Hi [[ session.user.profile.firstName ]]

Why Automation of AST Solutions is the Key to DevSecOps

Software development teams are often overloaded with security-related data, hindering delivery speeds and security integrity. In this session, learn the importance of application security testing solutions that leverage automation to produce high-quality findings and results, and how they help organizations achieve a true DevSecOps model by automating vulnerability detection and triage.
Recorded Apr 22 2020 24 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Matthew Rose, Director of Application Security Strategy
Presentation preview: Why Automation of AST Solutions is the Key to DevSecOps

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Removing the friction between Security, Developers and DevOps Jun 9 2020 4:00 pm UTC 45 mins
    Nathan Leach, Solution Architect
    Developers, security professionals and DevOps teams often find themselves struggling between timely code delivery, secure code delivery and automation:
    - Developers are most commonly measured on the delivery speed and quality of their code, not on the security of their code.
    - Security professionals want to ensure that every piece of code is tested upon commit for security threats, without incremental cost and friction with developers and DevOps.
    - DevOps on the other hand care about the effectiveness of the release process and want to make sure nothing slows that down.

    In this webinar, Nathan Leach, Solution Architect at Checkmarx will walk you through how CxSAST allows companies to embed security into the software development lifecycle in a way that doesn’t disrupt developer’s work, doesn’t add any additional code reviews, and doesn't use any new tools.
  • 金融服务和应用安全 Recorded: May 15 2020 62 mins
    Tony Li Technical Manager
    为助力金融企业抵御网络安全风险与攻击,Checkmarx携手广东省粤港澳合作促进会金融专业委员会在这特殊时刻,通过线上直播为金融机构分享“安全风险应对策略”、“相关应用安全分享”、“安全风险分析与管理”等内容。

    Checkmarx中国区技术总监 李亭Tony Li 就《金融服务和应用安全》开讲。

    本次直播将为您分享:
    ☑ 与金融服务相关的应用安全
    ☑ 如何将安全植入攻击者最关注的对象?
    ☑ SDLC和DevSecOps环境中的安全性
    ☑ 安全性与DevOps的关键需求在哪些点会发生冲突?

    讲师李亭将从安全软件应用方面,针对金融服务机构,给予建设性的解决方案;并就目前敏捷运维方式下,存在的安全和集成问题,进行答疑解惑,帮助金融机构建立全面网络安全构架。

    更快的软件应用周期、DevOps的部署和开源代码的采用所带来的软件风险仍是新的未知因素。让我们一起守护企业的安全!
  • Six Steps to Embedding Security into DevOps Recorded: May 14 2020 30 mins
    Stephen Gates
    Learn how organizations are beginning to embed security into their DevOps initiatives and find out what barriers need to be addressed in order to effectively achieve what the industry calls: DevSecOps. 
    Join this session to learn:
    - The step that directly influences all other aspects of your DevSecOps initiatives
    - The benefits of integrating security automation into DevOps, resulting in improved quality, speed, and security
    - The most important topics that must be addressed when embedding security into DevOps
  • Formez vos développeurs à la sécurité applicative de manière ludique Recorded: Apr 30 2020 29 mins
    Grégory Domagala, France Sales Engineer
    "CodeBashing - Formez vos développeurs à la sécurité applicative de manière ludique"
    Veuillez vous joindre à nous pour ce webinaire Codebashing, Checkmarx AppSec Awareness Solution for DevOps. Grégory Domagala, ingénieur avant-vente France discutera:
    o Le besoin de sensibilisation à l’AppSec au-delà de la formation
    o Les bonnes pratiques dans la mise en place d’un programme de sensibilisation AppSec
    o [Démo] La solution de Checkmarx de sensibilisation à l’AppSec
  • Why Automation of AST Solutions is the Key to DevSecOps Recorded: Apr 22 2020 24 mins
    Matthew Rose, Director of Application Security Strategy
    Software development teams are often overloaded with security-related data, hindering delivery speeds and security integrity. In this session, learn the importance of application security testing solutions that leverage automation to produce high-quality findings and results, and how they help organizations achieve a true DevSecOps model by automating vulnerability detection and triage.
  • [Panel] Finding the Balance Between Manual and Automated Testing Recorded: Apr 22 2020 45 mins
    Eran Kinsbruner - Chief Evangelist, Perforce | Matt Rose, Global Director Application Security Strategy at Checkmarx
    Keeping up with customer expectations in the digital age and continuously releasing high-quality software is tough. While not a silver bullet, the answer to doing both well in 2020 increasingly lies in test automation.

    However, adopting test automation is not without its challenges, and it must be blended correctly with manual testing.

    Join this panel of testing experts as they discuss how to find the balance between manual and automated testing, including:

    - Where to introduce automated testing
    - Why it’s crucial that you establish a repeatable manual documented process prior to implementing any automation
    - How to scale automated testing


    Panelists include:

    - Eran Kinsbruner - Chief Evangelist at Perfecto by Perforce
    - Matt Rose, Global Director Application Security Strategy at Checkmarx
  • Simplifying the Secure SDLC Recorded: Apr 8 2020 21 mins
    Ken McDonald, Principal Development Lead, Checkmarx Technical Services Team
    Simplify the Automation of Application Security Testing

    The main goal of any application security testing program is to reduce enterprise risk without hindering software release cycles, which is best achieved through thoughtful planning and implementation of security testing automation. However, this often remains an obstacle for many organizations today.
    To address this issue, Checkmarx recently announced the availability of an orchestration module called CxFlow for the Checkmarx Software Security Platform that tightly integrates with application release orchestration and agile planning tools.
    Implementing CxFlow:
    • Enables automated scanning earlier in the code management process by integrating directly into source control management systems or CI/CD tools
    • Improves operational ‘flow’ of secure software development and delivers more actionable vulnerability findings
    • Allows organizations to improve the security of their software without interrupting developer workflows

    Join Ken McDonald as he walks through CxFlow, demonstrating how it offers end-to-end automation - from scanning to ticketing, seamless integration with the modern development ecosystem, and centralized management.
  • Hey Google, Activate Spyware! With Google Assistant Recorded: Mar 31 2020 24 mins
    Erez Yalon Director of Security Research at Checkmarx
    This talk will highlight serious security findings in Android smartphones, enabling attackers to remotely control, take, and retrieve photos, videos, and geolocation from victims’ phones without the victim knowing, even if the phone is locked or the screen is turned off. Join us to see how one team chained several weaknesses and features to create a fully weaponized rogue spy-application.
  • The Rise of DevSecOps Recorded: Feb 27 2020 42 mins
    Michelle McLean (StackRox), Alex Peay (SaltStack), Matthew Rose (Checkmarx) & Brian Soldato, ReversingLabs
    As CISOs are """"moving left"""" and integrating DevSecOps technologies into the daily routine of developers, testing and securing their own code is becoming the new normal. Educating software developers into better practices is key, especially in the context of securing applications.
    Join this panel of industry experts and leaders to learn more about:
    - The evolution of DevOps and DevSecOps
    - Why security testing should be a part of the DevOps process
    - How DevOps and security teams can get along better
    - Dynamic tools to monitor applications and scan for vulnerabilities
    - The future of DevOps and security
    This panel will be broadcast LIVE during RSA Conference in San Francisco.

    Speakers:
    Michelle McLean, Vice President of Product Marketing, StackRox
    Matthew Rose, Global Director Application Security Strategy, Checkmarx
    Brian Soldato, Director of Sales Engineering, ReversingLabs
    Alex Peay, Senior Vice President of Product, SaltStack
  • Secure Software Development in the Age of Microservices Recorded: Feb 27 2020 30 mins
    Matthew Rose, Global Director Application Security Strategy, Checkmarx & Nathan Wenzler, Chief Security Strategist, Tenable
    In 2020, we’ll see a proliferation of microservices in software architecture. With cybersecurity at the forefront, development teams are expected to place an equal emphasis on security as they currently do on speed. How will a modernized, secure microservices approach impact your organization? Will this become the new normal for software development, and what solutions will your organization need to secure your microservices architecture?

    Join this exclusive video interview with Matthew Rose, Global Director Application Security Strategy, Checkmarx to learn more about the proliferation of microservices and the impact on software development.

    Viewers will have an opportunity to learn more about:
    - The current state of software development and the emergence of DevSecOps
    - How to embed security in your DevOps culture
    - Best practices for speedy AND secure software development lifecycle (SDLC)
    - Why continuous security testing is essential, and how to achieve continuous security testing for microservices
    - How to achieve an effective migration plan that will enable you to reduce risk during initial stages
    - Solutions needed for optimal security coverage for microservices

    This video interview will be broadcast LIVE from San Francisco during the 2020 RSA Conference.
  • Créer une culture AppSec à l’heure du DevOps Recorded: Feb 12 2020 31 mins
    Arthur Gatti Holtzer, Business Development Manager
    Alors que le DevOps maintient sa domination, les entreprises cherchent à rapprocher les équipes de développement et de sécurité afin de concevoir des applications sûres plus rapidement. Tant le besoin que les bénéfices de mettre en les mains des développeurs la sécurité sont clairs. Cela permet de gagner du temps, de l’argent ainsi que d’économiser les ressources de la société. Toutefois, la réalité est que 60% des développeurs n’ont pas confiance dans le niveau de sécurité de leurs propres applications. Cela s’explique par le fait que les développeurs ne sont souvent pas suffisamment accompagnés en matière de sécurité. Les entreprises forment généralement leurs développeurs à la sécurité une fois par an, voire une fois par trimestre dans le meilleur des cas, et espèrent ainsi que leurs équipes auront le même niveau que les spécialistes de la sécurité. Cette approche consistant principalement à cocher la case « formation au développement sécurisé », n’est évidemment pas suffisante pour implanter et faire croitre une véritable culture de la sécurité applicative au sein de l’organisation.

    Rejoignez-nous afin de savoir comment construire un programme de sensibilisation AppSec qui accompagne et forme véritablement les développeurs à penser et coder sécurité quotidiennement.
  • 1-2-1 Interview - Checkmarx, Cybertech Tel Aviv 2020 Recorded: Feb 4 2020 7 mins
    Nir Livni, VP Product
    Checkmarx, Cybertech Tel Aviv 2020
    1-2-1 Interview - Nir Livni, VP Product
  • Créer une culture AppSec à l’heure du DevOps Recorded: Dec 10 2019 32 mins
    Arthur Gatti Holtzer, Business Development Manager
    Alors que le DevOps maintient sa domination, les entreprises cherchent à rapprocher les équipes de développement et de sécurité afin de concevoir des applications sûres plus rapidement. Tant le besoin que les bénéfices de mettre en les mains des développeurs la sécurité sont clairs. Cela permet de gagner du temps, de l’argent ainsi que d’économiser les ressources de la société. Toutefois, la réalité est que 60% des développeurs n’ont pas confiance dans le niveau de sécurité de leurs propres applications. Cela s’explique par le fait que les développeurs ne sont souvent pas suffisamment accompagnés en matière de sécurité. Les entreprises forment généralement leurs développeurs à la sécurité une fois par an, voire une fois par trimestre dans le meilleur des cas, et espèrent ainsi que leurs équipes auront le même niveau que les spécialistes de la sécurité. Cette approche consistant principalement à cocher la case « formation au développement sécurisé », n’est évidemment pas suffisante pour implanter et faire croitre une véritable culture de la sécurité applicative au sein de l’organisation.

    Rejoignez-nous afin de savoir comment construire un programme de sensibilisation AppSec qui accompagne et forme véritablement les développeurs à penser et coder sécurité quotidiennement.
  • The Benefits of DevOps for Financial Services Organizations Recorded: Nov 13 2019 40 mins
    Matthew Rose, Director of Application Security Strategy
    Please join Checkmarx for a live webinar on the benefits of Devops for financial services organizations.

    Today, financial service organizations build software dramatically different than just 10 years ago. New development models deliver software faster than ever before to meet changing consumer demands, maximize operational efficiency and drive digital transformation. It’s simply no longer an option to deliver software that hasn’t been tested for security throughout the development process. The risks are too great.
    During this webinar, Checkmarx Global Director of Strategy, Matt Rose, will review specific steps financial organizations can take to address security in the software they create and how to build more secure applications at the start of the software development lifecycle (SDLC).
  • API Security in Depth Recorded: Nov 6 2019 38 mins
    Erez Yalon Director of Security Research at Checkmarx
    The OWASP API project addresses modern threats for API based applications. While traditional vulnerabilities like SQLi and XSS are becoming less common in APIs, there’s been an increase in vulnerabilities that are either specific to APIs or present a more significant risk, which many developers are unaware of.
    The presentation talks about:
    - The biggest challenge in APIs: authorization
    - OWASP top 10 for APIs, including examples
    - Tools for security engineers to perform pentest for APIs
    - Tips for developers on how to develop more secure API
  • Better Together OSA & SAST Recorded: Sep 4 2019 45 mins
    Steven Zimmerman, Product Marketing Manager & Tyler Agypt, Sales Engineer
    Join us for a conceptual and technical discussion of the best practices organizations should employ in order to mitigate the risks intrinsic to modern software development.
    -Explore the weaknesses in modern software
    -Uncover the challenges with traditional security testing
    -Learn best practices to manage risk in custom code and open source
  • IAST Stories From the Field Recorded: Aug 22 2019 39 mins
    Michael Haddon IAST Evangelist for North America
    As DevOps continues along its path of domination, organizations are seeking to make use of application security testing tools that leverage automation and easily scale up.

    With that, we see that Interactive Application Security Testing (IAST) is gaining increasing momentum.

    Join industry-experts Michael Haddon for insights on:
    •Why customers are seeking IAST solutions
    •Common IAST use cases
    •How customers are using IAST successfully
    •The benefits customers gain from using IAST
  • ¡No es Magia, Es DevSecOps! Recorded: Aug 20 2019 61 mins
    Ronen Riesenfeld, Sales Engineer Checkmarx
    La seguridad perimetral, el análisis dinámico y otras soluciones de seguridad no estática dan una incorrecta percepción de que las aplicaciones están seguras, percepción que reduce el sentido de urgencia por la implementación holística de la seguridad. Las soluciones de seguridad estática, fortalecen los cimientos de las aplicaciones sin entorpecer los procesos e integrándose de manera orgánica como por arte de magia, facilitando así el desarrollo seguro a alta velocidad

    ¿QUÉ APRENDERÁS EN ESTE WEBINAR?

    Aprenderá que nos motiva a la prevención y su relación con la seguridad en aplicaciones; se explicará que es la seguridad en las Aplicaciones, su importancia y mejores prácticas de la industria.
    Se explicarán las distintas soluciones de seguridad en aplicaciones dentro del ciclo de desarrollo y las tendencias actuales en seguridad en desarrollo de aplicaciones.
    Descubrirá las distintas maneras de integrar la seguridad en aplicaciones dentro del ciclo de desarrollo y las maneras más eficientes de remediar vulnerabilidades.
    Conocerá sobre la administración del Software Expuesto y su integración dentro de DevSecOps
  • IAST Stories From the Field Recorded: Aug 1 2019 40 mins
    Michael Haddon IAST Evangelist for North America
    As DevOps continues along its path of domination, organizations are seeking to make use of application security testing tools that leverage automation and easily scale up.

    With that, we see that Interactive Application Security Testing (IAST) is gaining increasing momentum.

    Join industry-experts Michael Haddon for insights on:
    •Why customers are seeking IAST solutions
    •Common IAST use cases
    •How customers are using IAST successfully
    •The benefits customers gain from using IAST
  • What the Heck is IAST? Recorded: Jul 2 2019 46 mins
    Susan St. Clair, Technical Services Engineer & Dana Raveh, Product Marketing Manager
    To keep up with the fast pace of releases and the speed of DevOps, organizations need accurate and automated security testing tools that can easily scale and produce actionable results.

    Historically, AppSec programs were characterized by the use of SAST and DAST tools. Fast forward to 2019 - While SAST is able to fit fast and iterative development processes, point-in-time DAST is slow and manual, rendering it as unfit for DevOps-like processes.

    This is where the new generation Interactive Application Security Testing (IAST) comes. So what the heck is IAST?

    Join Checkmarx experts Susan St. Clair and Dana Raveh , as they unriddle the next-generation AppSec solution - IAST
Manage Software Risk at the Speed of DevOps
Unify your application security into a single platform and release secure software, fast.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Why Automation of AST Solutions is the Key to DevSecOps
  • Live at: Apr 22 2020 6:00 pm
  • Presented by: Matthew Rose, Director of Application Security Strategy
  • From:
Your email has been sent.
or close