Name: State of Application Security in 2024
Start: 2025-03-13T18:00:00Z
End: 2025-03-13T18:00:59.000Z
Location: BrightTALK
Rating: 5

Cloudflare is a global network designed to make everything you connect to the Internet secure, private, fast, and reliable. We offer Application Security, CDN, DNS, DDoS Protection, SASE, Zero Trust, and Developer Services. Find out how we can help to build a better Internet. 

Cloudflare and SentinelOne complementary portfolios offer easy integration and faster time to value. SentinelOne and Cloudflare work together to ensure that adopting Zero Trust Network Access is easy. Organizations integrate endpoint protection platforms like SentinelOne, add corporate identity providers, and connect their applications (SaaS, cloud, or on premises) to Cloudflare’s global edge network in minutes. With just a few clicks in the Cloudflare dashboard, administrators can apply default-deny, Zero Trust rules that restrict user access to sensitive applications based on device posture signals from SentinelOne Singularity XDR.

Empowering Zero Trust with Cloudflare and SentinelOne

The proliferation of APIs is only growing, with more than one-third of organizations saying all their applications use APIs today. This is expected to increase to 50% of organizations over the next two years.

With the number of APIs exploding, security issues are also on the rise. 92% of organizations experienced at least one security incident from insecure APIs in the last year.

Join us in this webinar on API security featuring Melinda Marks, Practice Director, Enterprise Strategy Group, Humair Ahmed, Technical Marketing Director, Cloudflare and Alan Chi, Practice Manager, Optiv, to learn about:
• The importance of API security
• Top API security challenges
• Future API trends and predictions
• Types of API security incidents and their impacts

API Security with Cloudflare and Optiv

Cloudflare operates one of the most widely used public resolvers in the world, is a DNS authority, and has a bevy of first-party data that provides visibility into today’s threats. This experience gives Cloudflare a unique opportunity to identify emerging attack types against which we must defend—and insight which they can deliver to you.

Enterprise Strategy Group Principal Analyst Dave Gruber joins Trevor Lyness, Senior Product Marketing Manager at Cloudflare, and Andre Rosario, Offensive Security Consultant from GuidePoint Security, to deconstruct Cloudflare’s 2024 Security Brief & Threat Report.

Watch this can’t-miss conversation to discover how Generative AI is impacting offensive and defensive security operations, and have this expert panel guide you through:
1. Phishing trends (including 4 new attack types and how to protect against them)
2. The prevalence of DDoS attacks and how Cloudflare is poised to stop them
3. How the vulnerability exploitation landscape is changing 
4. And why are APIs becoming a popular target for attackers? What steps can companies take to stay secure?

Cloudflare Threat Intel Reveals New Phishing, API, and DDoS Attack Trends featuring GuidePoint Security

"Securing modern work across users, devices, applications, networks, and clouds has never been more complicated. In a recent Forrester Consulting study commissioned by Cloudflare, 39% of IT and security respondents admitted that their organizations have lost control over their digital environments due to complexity challenges. 

Lost digital control can have consequences on customer experiences, employee productivity, time to market, risk profile, and more. A new approach is needed to address this critical business challenge and help organizations avoid these pitfalls and restore control. 

In this webinar, guest speaker, Heath Mullins, Senior Analyst at Forrester, will present on the landscape of digital complexity. Attend this session to learn more about: 
Factors that contribute to loss of IT and security control
Business implications as a result of lost control  
How Cloudflare’s connectivity cloud helps manage the chaos"

Regain IT & Security Control: Cloudflare’s Connectivity Cloud Tames Complexity

Over the past year we’ve seen the rise in the use of AI bring about massive productivity and creativity increases, but also an increasing amount of security risk in the form of data exposure. However, AI is here to stay, and businesses and their security teams need to adapt to make sure teams can benefit from its capabilities, while limiting any potential risk. At the same time, in its evolving landscape, more and more developers are starting to integrate AI in business apps without optimizing for cost, performance or security.

Join us in this innovation driven session on AI and security, where we explore:

- The data security risks associated with employees using generative AI and their impact on companies.
- Strategies for balancing the data security risks and benefits of permitting users to employ generative AI safely.
- The tools available to help developers integrate AI into their applications while minimizing the risk of excessive cloud expenses and data exposure.

Generative AI Security: Balancing the risks and rewards of using AI

Western Health is the major healthcare provider to western Melbourne, one of the fastest growing and most diverse regions of Australia. In recent years, Western Health has partnered with Cloudflare’s connectivity cloud to modernize and consolidate its IT and security across its 11,000 employees and four public hospitals.

Join Cameron McBride (Director, Digital Technology Services, Western Health) and Fernando Serto (Field CTO, Cloudflare) in a conversation exploring this journey, including:

- How Western Health has strengthened its security posture with Zero Trust best practices
- What use cases Western Health has prioritized with practical guidance to achieve success
- How consolidating IT and security with a connectivity cloud is unlocking opportunities for digital transformation

How a leading healthcare provider mitigates risk and saves money with cloud

The threat landscape challenges cybersecurity practitioners everywhere, and preparation is a priority for leaders across the Asia-Pacific region. According to Foundry’s 2022 Security Priorities Study, 53% of APAC enterprises view preparedness in responding to security incidents as their #1 priority.  

A recent Cloudflare survey of more than 4,000 security decision-makers across the region shows that there’s still work to be done; less than half of respondents feel they were highly prepared to prevent security incidents. This despite 76% experiencing a greater number of incidents in the past 12 months. 

This CSO webinar – featuring Fernando Serto, Field Chief Technology Officer APJC of Cloudflare and Deepak Maharaj, Head of InfoSec Architecture, Engineering and PMO at AirAsia – will outline the state of cybersecurity priorities across the region, covering key business challenges while outlining areas of best practice.  

How can cybersecurity leaders address rising threat levels? How can they support business growth and protect their organisations at the same time? What are some key considerations for cybersecurity leaders when developing their 90-day plan? 

Our points of discussion

- Exploring the threat landscape across the region  
- Sharing challenges in effectively protecting enterprises 
- Outlining strategies for identifying vulnerabilities / Sharing common blind spots in threat detection 
- Exploring best practices, hiring diverse teams, setting goals

Securing Tomorrow: Top Cybersecurity Priorities in the Face of New Threats

Your employees work everywhere. Your physical locations span the globe. Your applications run on-prem, in the cloud, or likely some combination of both. 

IT teams are tasked with connecting everything, everyone, everywhere—all while meeting complex security and performance requirements. And legacy WANs just weren’t built for secure connectivity the way modern organizations need them to be. 

Join this webinar to learn about: 

- Simplifying branch and hybrid/multi-cloud connectivity
- Converging networking and Zero Trust security with SASE
- Scaling WAN performance while reducing costs
- How Cloudflare’s connectivity cloud is uniquely positioned to solve these challenges

Simplify the path to SASE with Magic WAN Connector

Nobody likes CAPTCHAs, and bots are getting past CAPTCHAs faster than humans. According to Forrester Research, 19% of US adults said that they abandon transactions because of a CAPTCHA. Cloudflare Bot Management provides a frustration-free, CAPTCHA-free web experience to your website visitors.

Join our experts as they discuss managing bots and abusive traffic. In this webinar, you’ll:

- See how legacy methods to stop bots provide a poor user experience, allow abusive traffic, and overwork IT teams
- Discover why 60,000 enterprises and small businesses are using the latest Bot Management capability: Turnstile 
- Learn about Cloudflare’s layered security model for bot management
- See how Cloudflare Bot Management stops bots and mitigates fraud with our Managed Challenge and Turnstile capabilities – without CAPTCHAs
- Watch Cloudflare Bot Management in action in a live demo

How to stop bots without CAPTCHAs

Join our upcoming webinar, as we delve into the dynamic landscape of cybersecurity challenges. This practical session is tailored for cybersecurity specialists of all calibers seeking actionable insights. Explore the intricacies of mitigating evolving application layer attacks through a comprehensive discussion, complete with real-world examples.

The webinar will feature a live dashboard demo showcasing cutting-edge security tools, providing participants with tangible solutions to bolster their defense strategies. Engage in a robust Q&A session to address specific concerns and glean expert advice for navigating the ever-evolving cybersecurity terrain.

Here is a summary of what will be covered in this webinar:

- Understanding the Landscape: Explore the current state of DDoS, bot, and application layer security threats.
- Real-world Scenarios: Delve into practical examples of recent attacks and their impact on organizations.
- Mitigation Strategies: Uncover effective countermeasures and mitigation techniques to enhance security posture.
- Live Demo: Witness a hands-on demonstration of state-of-the-art security tools through a comprehensive dashboard showcase.
- Q&A Session: Engage with our cybersecurity experts in a dynamic question and answer session to address your specific challenges and concerns.

Responding to evolving DDoS, bot and app security challenges: Facts & threats

The shift to SaaS-delivered corporate applications shows no signs of letting up — and pressure is growing on IT leaders to modernize corporate networks, simplify connectivity, and improve end-user experiences. In this session, we’ll discuss strategies for accomplishing all three. 

Join this live replay session from our flagship Connect event to learn: 

Why SD-WAN is not enough for modern work
What a SASE architecture looks like
How to roadmap your current state of connectivity to an end state of SASE

Making the journey from MPLS to SASE

The financial services industry continues to be a popular attack target, in large part due to the sensitive data and personal information financial institutions safeguard. These institutions are subjected to data scraping, credential stuffing, network intrusion attempts, and more — all while needing to provide fast, reliable service for their end-users and remain compliant with the strictest possible privacy and security regulations. 

Q2 delivers SaaS solutions for financial institutions. Cloudflare, a chosen partner of Q2, enables Q2 to bring their customers visibility across the threat landscape and potential attack vectors that are important to monitor. Join Q2 Principal Security Architect Josh Pena and Cloudflare Product Marketing Manager Catherine Newcomb to learn how SaaS platforms like Q2 can:

Use Cloudflare as a defense capability which creates an important differentiator with their own customers
Break down traditional complex IT barriers that impede threat visibility
Protect sensitive data and systems with modern tactics

How Cloudflare helps financial institutions improve visibility into threats

Modern knowledge workers spend the vast majority of their time leveraging cloud-based productivity tools like collaboration suites, email, chat, and now emerging AI tools like ChatGPT. As these SaaS and cloud apps are becoming increasingly essential, they have also increasingly become targets for data exfiltration by threat actors. 

In fact, 82% of breaches today involve data stored in cloud environments. The good news is Gartner says that 99% of cloud breaches are preventable misconfigurations or mistakes by end users. 

In this webinar, we’ll provide tangible use cases to modernize your data protection strategy and reduce your data risk with Cloudflare. Join to this session to learn: 

How CISOs can protect source code and secure opaque AI tools
Recommendations for improving data visibility, control, and compliance
Benefits of adopting a Zero Trust approach to mitigate modern data risks

Three recommendations to modernise your data protection with Cloudflare One

Welcome to Cloudflare CIO Week 2023!

This CIO Week we’ll demonstrate how Cloudflare is helping CIOs keep data, devices and employees both safe and fast across hybrid and remote environments. We’ll show how Cloudflare accelerates digital transformation and modernizes networking and security towards a Zero Trust model.

In this episode, tune in for a conversation with Cloudflare's CIO Juan Rodriguez, and Corey Mahan.

Tune in all week for more news, announcements, and thought-provoking discussions!

Fireside Chat with Juan Rodriguez Estevez

Many organizations store large, infrequently changing assets - videos, images, or large binary files on cloud provider networks for easy access. While this is more efficient and scalable than on-premises storage, anytime an asset is fetched from the origin server, an egress fee or “egress tax” is incurred. These egress fees can become a significant cost that is usually miscalculated or ignored during budgeting.

Cloudflare’s Cache Reserve helps minimize egress fees by reducing unnecessary origin egress and optimizing cache hit ratios.

Join us as we discuss:
- The limitations of legacy storage solutions
- Why cloud egress fees are a major "hidden charge" for organizations
- How Cloudflare CDN and Cache Reserve can help maximize savings and optimize performance
- A technical walkthrough of these solutions

Cache Reserve: Eliminating the Creeping Costs of Egress Fees

This webinar will explore the environmental impact of each hop in a packet’s journey across the Internet, from end user to application, and break down how organizations can reduce their carbon impact by migrating security and networking functions away from legacy hardware to the cloud.

Cloudflare takes a holistic and transparent approach to sustainability including publishing a yearly Impact Report, where they incorporate actions to contribute to a more sustainable internet. Through the report, Cloudflare showcases their commitment to advancing their mission, making a positive impact on billions of internet users worldwide.

How transitioning to cloudnative architecture improves security & sustainability

As a go-to productivity suite for many businesses, Microsoft 365 delivers excellent native security defenses to help teams collaborate and communicate safely. 

Over the years, built-in security for SaaS apps has improved to block some of the more common threats targeting organizations. However, bad actors are simultaneously evolving to become more evasive. Today’s attacks are increasingly more targeted and sophisticated with the ability to bypass native app security functionality. 

In this webinar, learn how layering a Zero Trust approach to enhance your Microsoft 365 security can proactively stop attacks and significantly minimize cyber threats like phishing, data exfiltration, account takeover, and more.

Join this session to:

Deep dive into how this joint solution targets Microsoft 365 security challenges and threats
Study the customer & vendor shared responsibility model for Microsoft security
Understand how Cloudflare Zero Trust services such as Area 1 Email Security, CASB, and Access can prevent, block, and isolate threats across Microsoft 365

Enhance your Microsoft 365 security with Cloudflare Zero Trust

The growing cloud footprint of most enterprises requires a multi-tool approach to security, but the most crucial ingredient is the over-arching architectural principle guiding their work — zero trust. 

In this session, we’ll dig into how to use interconnected but independent layers of security to build a zero trust hybrid service delivery environment spanning internal resources and multiple clouds and networks.

Layered Security, One Principle: Zero Trust

They hybrid clouds have been the norm for a long time now. We have spent a long time applying consistent tooling across our various clouds but protecting them is still a big challenge. We use public clouds, private clouds and SaaS solutions and yet we don’t have a consistent approach to protecting the data. What happens if your SaaS provider fails? How do you get your data back? When did you last check this?

How well are the cloud systems protected? Where is the demarcation line? Is your business aware of the risks it might be taking? And that’s even before we find those SaaS environments that were bought on a credit card without IT's knowledge.

Securing and protecting these environments is a huge challenge so join this webinar to get a strong checklist of areas to consider and approaches you can take that will protect you, your organisation and the data you own.

Wrapping Your Head Around Your Cloud Environment

With AI becoming essential to applications, it introduces new threats and increasingly complicates the cloud operating model. Security, cloud, and development teams should be armed with strategies and techniques to build and secure the modern cloud. Join this webinar where you will learn:
- A simple breakdown of the modern cloud architecture and how different components interact
- Key attack vectors within AI-led cloud environments
- Best practices and actionable guidance to secure your usage of cloud and AI

Securing Your Cloud and AI Usage in 2025

Securing the cloud ecosystem goes beyond traditional cybersecurity -- it requires a holistic approach that integrates security, compliance, and financial governance. As organizations expand their cloud footprint, misconfigurations, shadow IT, and uncontrolled costs pose significant risks. This session will explore best practices for securing cloud workloads, enforcing compliance standards, and aligning FinOps strategies with security objectives. 

Tune into this session from TD Bank's Pankul Chitrav as she teaches attendees how to leverage automation, policy-driven controls, and cross-functional collaboration to build a resilient, cost-efficient, and secure cloud environment.

Fortifying the Cloud: Integrating Security, Compliance, and Cost Governance

Two key factors will increase IT spending in 2025: AI and cybersecurity. This coincides with operational resilience legislation being implemented in the EU in January 2025 and the UK in March 2025, when financial services organizations and third parties, such as cloud providers, outsourcers and contractors.

All of these factors follow a reduction to IT spending in 2024, when resources and capacity were cut by most cloud providers, whilst 80% of customers overshot their budgets, with others reducing their operational spending on cloud services. 

This webinar will explore the changing environment between 2024 and 2025, taking into account C-Suite strategic priorities and focusing on securing the cloud ecosystem, by covering:

1) What is keeping C-Suite up at night, and should they be concerned?
2) What should organizations consider when securing the cloud ecosystem?
3) Why operational resilience may be a real answer for securing the cloud ecosystem?

Tune into this session presented by operational resilience expert Steve Yates, as he shares advice for securing the cloud ecosystem. Yates will explore the “nightmares” currently experienced by C-Suite and take attendees on a journey into a world where they should consider embracing the compliance processes being put in place to manage third parties. 

By the end of the session, viewers will be able to:
- Form an understanding of the challenges facing the C-Suite, and budgetary pressures.
- Consider options for protecting and securing the cloud ecosystem.  
- Be aware of the requirements needed to establish a joint working relationship between your organization and cloud services third providers.

Securing the Cloud Ecosystem: What is Keeping the C-Suite Up At Night?

As AI adoption accelerates, so do the security risks hidden in its supply chain. From adversarial attacks to compromised open source dependencies, threat actors exploit vulnerabilities at every stage of AI development. 

This talk from industry thought leader Yesenia Yser will break down the latest attack techniques -- such as prompt injection, model poisoning and software supply chain compromises -- while providing actionable strategies to safeguard AI systems. Attendees will gain insights into securing AI pipelines, mitigating open source risks, and implementing robust defense mechanisms to prevent emerging AI security threats. 

Don’t let your AI infrastructure become the next target -- learn how to defend it now.

AI Supply Chains Under Siege: How to Secure Open-Source AI From Emerging Threats

The move to cloud-native architectures increases the security complexity, demanding more efficient and automated solutions. Manual security processes struggle to keep pace with the dynamic nature of cloud environments. Addressing these concerns requires a tailored approach that leverages advanced technologies.

This webinar presented by industry thought leader Atulpriya Sharma will explore how AI can enhance cloud-native security, particularly in hybrid cloud settings. Discover how AI automates policy enforcement, vulnerability scanning, and threat detection, with a focus on open-source tools.

Tune in to learn how to future-proof your cloud security with AI-driven solutions, ensuring your organization stays ahead of emerging threats and maintains a strong security posture.

Transforming Cloud Native Security with AI

Securing the Cloud Ecosystem

Web applications are central to modern life. For governments, they are an important channel to communicate information to the public and provide essential services. For businesses, they serve as a source of revenue, efficiency, and customer insights.

Take a close look at the most important trends shaping the web application and API threat landscape today, including vulnerability exploitation, DDoS attacks, bot traffic, and third-party supply chain risk.

Join Cloudflare Application Security experts Daniele Molteni, Product Manager and Catherine Newcomb, Product Marketing Manager, for a discussion on the latest application and API security threat research sourced from Cloudflare’s global network, including:

Shifts in blocked web application and API traffic
The growth and increased complexity of DDoS attacks
The weaponization of vulnerabilities at breakneck speed
The growing risk of shadow APIs
Risks associated with third-party components such as scripts, outbound connections, and cookies

State of Application Security in 2024

API Management

DDoS

Vulnerability Management

Security

Threat Hunting

Threat Defence

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

State of Application Security in 2024

Presented by

About this talk

Cloudflare