Name: Why Security Must Be Part of the Software Life Cycle
Start: 2019-07-31T17:00:00Z
End: 2019-07-31T17:46:10.000Z
Location: BrightTALK
Rating: 0

ZeroNorth brings security, DevOps and the business together to improve application security performance and reduce organizational risk. The company’s application security automation and orchestration platform unites enterprises to rapidly identify, prioritize and remove the vulnerabilities standing in the way of software excellence. In an age where the security of applications needs to be everyone’s responsibility, ZeroNorth is where organizations come together for the good of software.

Join us to learn how ZeroNorth can bring continuous, end-to-end security to DevOps and enable comprehensive application security. In this 20-minute webinar you'll see via a live demo how ZeroNorth is the only platform that enables you to:

•Minimize noise by correlating and prioritizing application vulnerabilities 
•Reduce costs by consolidating the management of existing scanning tools (e.g., SCA, SAST/DAST, container management, pen testing
•Implement consistent vulnerability discovery and remediation
•Gain continuous visibility of risk throughout the software development life cycle

Driving Secure DevOps with ZeroNorth (live 20-min demo: 9/15 @ 1pm ET)

The application security (AppSec) landscape is changing and evolving. Fast. There are new innovations, integrations, automation platforms. There are also vendor acquisitions, consolidations and a whole lot of venture capital money being raised and invested in the industry.  

In this session, ZeroNorth’s DevSecOps team, including evangelist Dan Beauregard, discusses what’s really going on in the AppSec automation space—how these changes will impact your AppSec program and risk posture, your development processes and your business—and why!

We dive into key topics such as: 
 - Why is there so much interest in AppSec today? 
 - What’s next for AppSec? 
 - Where does this leave DevSecOps? 
 - Key questions you must ask your AppSec automation vendors

Making Sense of the Changed AppSec Automation Landscape

This 3-minute video explains how ZeroNorth can help enable AppSec at the speed of DevOps. Learn how you can manage all your AppSec tools from a central place, connect and continuously orchestrate AppSec scanning seamlessly within your DevOps pipelines.

ZeroNorth Whiteboard Video #1: Enable AppSec at the Speed of DevOps (3-Min)

Building a robust application security program is a complex, time-consuming and resource intensive process. ZeroNorth DevSecOps Quick Start is a SaaS platform that’s ideal for engineering and security teams who need a quick, easy and cost-effective way to jumpstart their AppSec program. ZeroNorth DevSecOps Quick Start provides built-in, ready to run open source scanning tools coupled with the automation, CICD pipeline orchestration, central management, workflows and reporting necessary to rapidly identify, prioritize and remove vulnerabilities. Watch this demo to learn more.

5-Min Demo: Jumpstart Your AppSec Program with ZeroNorth DevSecOps Quick Start

The key to reducing AppSec risk is pretty simple. It all starts with AppSec visibility and everyone looking at the same data. AppSec visibility data provides the necessary insights to assess risk and drive accountability, to make the right business and operational decisions, and of course to prioritize remediation actions for AppSec vulnerabilities. CISOs and Security teams need to know to understand and effectively communicate AppSec risk to all stakeholders – from the Board, to Business Unit leaders, DevOps teams and even to customers, partners and end users.

5-Min Demo: Gain a Single Source of Truth on AppSec Risk

This 3-minute video dives into the importance of continuous AppSec visibility and explains how ZeroNorth helps you gain a single source of truth for your AppSec program.

ZeroNorth Whiteboard Video #3: Continuous AppSec Visibility (3-Min Video)

This 3-minute video explains how ZeroNorth helps simplify application security remediation across disparate security scanning tools.

ZeroNorth Whiteboard Video #2: Simplifying AppSec Remediation (3-Min Video)

Analysts are predicting that throughout 2021, we will continue to see the human element of DevOps shining through. Other predictions forecast that the role of AI and AIOps in DevOps teams will become more prominent and that DevOps will take a larger role in enterprise Digital Transformation efforts. 

As DevOps teams continue to grow and adapt to trends and changes that have emerged from the pandemic, it’s important to take a closer look at these changes and trends.

Join this panel to learn what the emerging trends around DevOps are, and to hear best practices about how DevOps teams can continue to collaborate and thrive when dealing with new and increased pressures. 
Topics of discussion will include:
-  Key learnings DevOps team have experienced from the events of 2021
-  What the future for DevOps teams may look like, and how it can help businesses innovate
-  The most prominent trends impacting DevOps team and ways of working in 2021, from AIOps to new toolchains
-  And more...

Diving Into DevOps in 2021

Existing tools and approaches to application security can make tight and seamless integration of AppSec into DevOps a challenge. Core to AppSec programs are security scanning tools, which can drive up costs and complexity for security, DevOps and the business overall.

In this 30-minute workshop webinar, we will discuss how to identify and surface these hidden costs, the pervasive impact they can have on your business and where you might have opportunities to reduce them.

30-Minute Workshop: Understand the Hidden Costs of Your AppSec Program

Here’s a fact. Higher quality software drives higher productivity. It also lowers the total cost of IT ownership and offers considerable economic benefit to the enterprise, whether it’s software needed to run the business, or to sell to customers. Quality problems become security issues: today’s bugs become tomorrow’s vulnerabilities. And security issues become quality problems: bypassing security processes enables malicious script injections into otherwise quality code. CISOs are chartered with championing cybersecurity regardless of which team across the enterprise is producing software. Likewise, the focus on software quality is organizationally agnostic. In short, this means CISOs are ideally suited to help organizations orient security in the name of software quality.

In this session, Jim Routh, Head of Enterprise Cyber Security at MassMutual and ZeroNorth CTO John Steven will discuss the economics and relationship of software quality and security, and the role of the CISO in facilitating this across the organization.

CISO Perspective: The Economics of Software Quality and Security

When you’re in the business of delivering an enterprise customer data platform, enabling comprehensive application security for fast engineering teams is a must. And, at Simon Data, chief information security officer Robert Wood sees the security of the Simon Data platform as a competitive advantage. In this webcast, we’ll pose 10 questions to Robert, and learn how he and his team leverage a combination of AppSec automation, open source security scanning tools and vulnerability correlation to build a repeatable and scalable security testing program.

Simon Data: Scaling AppSec for an Enterprise SaaS Platform

Organizations are at risk when application security (AppSec) and DevOps teams don’t have a common vision for delivering software capabilities required by the business — securely. This is now truer than ever, as digital transformation puts pressure on organizations to develop applications at increasing speeds, potentially putting their security at risk. Yet, according to a new Ponemon Institute research report, sponsored by ZeroNorth, 75% of AppSec practitioners and 49% of developers believe this “cultural divide” exists between their respective teams. 

In this webinar, Dr. Larry Ponemon, ZeroNorth CEO John Worrall and Christian van den Branden, SVP of Engineering at ZeroNorth offer their unique perspectives on the “Revealing the Cultural Divide Between Application Security and DevOps” research results, as well as the five steps Ponemon Institute recommends organizations take to help bridge this critical cultural divide.

Bridging the Gap Between AppSec and DevOps to Reduce Security Risk

10 questions for Bidpath CTO Francis Juliano

For Bidpath, the world’s leading global auction software platform, software security is critical to both the business and the company’s global customer base. As Bidpath embarked upon a journey to strengthen its software security program, CTO Francis Juliano needed a solution to better manage disparate security scanning tools, deliver a consolidated view of risk, and simplify remediation - without the need for extensive resources from the engineering team.

Join us for a virtual “fireside chat” with Francis as we discuss Bidpath’s software security strategy, challenges the company hoped to overcome, and how ZeroNorth empowers Bidpath engineering to drive security without sacrificing speed of development.

Strengthening Software Security – An Engineering-Led Product Security Program

Establishing an application security program is an ongoing process – there are always steps you can take to improve your program. Join us for our virtual roadshow where Veracode CTO, Chris Wysopal, will be teaming up with Bugcrowd CTO, Casey Ellis, ZeroNorth CTO, John Steven and Optiv Director of Threat Management, Luis Jimenez for a one-hour panel discussion on best practices for maturing your AppSec program. And, if you’re just starting your AppSec journey, our experts will also be providing some practical first steps you can take that will prepare your AppSec program for improvements in the future.

Application Security Virtual Roadshow: Best Practices vs Practicality

Bringing industrial control systems and critical infrastructure into the modern age will require more than just software updates. It’ll require continuous software updates. The challenge is that every time new updates to software powering applications or infrastructure are introduced, so too is the potential for new vulnerabilities. Every little change of code creates the potential for a new vulnerability that attackers can exploit, and the demand for updates to be delivered faster and faster only increases the security challenges. Any business that relies on software as a competitive differentiator – in other words, every business today – is facing this issue and trying to figure out ways to deal with it. But for industrial control systems (ICS) that are already playing catch-up and trying to adapt to a connected world, these challenge will be that much more daunting.

This webinar will provide an overview of DevOps and DevSecOps cultures to help the people using and managing ICS understand how these practices fit into their organizations. It will empower those tasked to secure critical infrastructure with the knowledge they need to ensure that comprehensive discovery and remediation of software vulnerabilities are in place so they can proactively manage risk.

Bringing DevSecOps to Industrial Control Systems

Digital transformation isn’t coming--it’s here. ZeroNorth surveyed cybersecurity professionals across a range of industries to get their input on effectively managing risk across applications and infrastructure in this age of digital transformation. Join ZeroNorth CTO John Steven and vice president of marketing Dave Howell as they discuss the findings of the survey.

Rethinking Security for Digital Transformation

Digital transformation is redefining organizations in all industries into software-centric businesses. Assessing, planning and implementing vulnerability management across your organization is therefore crucial. In this webinar, CyberProof, a UST Global company, and ZeroNorth will share details on the companies’ integrated solution and discuss how customers are benefitting from end-to-end vulnerability & risk management across the enterprise.

End-to-End Vulnerability and Risk Management Across the Enterprise

As businesses embark on digital and cloud transformation to accelerate velocity and improve operational efficiencies, security just is not keeping pace. Virtually every business relies on software to keep it running, to keep it competitive. Simultaneously, application vulnerabilities are escalating, and breaches are common C-suite conversations. The current approach to application security relies on multiple security tools deployed at different layers of the software development life cycle, returning volumes of results. This taxes already understaffed application security and SecOps teams, who are challenged to make sense of it all, to address the vulnerabilities and to convey the full risk picture to the business. 

In the webinar, Michael Osterman, Principal Analyst, Osterman Research, will discuss:

- Why the current approaches to security management are no longer adequate as the pace of business accelerates. 
- The key steps to mitigate risk, including identifying, prioritizing and remediating vulnerabilities continuously.
- Why security should be part of the software development process and at all points in the software lifecycle.
- How prioritizing vulnerabilities properly can reduce risk

Why Security Must Be Part of the Software Life Cycle

Osterman

SDLC

Software Development Life Cycle

Digital Transformation

Cloud Transformation

Application Security

Vulnerabilities

Vulnerability Management

ZeroNorth

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Why Security Must Be Part of the Software Life Cycle

Presented by

About this talk

More from this channel