Name: Software Supply Chain: Code-to-Code Combat
Start: 2020-04-08T18:25:00Z
End: 2020-04-08T18:25:55.000Z
Location: BrightTALK
Rating: 0

There are two actors on a network: people and machines. People rely on usernames and passwords to identify themselves and gain access to machines, applications and devices. Machines use digital keys and certificates to authenticate for secure machine-to-machine communication. While organizations spend billions of dollars each year on identity and access management and protecting usernames and passwords, very little is spent on protecting machine identities, which is essential to securing critical systems and data. The Venafi Platform delivers the machine identity intelligence and automation necessary to automatically safeguard the flow of information to trusted machines and prevent communication with untrusted ones—all at machine speed and scale.  Venafi protects the largest, most sensitive networks in the world, and our more than 280 customers include 4 of the Top 5 US Banks, 4 of the Top 5 UK Banks, 5 of the Top 5 US Health Insurers and 4 of the Top 5 US Retailers. Venafi solutions help organizations:
-	Prevent breaches
-	Eliminate outages
-	Orchestrate PKI
-	Protect SSH access
-	Pass compliance audits
-	Automate DevOps

Visit www.venafi.com

Do your developers use Kubernetes and OpenShift? They’re now the standard for modern cloud-based application development. As your infrastructure grows and clusters scale, your developers are using huge volumes of TLS and mTLS certificates to build and deploy workloads on ever faster release cycles. That makes workload security essential. But recent research shows that 94% of companies using Kubernetes in production regularly experience security vulnerabilities. 

In this webinar, we’ll explore key causes of this problem: 

• Lack of visibility and control
• Absence of a validated and auditable chain of trust for every workload deployed to a Kubernetes cluster. 

You’ll also learn how to eliminate threats that come from misconfigured certificates. Jetstack, pioneers in cloud native open source, will share strategies that help you bring platform team leaders and cloud security architects together to give developers speed alongside highly automated security tooling.

Eliminating the #1 security threat for Kubernetes: certificate misconfiguration

Today, the number of machines far exceeds the number of humans, these machines are highly capable, which automate many of the same tasks humans do.  As machines are radically improving the quality of our lives, our vision is a world in which machines are trusted and secured against attacks, and our data is protected.  Join SSS – IT Security Specialists and Venafi as we explore machine identities, crypto agility and how to adapt our practices to align security and convenience.

Exploring Machine Identities with Venafi and SSS – IT Security Specialists

The number of machines of all types – from Kubernetes, to cloud, to IoT – is on the rise. Every machine requires an identity – TLS, SSH, and code signing keys and certificates – that control encryption, authentication, and code execution. Too often these powerful security controls are left unprotected. Compromise, misuse, and fraud of machine identities are already prime attack vectors for hackers targeting supply chain weaknesses. For all these reasons and more, Gartner has named Machine Identity Management a top cyber trend for 2021. 
 
Attend this session to learn:
 
· The top machine identity attacks targeting your organisation and software supply chain
· How SSL/TLS, SSH, and code signing keys and certificates are left unprotected
· How to use the machine identity threat model built on standard ATT&CK
· Three things your organisation can do today to stay #fastsecure with Machine Identity Management

Rise of Machines: The New Machine Identity Threat

Security teams need new approaches to work with the super fast development cycles that are inevitable when using Kubernetes and OpenShift. New research found 96% of enterprises using Kubernetes or OpenShift recently experienced a security related issue from a workload misconfiguration. One example: developers use non-enterprise approved Certificate Authorities CA(CAs) for TLS machine identities with Kubernetes, OpenShift, Istio and more making initiatives like Zero Trust impossible. These gaps won’t be fix with more controls pushed down from security teams. Developers today decide cloud-native security tooling. Security and developers need to operate in a #fastsecure mode: going as fast as possible while staying safe. Join Venafi and (ISC)2 on November 23, 2021 at 1:00p.m. GMT as open source innovator, Matt Barker, and security leader, Kevin Bocek discuss what #fastsecure means and how you can get started. The developer-led, cloud-native world doesn’t mean that security teams are any less important; just the opposite. Going faster means security teams bring their experience with threat protection, machine identity, risk and compliance to help developers stay safe at highest speeds.

#fastsecure: Security in the Age of Kubernetes

Manage the complete certificate lifecycle
 
SSL certificates – also known as machine identities -- are an integral part of application security. Many enterprises still struggle with the overwhelming & time-consuming task of managing them across all of their ADC instances. Expired certificates can make content inaccessible, damaging brand reputation leading to revenue loss. Citrix Application Delivery Management (ADM) service and Venafi have come together to offer an integrated solution to solve this challenge.
 
Join us and learn how:

- Citrix ADM service streamlines the typically arduous process of installing and managing SSL certificates
- The new Citrix and Venafi integration enables auto renewal and auto deployment of SSL, which admins can manage for their applications independently, without having dependency on network admins
- You can try the Citrix ADM service with Venafi out for yourself in your lab today

Eliminating outages with Venafi & Citrix ADM service (SaaS)

Protecting against next-gen attacks to machine identities requires solutions that are robust and hardened. In this webinar, we'll highlight several new capabilities in the Venafi Platform 21.3 release that will help you prevent misuse and compromise, including:

    - New ability in SSH Protect to issue SSH certificates
    - A new Master Auditor role that has universal read-only permission to the Venafi Platform
    - Updated private key defaults in TLS Protect to ensure strong encryption and security of private key material

 We'll also take a tour of Cool Solutions, Venafi's GitLab repository for source code that’s available to current customers and ecosystem partners. Learn how to find and start using solutions that will help you and your organization more effectively manage machine identities. Join the Q&A too.

Venafi Presenters: 
Angela Morris, Sr. Product Manager
Aaron Hixson, Sr. Product Manager
Justin Hansen, Director of Customer Experience
Kevin Jacque, Global Architect
Diane Garey, PMM

What's New in the Venafi Platform 21.3 Release

The number of machines of all types – from Kubernetes, to cloud, to IoT – is on the rise. Every machine requires an identity – SSL/TLS, SSH, and code signing keys and certificates – that control encryption, authentication, and code execution. Too often these powerful security controls are left unprotected. Compromise, misuse, and fraud of machine identities are already prime attack vectors for hackers targeting supply chain weaknesses. And errors create debilitating outages and millions in lost business. For all these reasons and more, Gartner has named Machine Identity Management a top trend for 2021. 

Attend this session to learn:

· The top machine identity attacks targeting your organisation and software supply chain
· How SSL/TLS, SSH, and code signing keys and certificates are left unprotected
· How machine identities fail and cost millions in outages
· Why most organisations are not prepared to use machine identities at speed
· Three things your organisation can do today to stay #fastsecure with Machine Identity Management

Presenter: Kevin Bocek, Vice President, Security Strategy & Threat Intelligence, Venafi
Moderator: Paolo Miranda, CISSP, Volunteer Outreach Director, (ISC)² Singapore Chapter

Rise of Machines: Protecting your Machine Identities

In the five short years since Google made it open source and the cloud native ecosystem Kubernetes has reshaped modern application development and as a result, is thriving. Containers, declarative infrastructure and programmable networks, once the secret sauce of FAANG, are now becoming the norm. But how do enterprises tame this fast-moving technology? How can we empower developers with consistent, reliable, highly automated platforms and guardrails so they can move fast and be efficient while ensuring enterprise security? Join us to learn about the key tenets of Kubernetes and cloud native that are enabling enterprises to build modern platforms fit for the future and provide examples of solutions that help enterprises leverage automation with built-in security controls.

Enabling the Secure Digital Cloud Native Enterprise

The Economic Advantages of TLS Certificates-as-a-Service

Automating the Machine Identity Management Lifecycle for TLS Certificates

Improve governance and reduce risk with easy, robust SSH key management. The integration of Venafi SSH Protect and CyberArk PAM gives system administrators higher levels of automation, provides InfoSec teams with better visibility and results in fast, successful audits for GRC teams. Watch this webinar to learn how the combined power of Venafi and CyberArk can completely change the way you secure the entire lifecycle of SSH keys.

Unbeatable Automated SSH Security

Based on the experiences of hundreds of organizations, Venafi has developed a proven approach to completely eliminate outages caused by expired, misconfigured or unknown TLS certificates, and this approach can work for your organization (no, really!).  View this webinar to uncover the steps you should take today to reduce the pain of certificate outages and understand what you need to do to eliminate them completely in your organization. We’ll also discuss the most common challenges organizations face and how to overcome them.

Eliminate Outages Forever

The number of machines of all types – from Kubernetes, to cloud, to IoT – is on the rise. Every machine requires an identity – SSL/TLS, SSH, and code signing keys and certificates – that control encryption, authentication, and code execution. Too often these powerful security controls are left unprotected. Compromise, misuse, and fraud of machine identities are already prime attack vectors for hackers targeting supply chain weaknesses. And errors create debilitating outages and millions in lost business. For all these reasons and more, Gartner has named Machine Identity Management a top trend for 2021. Join Venafi and (ISC)2 on August 17, 2021 at 1:00 p.m. BST for an examination of how machine identities are the new perimeter.

Attend this session to learn:

· The top machine identity attacks targeting your organisation and software supply chain

· How SSL/TLS, SSH, and code signing keys and certificates are left unprotected

· How machine identities fail and cost millions in outages

· Why most organisations are not prepared to use machine identities at speed

· Three things your organisation can do today to stay #fastsecure with Machine Identity Management

Do you feel lost when talking to your DevOps and AppDev teams? Or do they leave you out of the security conversation altogether because they view you as the stodgy, old-school InfoSec guy? In this webinar, we’ll explain how DevOps and open source technologies like Kubernetes, Ansible and HashiCorp Terraform relate to machine identities. Then we’ll show you novel ways of providing machine identity management-as-a-service to DevOps and AppDev teams without giving up control of the definition, implementation and measurement of security and policy controls.

Kuba-What? Conversational Approaches for Working with DevOps Teams

How do machine identities fit into the changing world of DevOps? Watch this webinar with Gene Kim, best-selling author of The Phoenix Project and The Unicorn Project, to learn why the business value of DevOps is bigger than you think, why successful DevOps projects are more secure and the five key principles that make developers happy and successful.

InfoSec Empowering Developers Through the Five Ideals

Everyone knows that machine identity threats are on the rise and that machine identities are frequently part of adversaries’ arsenals in today’s attacks. But just knowing this doesn’t help you learn about the specifics of how APT41 or FIN7 use machine identities. If you had information about machine identity attacks, would your team know how to leverage this knowledge in your security operation? Watch this webinar to get a deep dive into Venafi’s new Machine Identity Threat Model and learn how you can put that information into action to keep your organization safer. Built on the MITRE ATT&CK framework, the Machine Identity Threat Model documents and maps attackers’ tactics, techniques and procedures (TTPs). Find out how to use this fantastic public machine identity threat resource to build a threat-informed defense based on actionable intelligence.

Becoming a Machine Identity Threats Pro

In this webinar, we’ll highlight new capabilities in the Venafi Platform and TLS Protect 21.1 and 21.2 releases, starting with new Adaptable Credentials for the Venafi Platform that let you easily use Venafi with any enterprise solution to store and manage all the passwords/secrets you maintain for the many systems and devices that need privileged access. 
 
We’ll also cover other new capabilities, including:  

Amazon Private CA and Google CA Service integrations 

Inline placement of keys and certificates during discovery 

ACME v2 support  

Finally, we’ll spend time looking at some changes in the Venafi Platform UI. In the 21.2 release, instead of navigating between Aperture and Web Admin consoles to access capabilities, you’ll navigate between TLS Protect and the other products in the platform. We’ll highlight what’s different, so you’ll have a seamless experience when you upgrade to 21.2. 
 
As usual, we’ll leave time at the end for Questions & Answers. Register now!

What's New with Venafi TLS Protect – 21.1 and 21.2 Releases

Is your agency doing everything it can to protect its software from foreign interference? From third party software libraries to in-house developed applications to PowerShell scripts, code signing is a necessary component to securing your software infrastructure. Code signing is effective at ensuring that the code you execute comes from where it claims to come from and hasn’t been modified by a third party.

However, hackers know this and they are stealing code-signing private keys to make their malware look legitimate. Signing code is no longer enough to protect against this threat. Agencies need to protect the code signing credentials that they utilize and ensure that they are only ever used for authorized circumstances.

In this webcast we’ll discuss:

- How to ensure that cybercriminals do not steal your code signing credentials
- How code signing is an effective tool to protect against PowerShell modification
- Homeland Security's CISA Alert AA220-006A and what precautions you should take to protect PowerShell scripts from 3rd party modification

Register today!

Software Supply Chain: Code-to-Code Combat

code signing

Cyber Attacks

Cyber Crime

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Software Supply Chain: Code-to-Code Combat

Presented by

About this talk

More from this channel