt dans le cycle de vie du développement des logiciels (SDLC), ainsi qu'éduquer leurs développeurs sur les bonnes pratiques pour proactivement éviter d’introduire des failles de sécurité dans le code.

    L’institut Ponemon a conclu dans une étude que si des vulnérabilités sont détectées au début du processus de développement, elles coûtent environ 80 $ à corriger en moyenne. Cependant, les mêmes vulnérabilités peuvent coûter environ 7600 $ à corriger si elles sont détectées seulement lors la phase de production.

    Dans cette présentation, nous couvrirons:

    - Les avantages de l'approche ShiftLeft dans le monde AppSec
    - Les résultats de l'étude Forrester TEI (Total Economic Impact) sur les gains financiers de l’implémentation de Veracode SaaS vs. Des solutions On-Premise
    - Un framework développé par Forrester pour vous aider à identifier les facteurs coûts, bénéfices, flexibilité et risques qui affectent les décisions d'investissement dans les solutions AppSec.
  • How Much Open Source Code Is in Your Software? It’s More Than You Think Recorded: May 18 2021 42 mins
    Brittany O'Shea, Product Marketing Manager at Veracode
    Developers are being asked to push out more software —and in shorter periods of time —than ever before. In turn, they are increasingly relying on open source libraries, which allow them to add functionality to their code without having to build it from scratch. As a result, software today is rarely completely made of first-party code, and is more often “assembled” from other sources. In fact, our most recent State of Software Security report found that a typical Java application is made up of 97 percent open source code. And that open source code is leaving organizations vulnerable to cyberattacks. Our State of Software Security: Open Source Edition report found that 70 percent of applications have a security flaw in an open source library. However, simply using open source libraries isn’t a security threat to the business. The real problem is not knowing that what you’re using contains vulnerabilities and that they’re exploitable in your application. Software composition analysis solutions can help, but many are coming up short. The main challenges with current solutions are that they are based on the NVD database, which is frequently not up to date, they are hard to manage and scale, and developers are not empowered to fix security issues.

    Join this session to find out:

    •Trends in open source library use
    •Best practices in software composition analysis
    •How to continue using open source libraries without getting bogged down with security tests
  • AppSec Trends, The Necessity of Securing Software in Uncertain Times Recorded: May 11 2021 63 mins
    Julian Totzek-Hallhuber, Principal Solution Architect, Veracode and Paul McKay, Senior Analyst, Forrester
    2020 was a year of challenges for businesses of all varieties. Organisations that hadn't yet begun their digital transformation were left with no option but to adapt and adapt quickly, while others felt the urgency to accelerate the shift to digital and move to the cloud for more flexibility. Adding to that mounting pressure, the risk of a breach or cyberattack has remained steady or even increased for some industries that rely on sensitive data. That's a problem.

    Application security (AppSec) remains a critical piece of the puzzle when it comes to securing the technology that your customers rely on daily. But safeguarding your software to reduce risk should be a thoughtful process that considers your business needs and the current threat landscape. As organisations continue the digital shift and the adoption of the cloud, it's more important than ever to stay on top of the trends in software security - including emerging threats - so that you set off in the race to a successful digital transformation with the right tools and methodologies in place.

    Join Julian Totzek-Hallhuber, Principal Solution Architect at Veracode and guest speaker Paul McKay, Senior Analyst at Forrester, in this session where they present and discuss:

    - The pandemic's impact on the shift to digital - good and bad
    - The latest challenges and trends that impact AppSec
    - What to consider before you make the shift to the cloud
    - The prevalence of AppSec exploits and breaches today
  • Innovations Driving the Future of Software Security Recorded: Apr 28 2021 59 mins
    Sandy Carielli, Forrester Research Principal Analyst and Chris Wysopal, Veracode CTO
    From communication and education to commerce and healthcare — every organization, institution, agency, and corporation is transforming digitally — and the transformation continues to accelerate. With more than 50 percent of people worldwide now online, software has become the backbone of modern business and society — and one of its biggest sources of risk. Our own data illustrates both the growth and the risk. In Veracode’s State of Software Security Volume 11 report, we analyzed 130,000 apps and found that 76 percent of applications have at least one vulnerability. As companies transform through software, the digital attack surface is growing exponentially, and fixing defects in software must keep pace with this reality.

    Watch Veracode founder and Chief Technology Officer, Chris Wysopal and guest speaker Forrester Research Principal Analyst, Sandy Carielli in a live webinar as they discuss the trends and innovations shaping software security, and how companies must strategize for this future and prepare their developers to integrate security into their workflows.
  • So Many AppSec Testing Types, So Little Time Recorded: Apr 28 2021 56 mins
    Chris Campbell, Solution Architect at Veracode
    There is no AppSec silver bullet; effective AppSec requires leveraging the strengths of multiple testing types across the software lifecycle. Depending on one testing type would be like only checking your blood pressure and declaring yourself completely healthy. Each testing type –DAST, SAST, SCA, pen testing –has a role to play and detects different vulnerabilities. For instance, we recently reported that almost one-third of all our customers’ applications have more security findings in third-party libraries than in the native code base. Bottom line: relying only on static analysis and neglecting software composition analysis leaves you exposed. At the same time, juggling multiple vendors is a challenge. A recent ESG survey found that 72 percent of respondents are using more than 10 AppSec tools, leading to excessive time spent managing tools and a reduction in the effectiveness of the program.
    How can you most effectively manage a variety of AppSec testing types?

    Join this session to find out:

    •Why you need multiple AppSec testing types
    •The strengths of each testing type
    •The benefits of seeing results from all testing types in one place
  • VeraTalks: Tackling Developer Security Training Recorded: Apr 22 2021 26 mins
    Rey Bango, Veracode Director of Developer Relations
    Most AppSec programs forget that there is only one team that can fix security findings: the development team. While an AppSec strategy based on scanning will help you find flaws, the best approach also avoids creating flaws in the first place. Yet developers often don’t have the training they need to prevent, identify, or remediate code vulnerabilities. Very few university engineering programs include cybersecurity courses, and in a recent ESG survey of cybersecurity professionals, 35% of respondents reported that that less than half of their development teams are participating in formal security training. In addition, security teams often don't have the bandwidth or expertise to teach development teams themselves.
    At the same time, existing training solutions are lengthy, generic, often just plain boring, and produce lackluster results.
    How can organizations enable their development teams with the skills they need to code securely?

    Tune in to our next VeraTalk where Veracode's Director of Developer Relations Rey Bango will be digging into this developer security training conundrum. Don't miss this discussion based on his own experiences with secure coding and security training. He’ll cover:
    • The security skills and know-how developers need today
    • The types of security training that work
    • The role of security champions
    • How the security and development teams can work together to ensure code is create securely from the start
  • The Value of Application Security - Getting AppSec Executive Buy In Recorded: Apr 21 2021 43 mins
    John Smith, Director, Solution Architects EMEA & APJ, Veracode
    How can you demonstrate the value of adopting or expanding your organisation’s AppSec program when there’s a growing need for all types of cybersecurity, as well as intense competition for your critical tech budget? Simply put, you must convince decision-makers that your program — and their money — will lead to better business outcomes, a higher level of efficiency, lower costs, and improved return on investment (ROI).

    Key takeaways:
    - Learn how to make the case for AppSec in a way that resonates with executives
    - Understand which AppSec metrics executives will care about
    - Find out how to tie AppSec to corporate goals and priorities

    Attend this session to get tips and best practices on making the case for AppSec to the board
  • Innovations Driving the Future of Software Security Recorded: Apr 7 2021 59 mins
    Sandy Carielli, Forrester Research Principal Analyst and Chris Wysopal, Veracode CTO
    From communication and education to commerce and healthcare — every organization, institution, agency, and corporation is transforming digitally — and the transformation continues to accelerate. With more than 50 percent of people worldwide now online, software has become the backbone of modern business and society — and one of its biggest sources of risk. Our own data illustrates both the growth and the risk. In Veracode’s State of Software Security Volume 11 report, we analyzed 130,000 apps and found that 76 percent of applications have at least one vulnerability. As companies transform through software, the digital attack surface is growing exponentially, and fixing defects in software must keep pace with this reality.

    On Wednesday, April 7 at 11 am ET, join Veracode co-founder and Chief Technology Officer Chris Wysopal and guest speaker Forrester Research Principal Analyst Sandy Carielli in a live webinar as they discuss the trends and innovations shaping software security, and how companies must strategize for this future and prepare their developers to integrate security into their workflows.
  • Exigences de conformité, violation des données et sécurité applicative Recorded: Mar 18 2021 51 mins
    Nabil Bousselham, Principal Solutions Architect, Veracode
    Les chiffres actuels du GDPR Enforcement Tracker montrent que de nombreuses sanctions continuent d'être infligées aux organisations, dont beaucoup prouvent que la conformité et la sécurité des données représentent toujours un défi majeur pour les entreprises.

    Que peuvent donc faire les organisations - grandes et petites - si elles ont encore des difficultés à se conformer à la RGPD ? L'une des mesures les plus importantes et essentielles pour réduire au minimum les atteintes à la protection des données consiste à identifier les lacunes et les vulnérabilités en matière de sécurité. Les entreprises jonglent aujourd'hui avec un certain nombre d'applications qui stockent souvent des données sensibles. C'est là que les violations de la conformité peuvent se produire.

    Écoutez Nabil Bousselham, Principal Solutions Architect chez Veracode, qui vous donnera des conseils sur la manière de naviguer entre les exigences de conformité et les réglementations en matière de sécurité des applications et de développement sécurisé. Voici quelques-uns de ces points de discussion :

    •L'impact des principaux règlements - le règlement général sur la protection des données de l'UE (EU GDPR) sur les normes de sécurité des applications et les pratiques de développement sécurisé

    •Exemples d'organisations qui ont été sanctionnées et comment elles auraient pu l’éviter

    •Comment développer de manière sécurisée afin de répondre efficacement aux exigences RGPD

    •Comment mettre en place un processus de développement de logiciels qui soit continuellement sûr, mesurable et transparent
Cloud-Based Application Security
Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications. By identifying critical application-layer threats before cyber-attackers can find and exploit them, Veracode helps enterprises deliver innovation to market faster — without sacrificing security.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: VeraTalks: Cybersecurity: The Next Chapter
  • Live at: Jun 30 2021 9:00 am
  • Presented by: Amy Aylward, Veracode Sr. Director, Corporate Marketing, Chris Wysopal, Veracode Co-Founder & CTO
  • From:
Your email has been sent.
or close