Hi [[ session.user.profile.firstName ]]

Collaborative Defense—Bringing Business & Security Together for Resiliency

Defending your applications, infrastructure and network is constant in today’s persistent threat environment. Organizations can’t do it alone and the tools of detection, defense and response can no longer work in isolation of each other. Resiliency and collaboration are topical, consistent themes, reinforced by the innovation coming out of the cybersecurity industry. But what does this really mean for IT, security and development teams day-to-day?

Join Mike Brown, RADM, USN (Ret), former Director, Cybersecurity Coordination for DHS and DOD for a discussion on industry direction, the type of collaboration that can yield immediate results to teams and the criticality of protecting application infrastructure.

Michael Brown is Founder & President, Spinnaker Security LLC, a cybersecurity consultancy focused on understanding, identifying and mitigating business risks associated with cybersecurity. Brown brings executive leadership, including crisis management, from both public and private sector experiences. Prior, he was President, RSA Federal LLC and VP/GM Global Public Sector of RSA Security LLC. Responsibilities also included RSA Information Technology, Security and Enterprise Risk Mgmt portfolios.

Brown joined RSA after over 31 years in the US Navy. Brown’s last position on active duty was as Dir, Cybersecurity Coordination for DHS, responsible for increasing interdepartmental collaboration in strategic planning for the Nation’s cybersecurity, mutual support for cybersecurity capabilities development, and synchronization of current operational cybersecurity mission activities for the Depts of Defense and Homeland Security. He also served as DHS Deputy Asst Secretary, Cybersecurity & Comms, Acting Asst Secretary, Cybersecurity & Comms and as Asst Deputy Dir Joint Interagency Task Force for the Office of the Dir of National Intelligence. Brown also had various leadership positions, including command of the Naval Information Warfare Activity.
Recorded Feb 26 2019 37 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Mike Brown, RADM, USN (Ret), former Director, Cybersecurity Coordination for DHS and DOD; Ernesto DiGiambattista, CEO, CYBRIC
Presentation preview: Collaborative Defense—Bringing Business & Security Together for Resiliency

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • DevSecOps from Cradle to Scale: Real-World Lessons and Success Cases Recorded: Apr 18 2019 41 mins
    Dr. Chenxi Wang
    Many businesses today are harnessing the tools and promise of DevOps or Agile to drive innovation. Everything from new website capabilities to entirely new products are fair game in this revolution. However, the majority of security tools and processes are not inherently designed to be integrated in this new world, which is limiting the results new developments can bring.

    In this webinar, Dr. Chenxi Wang, Founder & General Partner, Rain Capital and member of Board of Directors of OWASP will discuss:
    • How to effectively integrate security into your DevOps process
    • How to integrate it at scale
    • Real-world examples of business results using this approach

    Chenxi will also cover where to get started with "DevSecOps," what metrics to use and what security at scale can mean for businesses.

    Guest Presenter:
    Dr. Chenxi Wang is the founder and general partner of Rain Capital, an early stage cyber security-focused venture fund, and member of the Board of Director of OWASP. Previously, she was the co-founder of the Jane Bond Project, a cyber security consultancy.
  • Security at the Speed of Development Recorded: Feb 28 2019 59 mins
    Andrei Bezdedeanu, VP of Engineering, CYBRIC & Dave Meurer, Alliances Technical Manager, Synopsys
    Moving to cloud-native development is no less transformative than were moves from client/server to web, or from browsers to mobile devices. The software life cycle has changed, and along with it, the cadence of development and the tools on which that life cycle depends. The best security tools have required a lot of hand-holding to accomplish their thorough analyses.

    In this webinar, we’ll discuss recent advancements in best-of-breed security tools (such as composition analysis and vulnerability discovery) that allow organizations to scale their use to a portfolio of software without an army of staff. We’ll discuss how test orchestration and vulnerability management platforms allow CISOs to package these tools as “software security in a box” and deploy them seamlessly to brownfield development teams maintaining large business-critical software, as well as those tiger teams conducting digital transformation in a hybrid or multicloud world.

    Key topic areas:
    * Coverity 2018.12
    * Seeker
    * Black Duck, now with binary support
    * CYBRIC Security Platform
  • Collaborative Defense—Bringing Business & Security Together for Resiliency Recorded: Feb 26 2019 37 mins
    Mike Brown, RADM, USN (Ret), former Director, Cybersecurity Coordination for DHS and DOD; Ernesto DiGiambattista, CEO, CYBRIC
    Defending your applications, infrastructure and network is constant in today’s persistent threat environment. Organizations can’t do it alone and the tools of detection, defense and response can no longer work in isolation of each other. Resiliency and collaboration are topical, consistent themes, reinforced by the innovation coming out of the cybersecurity industry. But what does this really mean for IT, security and development teams day-to-day?

    Join Mike Brown, RADM, USN (Ret), former Director, Cybersecurity Coordination for DHS and DOD for a discussion on industry direction, the type of collaboration that can yield immediate results to teams and the criticality of protecting application infrastructure.

    Michael Brown is Founder & President, Spinnaker Security LLC, a cybersecurity consultancy focused on understanding, identifying and mitigating business risks associated with cybersecurity. Brown brings executive leadership, including crisis management, from both public and private sector experiences. Prior, he was President, RSA Federal LLC and VP/GM Global Public Sector of RSA Security LLC. Responsibilities also included RSA Information Technology, Security and Enterprise Risk Mgmt portfolios.

    Brown joined RSA after over 31 years in the US Navy. Brown’s last position on active duty was as Dir, Cybersecurity Coordination for DHS, responsible for increasing interdepartmental collaboration in strategic planning for the Nation’s cybersecurity, mutual support for cybersecurity capabilities development, and synchronization of current operational cybersecurity mission activities for the Depts of Defense and Homeland Security. He also served as DHS Deputy Asst Secretary, Cybersecurity & Comms, Acting Asst Secretary, Cybersecurity & Comms and as Asst Deputy Dir Joint Interagency Task Force for the Office of the Dir of National Intelligence. Brown also had various leadership positions, including command of the Naval Information Warfare Activity.
  • Getting Started with DevSecOps Recorded: Jan 10 2019 31 mins
    Andrei Bezdedeanu, VP of Engineering, CYBRIC
    Collaboration between development and security teams is key to DevSecOps transformation and involves both cultural and technological shifts. The challenges associated with adoption can be mitigated by empowering developers with the appropriate security tools and processes, automation and orchestration.

    In this video, Andrei Bezdedeanu, CYBRIC VP of Engineering, discusses how to get started with DevSecOps and the resulting benefits, including the delivery of more secure applications, lower cost of managing your security posture and full visibility into application and enterprise risks. He will also review the challenges, enablers and benefits to DevOps and DevSecOps and review key concepts such as DevOps vs SecOps and automation and orchestration.

    You will learn:
    • How to seamlessly automate and orchestrate security across the entire SDLC.
    • The foundation of DevSecOps, and the application development and deployment processes.
    • How to remove the cultural differences between DevOps and SecOps teams to make way for collaboration.
  • Holistic, Continuous Visibility into Application Security Risk Recorded: May 29 2018 2 mins
    CYBRIC
    From code commit to application delivery, the CYBRIC platform orchestrates and automates static and dynamic security testing and analysis, continuously, for a holistic view of your application security risk. Without impacting development velocity. Because security should never be a barrier to innovation. Learn how in just 1.5 minutes
  • Innovator Cytobank Keeps Data Safe with DevSecOps: a Case Study Recorded: Mar 8 2018 44 mins
    Ken Stineman, Security Lead, Cytobank
    For organizations that handle sensitive data, it’s critical to maintain the highest security standards. Like most organizations today, biomedical research platform Cytobank used a manual security approach across its existing tools—including Brakeman, Nmap, Nikto and Qualys—to ensure its AWS-hosted platform was meeting regulatory compliance. But this approach was cumbersome, not scalable and overburdened resources. Further, it did not guarantee security was fully integrated into development.

    In this case study webinar, learn how Cytobank is using CYBRIC’s innovative continuous application security platform to:
    • Consolidate existing, disparate security testing tools; automate and schedule routine scans
    • Free up engineers and DevOps teams to focus on technology initiatives via automated testing, issue notification and vulnerability prioritization
    • Ensure confidence in the Cytobank platform’s security posture

    Guest Presenter:
    Ken Stineman is a software technology, privacy and cybersecurity leader with more than 25 years of experience. He is the founder of Double Helix LLC, a consulting firm that provides advisory and technology services to healthcare and software-as-a-service companies in the field of precision and personalized medicine. Ken serves as a security advisor to Cytobank, Inc. the leading provider of cloud-based analysis platform for collaborative biomedical research and analysis. He has advised multiple healthcare and software companies in information privacy and security, served as the head of Information Technology, Privacy, and Security at Genomic Health, held leadership positions at Incyte Corporation and Synteni, Inc., and was a senior performance engineer at Intel Corporation.
  • Needed Now: An Enterprise Cyber Threat Survival Kit Recorded: Dec 12 2017 42 mins
    Swapnil Deshmukh, a Sr. Director of Emerging Technologies Security at Visa
    DevSecOps experts from Visa and CYBRIC discuss cyber threat survival. With rapid innovation and continuous delivery via DevOps, organizations are exposed to a constant threat and to catalyze it, threats are evolving rapidly. Equifax was recently the target of perhaps the most critical data breach ever. Hackers exploited a vulnerability in an open-source software package that allowed them to exfiltrate sensitive information on half of the US population.

    How can we protect ourselves against such breaches?

    Organizations need to seamlessly embed continuous security within existing ecosystems, to enforce continuous security and orchestration within the production environment. In this webinar, Swapnil Deshmukh, a Sr. Director of Emerging Technologies Security at Visa discusses the cultural changes needed for an enterprise to imbibe and deliver continuous security, including:

    • Coverage: Ensure proper metrics, analytics and reporting are in place to measure the effectiveness of existing security tools and processes; have an up-to-date inventory and complete coverage of all code published in production at any given point.
    • Continuous Monitoring: Broadly applied, continuous monitoring can provide network traffic visibility. This, coupled with behavioral analysis and anomaly detection, builds necessary trustworthiness into the information systems supporting the organization’s key control missions.
    • Feedback Loop: A constant feedback loop from security technology stacks is critical for overall maturity of the security operation center.

    Guest Presenter:
    Swapnil Deshmukh is a Sr. Director of Emerging Technologies Security at Visa. His team is responsible for attesting security for emerging technologies. He’s coauthored the Hacking Exposed series, is a member of OWASP and has helped Fortune 500 companies build secure operations centers.
  • Fuel Innovation & Streamline Security: A Real-World DevSecOps Transformation Recorded: Nov 10 2017 23 mins
    Jim Rutt, CIO, The Dana Foundation
    Forward-looking organizations are increasing innovation velocity, modernizing development while trying to stay ahead of the constantly changing threat landscape. The Dana Foundation is one such organization. Committed to advancing brain research, The Foundation needed to transition to the cloud to drive efficiency and more effectively manage risk. With this shift, Dana moved from waterfall to DevOps but CIO Jim Rutt had to ensure they still maintained the organization’s strict security posture.

    In this webinar you will learn how The Dana Foundation is using Cybric’s innovative software security assurance platform to:
    • Complete its move from Waterfall to DevOps methodology while embedding security earlier in the development process.
    • Simplify security testing onto one platform vs. run manually by siloed functions.
    • Gain full visibility of security across the development lifecycle.
Continuous Application Security
Because companies are pressured to innovate at high velocity, application security can be an afterthought, and not part of the SDLC (software development lifecycle). Companies are in the dark about how secure they are and lack the visibility to respond at the pace required. This channel’s content is by CYBRIC customers, experts including our CTO Mike D. Kail (@mdkail) and industry analysts who are knowledgeable about cybersecurity, cloud security, application security, DevOps and DevSecOps – all critical elements of business transformation. They all understand that it’s imperative for security to keep pace with development velocity, from code commit to application delivery. Our channel is meant for those in an organization, from application development and security teams to CIO and CISO, who have to answer the question about their security posture: “How secure are we?” We hope you find this channel content informative.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Collaborative Defense—Bringing Business & Security Together for Resiliency
  • Live at: Feb 26 2019 5:00 pm
  • Presented by: Mike Brown, RADM, USN (Ret), former Director, Cybersecurity Coordination for DHS and DOD; Ernesto DiGiambattista, CEO, CYBRIC
  • From:
Your email has been sent.
or close