Name: Protecting Connected Medical Device Apps
Start: 2020-08-27T15:00:00Z
End: 2020-08-27T15:00:13.000Z
Location: BrightTALK
Rating: 4

Arxan provides comprehensive app-level security, and enterprise app governance enforcement. Our wide range of patented security capabilities, including dynamic app policy engine, code hardening, obfuscation, white-box cryptography and encryption, and threat analytics help enterprises protect valuable customer, business and IP data.

You can’t rely on network or perimeter security to protect web applications, your business or your customers from card skimming attacks. The reason? Web apps that use  HTML, CSS or JavaScript, including your eCommerce checkout page, are especially vulnerable to client-side attacks that can result in a devastating data breach like the ones that affected British Airways and Ticketmaster. And the bad news is that these Magecart-style data exfiltration attacks are only becoming more targeted, more frequent, and are resulting in fines and or penalties in the hundreds of millions of dollars.

To protect against data theft, most organizations depend on traditional security controls that monitor network and server traffic, not client side code. But as more business logic and functionality is being executed in the browser in order to improve customer experience and performance, the riskier this strategy becomes.

As the busiest shopping season of the year approaches, is your website – and your customer data – protected? Find out how you can defend against client-side data exfiltration and prevent web apps from becoming an attack vector. 

In this webinar, we’ll cover:
-How Magecart and other digital skimming attacks are able to thwart traditional security measures
-How to protect web apps against client side threats
-What you should look for in an application security solution

Protect your organization & customers from card skimming Magecart-style attacks

When it comes to finance, mobile banking or payments apps, maintaining customer trust is crucial to protecting brand equity and revenue. But according to recent analyst research, a majority of mobile finance apps lack the security controls and code hardening necessary to prevent applications from being compromised. And relying on legacy methods – like network or perimeter protection that is incapable of detecting these kinds of attacks – can have dire consequences.
 
In this webinar, Aite Senior Analyst Joseph Krull and Arxan senior security engineer Paul Dant will discuss how the growing demand by mobile apps for API access is changing the security landscape, and what you can do to protect your organization from a costly breach (hint: it starts with protecting your applications). 

You’ll learn:
-How easily mobile apps can be reverse engineered - the first step in circumventing  traditional security approaches 
-How common app vulnerabilities and development mistakes can lead to data exposure
-What’s necessary to implement a comprehensive mobile app security strategy

Mobile App & API Access Attacks: A New Security Frontier for Financial Services

DevSecOps is a popular buzzword in the DevOps ecosystem. Understanding why people care about DevSecOps is simple - It extends DevOps processes into software security. The goal of DevSecOps is to build the mindset that everyone is responsible for security — and that security needs to be built into the development process, rather than as a perimeter around apps and data.

In practice, implementing DevSecOps is problematic, with no single button that can be pushed to achieve DevSecOps. Nor is there a specific tool that can be acquired or particular process to follow.
Achieving DevSecOps requires a revisiting of existing DevOps processes and IT resources, then designing a comprehensive strategy that integrates application security into all of them.

Topics in this webinar include:
•	Value of transforming existing DevOps to embrace DevSecOps practices
•	Understanding how to achieve the perfect balance on the DevSecOps 'shift-left' approach
•	Application security and its importance in DevSecOps processes

The Importance of App Security in the Securitization of DevOps

APIs are more than a tool for integration: they are changing the way companies do business. APIs enable new business models and faster time-to-market, make it easier to drive digital transformation, and make it possible to create better customer experiences for web and mobile apps. But without a comprehensive API strategy enterprises will be hard pressed to expand access to corporate assets without unnecessary risk. Today most organisations don't even know how many APIs they’ve deployed, let alone if they are secure. That’s a scary proposition when you consider that API exploits are expected to become the most frequent attack vector for enterprises over the next two years.
 
In this webinar, guest speaker Randy Heffner of Forrester and Arxan’s Ken Jochims will discuss how APIs are driving digital innovation, how these changes expand an organisation’s attack surface, and key considerations for API security. You’ll learn:
 
-Common ways enterprises use APIs
-The security risks and attack scenarios APIs face
-The key components to comprehensive API protection
-Why it’s important to incorporate API security as part of DevOps
-How to get started with an API security strategy

APIs, digital transformation and the need for a new approach to security

Connected medical devices are now an integral part of modern healthcare -- from pacemakers and insulin pumps to wearable monitoring devices -- patients rely on these devices to maintain their health. However, persistent and unmitigated vulnerabilities in medical device hardware and applications are putting sensitive protected health information (PHI) and patient safety at risk.  

Potentially compounding these risks is the increase in patient reliance on telehealth and the expansion of employee remote work arrangements. In this webinar, special guest and Forrester Senior Analyst Chris Sherman will discuss the medical device and application cybersecurity risks healthcare companies face, along with the potential impacts to patient safety, data privacy, and device integrity. Arxan Director of Security Engineering Matt Clemens will also share: 

-How to improve patient safety, and prevent theft of sensitive patient information or valuable intellectual property using a layered security approach
-How to protect healthcare applications against reverse engineering using code hardening, obfuscation, and key and data encryption 
-How threat monitoring and alerting counters threats in real-time and enables proactive attack response

Protecting Connected Healthcare Applications and Intellectual Property

Connected medical devices are now an integral part of modern healthcare – from insulin pumps to pacemakers, these devices improve health outcomes and quality of life for patients. Unfortunately with the increased use of these devices comes additional cybersecurity risk, particularly when it comes to the applications that manage them. 

Arxan Director of Security Engineering Matt Clemens explains how to protect web and mobile apps from reverse engineering to prevent IP theft, the breach of sensitive patient data, and improve patient safety.

Protecting Connected Medical Device Apps

Application Security

Health IT

Cyber Threats

Zero Trust

Threat Intelligence

Data Security

Web Application Security

Threat analytics

API protection

Reverse Engineering

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Protecting Connected Medical Device Apps

Presented by

About this talk

More from this channel