Hi [[ session.user.profile.firstName ]]

Créer une culture AppSec à l’heure du DevOps

Alors que le DevOps maintient sa domination, les entreprises cherchent à rapprocher les équipes de développement et de sécurité afin de concevoir des applications sûres plus rapidement. Tant le besoin que les bénéfices de mettre en les mains des développeurs la sécurité sont clairs. Cela permet de gagner du temps, de l’argent ainsi que d’économiser les ressources de la société. Toutefois, la réalité est que 60% des développeurs n’ont pas confiance dans le niveau de sécurité de leurs propres applications. Cela s’explique par le fait que les développeurs ne sont souvent pas suffisamment accompagnés en matière de sécurité. Les entreprises forment généralement leurs développeurs à la sécurité une fois par an, voire une fois par trimestre dans le meilleur des cas, et espèrent ainsi que leurs équipes auront le même niveau que les spécialistes de la sécurité. Cette approche consistant principalement à cocher la case « formation au développement sécurisé », n’est évidemment pas suffisante pour implanter et faire croitre une véritable culture de la sécurité applicative au sein de l’organisation.

Rejoignez-nous afin de savoir comment construire un programme de sensibilisation AppSec qui accompagne et forme véritablement les développeurs à penser et coder sécurité quotidiennement.
Recorded Feb 12 2020 31 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Arthur Gatti Holtzer, Business Development Manager
Presentation preview: Créer une culture AppSec à l’heure du DevOps

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The Rise of DevSecOps Feb 27 2020 6:30 pm UTC 60 mins
    Michelle McLean (StackRox), Alex Peay (SaltStack), Matthew Rose (Checkmarx) & Brian Soldato, ReversingLabs
    As CISOs are """"moving left"""" and integrating DevSecOps technologies into the daily routine of developers, testing and securing their own code is becoming the new normal. Educating software developers into better practices is key, especially in the context of securing applications.
    Join this panel of industry experts and leaders to learn more about:
    - The evolution of DevOps and DevSecOps
    - Why security testing should be a part of the DevOps process
    - How DevOps and security teams can get along better
    - Dynamic tools to monitor applications and scan for vulnerabilities
    - The future of DevOps and security
    This panel will be broadcast LIVE during RSA Conference in San Francisco.

    Speakers:
    Michelle McLean, Vice President of Product Marketing, StackRox
    Matthew Rose, Global Director Application Security Strategy, Checkmarx
    Brian Soldato, Director of Sales Engineering, ReversingLabs
    Alex Peay, Senior Vice President of Product, SaltStack
  • Secure Software Development in the Age of Microservices Feb 27 2020 5:30 pm UTC 30 mins
    Matthew Rose, Global Director Application Security Strategy, Checkmarx & Nathan Wenzler, Chief Security Strategist, Tenable
    In 2020, we’ll see a proliferation of microservices in software architecture. With cybersecurity at the forefront, development teams are expected to place an equal emphasis on security as they currently do on speed. How will a modernized, secure microservices approach impact your organization? Will this become the new normal for software development, and what solutions will your organization need to secure your microservices architecture?

    Join this exclusive video interview with Matthew Rose, Global Director Application Security Strategy, Checkmarx to learn more about the proliferation of microservices and the impact on software development.

    Viewers will have an opportunity to learn more about:
    - The current state of software development and the emergence of DevSecOps
    - How to embed security in your DevOps culture
    - Best practices for speedy AND secure software development lifecycle (SDLC)
    - Why continuous security testing is essential, and how to achieve continuous security testing for microservices
    - How to achieve an effective migration plan that will enable you to reduce risk during initial stages
    - Solutions needed for optimal security coverage for microservices

    This video interview will be broadcast LIVE from San Francisco during the 2020 RSA Conference.
  • Créer une culture AppSec à l’heure du DevOps Recorded: Feb 12 2020 31 mins
    Arthur Gatti Holtzer, Business Development Manager
    Alors que le DevOps maintient sa domination, les entreprises cherchent à rapprocher les équipes de développement et de sécurité afin de concevoir des applications sûres plus rapidement. Tant le besoin que les bénéfices de mettre en les mains des développeurs la sécurité sont clairs. Cela permet de gagner du temps, de l’argent ainsi que d’économiser les ressources de la société. Toutefois, la réalité est que 60% des développeurs n’ont pas confiance dans le niveau de sécurité de leurs propres applications. Cela s’explique par le fait que les développeurs ne sont souvent pas suffisamment accompagnés en matière de sécurité. Les entreprises forment généralement leurs développeurs à la sécurité une fois par an, voire une fois par trimestre dans le meilleur des cas, et espèrent ainsi que leurs équipes auront le même niveau que les spécialistes de la sécurité. Cette approche consistant principalement à cocher la case « formation au développement sécurisé », n’est évidemment pas suffisante pour implanter et faire croitre une véritable culture de la sécurité applicative au sein de l’organisation.

    Rejoignez-nous afin de savoir comment construire un programme de sensibilisation AppSec qui accompagne et forme véritablement les développeurs à penser et coder sécurité quotidiennement.
  • 1-2-1 Interview - Checkmarx, Cybertech Tel Aviv 2020 Recorded: Feb 4 2020 7 mins
    Nir Livni, VP Product
    Checkmarx, Cybertech Tel Aviv 2020
    1-2-1 Interview - Nir Livni, VP Product
  • Créer une culture AppSec à l’heure du DevOps Recorded: Dec 10 2019 32 mins
    Arthur Gatti Holtzer, Business Development Manager
    Alors que le DevOps maintient sa domination, les entreprises cherchent à rapprocher les équipes de développement et de sécurité afin de concevoir des applications sûres plus rapidement. Tant le besoin que les bénéfices de mettre en les mains des développeurs la sécurité sont clairs. Cela permet de gagner du temps, de l’argent ainsi que d’économiser les ressources de la société. Toutefois, la réalité est que 60% des développeurs n’ont pas confiance dans le niveau de sécurité de leurs propres applications. Cela s’explique par le fait que les développeurs ne sont souvent pas suffisamment accompagnés en matière de sécurité. Les entreprises forment généralement leurs développeurs à la sécurité une fois par an, voire une fois par trimestre dans le meilleur des cas, et espèrent ainsi que leurs équipes auront le même niveau que les spécialistes de la sécurité. Cette approche consistant principalement à cocher la case « formation au développement sécurisé », n’est évidemment pas suffisante pour implanter et faire croitre une véritable culture de la sécurité applicative au sein de l’organisation.

    Rejoignez-nous afin de savoir comment construire un programme de sensibilisation AppSec qui accompagne et forme véritablement les développeurs à penser et coder sécurité quotidiennement.
  • The Benefits of DevOps for Financial Services Organizations Recorded: Nov 13 2019 40 mins
    Matthew Rose, Director of Application Security Strategy
    Please join Checkmarx for a live webinar on the benefits of Devops for financial services organizations.

    Today, financial service organizations build software dramatically different than just 10 years ago. New development models deliver software faster than ever before to meet changing consumer demands, maximize operational efficiency and drive digital transformation. It’s simply no longer an option to deliver software that hasn’t been tested for security throughout the development process. The risks are too great.
    During this webinar, Checkmarx Global Director of Strategy, Matt Rose, will review specific steps financial organizations can take to address security in the software they create and how to build more secure applications at the start of the software development lifecycle (SDLC).
  • API Security in Depth Recorded: Nov 6 2019 38 mins
    Erez Yalon Director of Security Research at Checkmarx
    The OWASP API project addresses modern threats for API based applications. While traditional vulnerabilities like SQLi and XSS are becoming less common in APIs, there’s been an increase in vulnerabilities that are either specific to APIs or present a more significant risk, which many developers are unaware of.
    The presentation talks about:
    - The biggest challenge in APIs: authorization
    - OWASP top 10 for APIs, including examples
    - Tools for security engineers to perform pentest for APIs
    - Tips for developers on how to develop more secure API
  • Better Together OSA & SAST Recorded: Sep 4 2019 45 mins
    Steven Zimmerman, Product Marketing Manager & Tyler Agypt, Sales Engineer
    Join us for a conceptual and technical discussion of the best practices organizations should employ in order to mitigate the risks intrinsic to modern software development.
    -Explore the weaknesses in modern software
    -Uncover the challenges with traditional security testing
    -Learn best practices to manage risk in custom code and open source
  • IAST Stories From the Field Recorded: Aug 22 2019 39 mins
    Michael Haddon IAST Evangelist for North America
    As DevOps continues along its path of domination, organizations are seeking to make use of application security testing tools that leverage automation and easily scale up.

    With that, we see that Interactive Application Security Testing (IAST) is gaining increasing momentum.

    Join industry-experts Michael Haddon for insights on:
    •Why customers are seeking IAST solutions
    •Common IAST use cases
    •How customers are using IAST successfully
    •The benefits customers gain from using IAST
  • ¡No es Magia, Es DevSecOps! Recorded: Aug 20 2019 61 mins
    Ronen Riesenfeld, Sales Engineer Checkmarx
    La seguridad perimetral, el análisis dinámico y otras soluciones de seguridad no estática dan una incorrecta percepción de que las aplicaciones están seguras, percepción que reduce el sentido de urgencia por la implementación holística de la seguridad. Las soluciones de seguridad estática, fortalecen los cimientos de las aplicaciones sin entorpecer los procesos e integrándose de manera orgánica como por arte de magia, facilitando así el desarrollo seguro a alta velocidad

    ¿QUÉ APRENDERÁS EN ESTE WEBINAR?

    Aprenderá que nos motiva a la prevención y su relación con la seguridad en aplicaciones; se explicará que es la seguridad en las Aplicaciones, su importancia y mejores prácticas de la industria.
    Se explicarán las distintas soluciones de seguridad en aplicaciones dentro del ciclo de desarrollo y las tendencias actuales en seguridad en desarrollo de aplicaciones.
    Descubrirá las distintas maneras de integrar la seguridad en aplicaciones dentro del ciclo de desarrollo y las maneras más eficientes de remediar vulnerabilidades.
    Conocerá sobre la administración del Software Expuesto y su integración dentro de DevSecOps
  • IAST Stories From the Field Recorded: Aug 1 2019 40 mins
    Michael Haddon IAST Evangelist for North America
    As DevOps continues along its path of domination, organizations are seeking to make use of application security testing tools that leverage automation and easily scale up.

    With that, we see that Interactive Application Security Testing (IAST) is gaining increasing momentum.

    Join industry-experts Michael Haddon for insights on:
    •Why customers are seeking IAST solutions
    •Common IAST use cases
    •How customers are using IAST successfully
    •The benefits customers gain from using IAST
  • What the Heck is IAST? Recorded: Jul 2 2019 46 mins
    Susan St. Clair, Technical Services Engineer & Dana Raveh, Product Marketing Manager
    To keep up with the fast pace of releases and the speed of DevOps, organizations need accurate and automated security testing tools that can easily scale and produce actionable results.

    Historically, AppSec programs were characterized by the use of SAST and DAST tools. Fast forward to 2019 - While SAST is able to fit fast and iterative development processes, point-in-time DAST is slow and manual, rendering it as unfit for DevOps-like processes.

    This is where the new generation Interactive Application Security Testing (IAST) comes. So what the heck is IAST?

    Join Checkmarx experts Susan St. Clair and Dana Raveh , as they unriddle the next-generation AppSec solution - IAST
  • Is Privacy Even Possible with IoT? Recorded: Jun 25 2019 37 mins
    Erez Yalon, Manager of Application Security Research
    Smart devices are a big part of our lives. Bluetooth Smart (BLE), which was introduced on IoT devices in 2011, made their number explode. So now we have cheaper devices that consume less power – what more can you ask for? Well... SECURITY and PRIVACY!

    Join Erez Yalon, Manager of Application Security Research at Checkmarx, as he explains about privacy and the lack of it in today's IoT-driven world.
  • What the Heck is IAST? Recorded: Jun 18 2019 47 mins
    Susan St. Clair, Technical Services Engineer & Dana Raveh, Product Marketing Manager
    To keep up with the fast pace of releases and the speed of DevOps, organizations need accurate and automated security testing tools that can easily scale and produce actionable results.

    Historically, AppSec programs were characterized by the use of SAST and DAST tools. Fast forward to 2019 - While SAST is able to fit fast and iterative development processes, point-in-time DAST is slow and manual, rendering it as unfit for DevOps-like processes.

    This is where the new generation Interactive Application Security Testing (IAST) comes. So what the heck is IAST?

    Join Checkmarx experts Susan St. Clair and Dana Raveh , as they unriddle the next-generation AppSec solution - IAST
  • Livestream Video - Application Security in a DevOps World Recorded: Jun 6 2019 37 mins
    Keith Batterham, DevSecOps Evangelist | Moshe Lerner, Checkmarx | Paul Farrington, Veracode | Yotam Gutman
    With today's enterprises leveraging around 1000 applications and multiple clouds, application security is becoming a key area of focus. Application security testing is being integrated into the DevOps process early on, while automation, speed and coverage and becoming critical to the success of DevSecOps programs.

    Join this interactive panel of industry experts to learn more about:
    - Why application security is critical
    - Key principles for building application security into DevOps
    - Best practices for leveraging automation
    - Speed vs Security: Where do you draw the line?
    - Recommendations for improving security in 2019

    Panellists
    Paul Farrington, EMEA CTO, Veracode
    Keith Batterham, CTO - CISO - DevSecOps Evangelist
    Moshe Lerner, SVP Product Strategy & Corporate Development, Checkmarx

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • Ask the DevSecOps Expert: Software Security in DevOps & CI Environments Recorded: Jun 6 2019 14 mins
    Moshe Lerner, Checkmarx | Yotam Gutman, Cybersecurity Marketing Community
    The increased complexity of software and the need to keep up with fast-paced release cycles create new types of risk in the form of Software Exposure.

    Join this interactive 1-2-1 discussion where product strategist and industry expert, Moshe Lerner will share insights including;

    - Why you should consider software security as non-functional issue?
    - What are the key challenges for managing software security in general and in DevOps environments?
    - Best of breed vs Best of suite – Which is the right approach?
    - The difference between interactive application security testing (IAST) and dynamic application security testing (DAST)? Can IAST replace DAST?
    - How to manage and reduce application security risk at scale

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • Rise of the Machines- Artificial Intelligence and Security Recorded: Apr 30 2019 51 mins
    Maty Siman Founder & CTO Checkmarx
    Artificial Intelligence (AI) software is everywhere being leveraged by many industries such as healthcare, fintech, and e-commerce. But how does AI impact the security space? Join Maty Siman, Checkmarx Founder and CTO, to get both a white hat and black hat perspective to AI and security.
  • Rise of the Machines- Artificial Intelligence and Security Recorded: Mar 20 2019 52 mins
    Maty Siman Founder & CTO Checkmarx
    Artificial Intelligence (AI) software is everywhere being leveraged by many industries such as healthcare, fintech, and e-commerce. But how does AI impact the security space? Join Maty Siman, Checkmarx Founder and CTO, to get both a white hat and black hat perspective to AI and security.
  • Better Together: SAST and IAST Recorded: Mar 13 2019 60 mins
    Susan St. Clair, Technical Services Engineer
    With the rapidly changing market, many companies are adopting DevOps processes to keep up with shrinking release cycles. With this change, old software security methodologies such as dynamic testing and pen testing are struggling to keep up. This doesn't mean that we don't need dynamic testing, rather that companies are searching out solutions that can keep pace with modern DevOps processes.

    IAST is the only dynamic solution that fits the speed of DevOps. It is fast and continuous, finding vulnerabilities in runtime environments. But IAST is only one part of the software security puzzle. For full coverage, from SDLC integration to runtime environments, you need synergy between your solutions.

    Checkmarx offers a synergy with between IAST and SAST that cannot be achieved elsewhere. The two solutions working together improve the quality of results and allow easier and more precise prioritization, leading to easier and shorter remediation.

    Join Susan St. Clair, Technical Services Engineer at Checkmarx, to get a better understanding on why IAST and SAST are better together.

    By joining you will:

    - Gain a better understand of IAST technologies and their impact on the
    market
    - Learn about the advantages of IAST and SAST working together as
    part of the Software Exposure Platform
    - Dive into a case study on the subject
    - Understand what to look for when evaluating IAST and SAST products
  • How to Survive a Data Breach Recorded: Mar 5 2019 48 mins
    Chris Roberts (Attivo Networks), Matthew Rose (Checkmarx), Chris Eng (Veracode), Nathan Wenzler (Moss Adams)
    Data breaches continuing to make the headlines and enterprises are no longer questioning "if" a breach will occur, but "when." With the organization's data assets and reputation at stake, having a breach response plan in place is becoming increasingly important.

    Join security thought leaders and experts for an interactive Q&A to learn more about:
    - Today’s cybersecurity threat landscape
    - The true costs of a breach
    - Preventing breaches: Key factors to consider
    - Why early breach detection is critical
    - How to develop an effective incident response plan and get C-Suite buy-in
    - How to keep your company secure in 2019"
Manage Software Exposure at the Speed of DevOps
Unify your application security into a single platform and release secure software, fast.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Créer une culture AppSec à l’heure du DevOps
  • Live at: Feb 12 2020 1:00 pm
  • Presented by: Arthur Gatti Holtzer, Business Development Manager
  • From:
Your email has been sent.
or close