Name: Integrating Secure Code Signing in the CI/CD Pipeline
Start: 2023-01-31T18:00:00Z
End: 2023-01-31T18:59:01.000Z
Location: BrightTALK
Rating: 4.7

(ISC)² Security Briefings brings attendees both stand alone webcasts and multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.

Public key infrastructure (PKI) today is ubiquitous – it’s in the cloud, it’s on the manufacturing floor, it’s everywhere. Why? Because, in a Zero Trust world, every device, every workload, and every connected thing must be authenticated and verified. There’s just one problem. Because of its extensive use, PKI has become incredibly complex to manage. Different teams and applications have unique trust requirements, use cases, technical and security needs, creating a distributed fabric of PKI tools and infrastructure. So, how do you manage this new “Decentralized PKI”? 

Join Keyfactor and (ISC)2 July 20, 2023 at 1:00 p.m. Eastern/ 10:00 a.m. Pacific as we discuss the ins and outs of decentralized PKI, best practices for management, and how to consolidate where possible. During this webinar, you’ll learn: 
• How the usage of PKI has evolved and expanded new threats
• Regulatory mandates
• Changes to PKI Key considerations for different PKI and CA tools 
• Best practices for managing “Decentralized PKI”

Re-thinking PKI in Modern IT Infrastructure

Join us for this live Q&A where our panel of experts will answer all of your questions about Certified Secure Software Lifecycle Professional (CSSLP) certification before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• How CSSLP prepares you to incorporate best security practices into each phase of the SDLC
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

Save your spot now.

CSSLP EXAM READY: Ask the Experts Before You Sit

Join us for this live Q&A where our panel of experts will answer all of your questions about CC before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

You’ll learn about: 

• Career opportunities in cybersecurity 
• Why vendor-neutral certification is in demand
• What training tools are available
• What to expect on exam day 
• And much more

SAVE YOUR SPOT NOW.

CC EXAM READY: Ask the Experts Before You Sit

Join us for a live Q&A where our panel of experts will answer your questions about CISSP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training strategies, career paths and more to help you build confidence so you’re ready on exam day. 

You’ll learn:
• How CISSP builds your end-to-end foundational understanding of cybersecurity
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

Bring your questions and join us on Friday, June 16, 2023, at 1:00 p.m. ET

Save your spot now.

CISSP EXAM READY: Ask the Experts Before You Sit

Join us for a live Q&A where our panel of experts will answer your questions about CCSP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training strategies, career paths and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• Why vendor-neutral certification is in demand
• How CCSP complements vendor certifications
• What training tools are available
• And much more

Bring your questions and join us on Friday, June 9, 2023, at 1:00 p.m. ET

Save your spot now.

CCSP EXAM READY: Ask the Experts Before You Sit

Without the proper security settings, attackers have found ways to exploit Microsoft OneDrive and Teams as primary distribution mechanisms for ransomware. In this session, on June 8, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific, IANS and (ISC)2 will discuss configurations, settings and tools to help harden M365 applications. 

Attendees can expect to learn:
- Conditional access policies to enforce for “thick” endpoints
- Critical user policies and alert triggers to create for detection
- Recommended M365 service policies and Teams security settings

Microsoft OneDrive and Teams: Harden Your M365 Applications

Join us for this live Q&A where our panel of experts will answer all of your questions about SSCP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• How SSCP proves your knowledge, skills and experience as an ISO-accredited certification
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

SAVE YOUR SPOT NOW.

SSCP EXAM READY: Ask the Experts Before You Sit

Join us for this live Q&A where our panel of experts will answer all of your questions about Certified in Governance, Risk and Compliance (CGRC) certification before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• How CGRC prepares you to use frameworks to manage risk
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

Save your spot now.

CGRC EXAM READY: Ask the Experts Before You Sit

A record 73% of organizations were compromised by ransomware last year. However, the  percentage of respondents who expect a successful cyberattack in the coming year declined by 4%, from 76% to 72%. Has cybersecurity turned a corner?

CyberEdge’s Cyberthreat Defense Report (CDR) has become the standard for assessing organizations’ security posture, for gauging perceptions of IT security professionals and for ascertaining current and planned investments in IT security infrastructure.

Now in its tenth year, the 2023 CDR assesses the views of 1,200 IT security professionals representing 17 countries and 19 industries. It’s the most geographically comprehensive view of IT security perceptions in our industry.

Join (ISC)2 (a sponsor of this year’s study) and CyberEdge on Wednesday, May 24, 2023 at 1:00PM Eastern for highlights and key insights of the results, including:
• 85% of organizations suffered at least one successful cyberattack last year
• Double and triple extortion ransomware attacks are now the norm
• Overall concern for cyberthreats ticked down for the second straight year, the first multi-year decline in CDR history

Key Insights from CyberEdge's 2023 Cyberthreat Defense Report

Cloud-native workloads such as virtual machines (VMs), containers, and serverless functions are foundational building blocks of applications. With the rise of hybrid and multi-cloud environments, ensuring the security of cloud workloads has become more challenging than ever. But fear not! We are here to guide you through best practices for securing these resources throughout their lifecycle. 

Join Prisma Cloud/Palo Alto Networks and (ISC)2 May 23, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific for a webinar on how to build a comprehensive strategy that fits your unique cloud environment. 

We will cover topics such as:
• Agentless vs. agent-based deployment options
• Understanding risk and prioritizing risks in your environment
• Remediation strategies for runtime protection 

Gain valuable insights on how to effectively secure your cloud resources and protect yourself from potential threats.

Navigating the Cloud Maze:Protecting Your Workloads in a Multi-Cloud Environment

Data is the lifeblood of the digital age. But it needs to be collected, processed, protected and shared in a responsible and ethical way. Privacy and cybersecurity professionals play a vital role in ensuring responsible data stewardship, but they often face different challenges and perspectives. How can they work together more effectively and align their goals and priorities?
 
Join IAPP and (ISC)² for this webinar where we will explore the interdependence and collaboration between privacy and cybersecurity functions in U.S. organizations. We will hear from experts in both fields who will share their insights on how they overcome common obstacles and achieve cross-functional alignment. We will also discuss the professionalization of the data stewardship fields and why privacy and security familiarity is essential for proper data stewardship.

IAPP’s Cobun, Managing Director, Washington, D.C., will lead a discussion of these issues with Robin Andruss, CPO, Skyflow, and Ron Woerner, Independent CISO.

From Silo to Synergy between Cybersecurity and Privacy in the U.S.

Three years ago, IT and security teams were flush with cash as a result of the spending boom brought on by the COVID-19 pandemic — but today’s reality is vastly different. 
Economic uncertainty has resulted in nearly every organization looking to cut costs and reduce headcount, leaving IT and security teams with smaller budgets and even fewer resources. 
The good news? There are ways to eliminate spend without reducing headcount. 

Join Axonius and (ISC)2 on May 16, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific  for a webinar on how to optimize your IT and security programs by identifying cost inefficiencies in overlapping tools and infrastructure, manual processes, unused software licenses, and more. You’ll learn:
• How IT and security teams are working to identify wasted spend, overlap, and other opportunities to overcome budget limitations
• Opportunities to get more out of the tools and resources already purchased
• Approaches to tool justification, discovering gaps, and identifying manual processes that can be automated to focus people on more strategic tasks

Cost Optimization: The Consensus IT and Cybersecurity Priority for 2023

Data is the lifeblood of the digital age. But it needs to be collected, processed, protected and shared in a responsible and ethical way. Privacy and cybersecurity professionals play a vital role in ensuring responsible data stewardship, but they often face different challenges and perspectives. How can they work together more effectively and align their goals and priorities?

Join IAPP and (ISC)2 for this webinar where we will explore the interdependence and collaboration between privacy and cybersecurity functions in organizations operating in Europe. We will hear from experts in both fields who will share their insights on how they overcome common obstacles and achieve cross-functional alignment. We will also discuss the professionalization of the data stewardship fields and why privacy and security familiarity is essential for proper data stewardship.
 
IAPP’s Isabelle Roccia, Managing Director, Europe, will lead a discussion of these issues with Christian Toon, CISO, Pinsent Masons Law Company, Anna Zeiter, CPO, eBay, and Ilias Chantzos, Global & Privacy Officer, Broadcom.

From Silo to Synergy Between Cybersecurity and Privacy in Europe

Join us for a live Q&A where our panel of experts will answer your questions about CISSP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training strategies, career paths and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• How CISSP builds your end-to-end foundational understanding of cybersecurity
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

Bring your questions and join us on Friday, May 12, 2023, at 1:00 p.m. ET

Save your spot now.

Join us for this live Q&A where our panel of experts will answer all of your questions about CC before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

You’ll learn about:

• Career opportunities in cybersecurity
• Why vendor-neutral certification is in demand
• What training tools are available
• What to expect on exam day
• And much more

SAVE YOUR SPOT NOW.

You can look at vulnerability risk from several angles, but which one is best?
 
On May 2, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific join F5 Labs and (ISC)2  as they tackle this topic.  The talk will start at the tactical level, where we will review vulnerability targeting data from 2022 to better understand current attacker priorities. We will then briefly cover findings and methods from the Exploit Prediction Scoring System, an open-source vulnerability intelligence project to which F5 has recently begun contributing. The talk will conclude with a big picture view of vulnerability management, exploring F5 Labs’ collaboration with the Cyentia Institute about trends in CVE publication and their implications for the future of vulnerability management.

Vulnerability Intelligence, Three Ways

Join us for a live Q&A where our panel of experts will answer your questions about CCSP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training strategies, career paths and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• Why vendor-neutral certification is in demand
• How CCSP complements vendor certifications
• What training tools are available
• And much more

Bring your questions and join us on Friday, April 28, 2023, at 1:00 p.m. ET

Save your spot now.

Join us for a live Q&A where our panel of experts will answer your questions about CISSP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training strategies, career paths and more to help you build confidence so you’re ready on exam day. 

You’ll learn:
• How CISSP builds your end-to-end foundational understanding of cybersecurity
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

Bring your questions and join us on Friday, April 14, 2023, at 1:00 p.m. ET

Save your spot now.

Code signing is a powerful method to protect the integrity of containers, artifacts, and software across the continuous integration and continuous deployment (CI/CD) pipeline. However, signing is more than just certificates and signatures. It’s about integrating the sign and verify process into your pipeline while keeping sensitive keys secure and in the right hands. If signing processes aren’t secure, it opens the door to malware, exploits, and supply chain attacks. On January 31 at 1:00 p.m. Eastern / 10:00 a.m. Pacific, join (ISC)² and Keyfactor to learn how your organization can take steps toward integrating fast and secure signing within your CI/CD pipeline. We’ll discuss: - Where code signing fits into the CI/CD pipeline - Best practices for signing key protection and policy control - Recommended methods for safeguarding your organization’s keys.

Integrating Secure Code Signing in the CI/CD Pipeline

(ISC)2

ISC2

CISSP

CICD

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Integrating Secure Code Signing in the CI/CD Pipeline

Presented by

About this talk

More from this channel