Name: Citi’s Formula for Supply Chain Security & Integrity
Start: 2024-10-30T13:54:00Z
End: 2024-10-30T13:54:30.000Z
Location: BrightTALK
Rating: 5

Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.

The recent Future of AppSec report from Checkmarx highlighted the growing gap between AI-fueled development and application security. Findings include:
- 81% knowingly ship vulnerable code to meet deadlines.
- 54% of code is now AI-generated; but only 18% have governance policies in place.
 
The gap that now exists is in danger of becoming a chasm. The use of AI in development is almost certain to rise further, including the move towards vibe coding. The threat landscape is likely to continue expanding.
- How can we hang on to the benefits of AI while managing its vulnerabilities?
- How secure is AI generated code?
- How can we bring security up to speed?
 
These are the questions we will answer at this panel discussion featuring some of the sharpest minds in the industry. We’ll be covering the big issues facing many security leaders right now and providing practical advice for thriving in the era of Agentic AI. Topics will include:
- Why AI redefines “secure coding skills” for developers.
- AI governance that doesn’t kill innovation.
- Perception gaps between CISOs and AppSec teams.
- The ways AI can support AppSec.

Panel Discussion: AppSec in the Era of Agentic AI

Erfahren Sie aus erster Hand, wie Agentic AI heute in der Praxis eingesetzt wird - wo Chancen liegen, welche Sicherheitsrisiken auftreten können und wie Sie Ihr Unternehmen in der DACH-Region mit klaren Strategien und Reifegradmodellen wie DSOMM besser schützen.

Übersicht:
AppSec im Wandel: Agentic AI für Dev- & AppSec-Teams.
Strategie & Praxis mit Timo Pagel: Rolle des AppSec-Anbieters, Chancen & Risiken von Coding-AI, Nutzen für CISOs & Devs.
Blick in die Zukunft:  Checkmarx One Assist inkl. Developer Assist.

AppSec im Wandel (Deutsch)

Découvrez en exclusivité comment l’Agentic AI transforme déjà la sécurité applicative et le développement logiciel. Identifiez les nouvelles opportunités créées par ces systèmes autonomes, comprenez les risques de sécurité potentiels et apprenez à mieux protéger votre organisation.

AppSec en mutation: l’Agentic AI au service des équipes Dev et AppSec.
En pratique:  Opportunités et risques du coding AI.
Un regard vers l’avenir:  démonstration en direct de Checkmarx One Assist, incluant Developer Assist, pour voir comment l’Agentic AI renforce vos équipes.

La nouvelle ère de l’AppSec - Risques et opportunités de l’Agentic AI dans le développement logiciel (french)

Discover how the Checkmarx One platform, powered by AI, allows security to keep up with the new rapid speed of development. Join us to see how the platform fits seamlessly into workflows and helps you prioritize risks, protect your code, and stay ahead in the AI era.

Checkmarx One Extra: a Deeper Look at Our AppSec Platform

Learn how Checkmarx One provides everything you need to secure your entire software supply chain at the speed of AI.

Intro to Checkmarx One: The AppSec Platform for the AI Era

Modern application development is heavily reliant on containers and their usefulness is undeniable. But containers also create unique security concerns, including hidden layers where threats can hide from the eye of traditional scans. 

Get smart with your use of containers and understand the real threats you face with practical advice on how to deal with them.  

You’ll learn about: 
- Why scanning source code isn’t enough. 
- The hidden threats of base images. 
- How misconfigurations expose risk. 
- Why waiting for runtime is too late.

Secure Early, Ship Fast: Smarter Container Security

How secure is AI-generated code and what new risks does it introduce? Find out in the session where an AI-built application is live tested by Checkmarx experts.

AI-assisted development is a major boost to productivity. But research from Google DORA and the Checkmarx Future of AppSec report highlights its instability and security threats.

In this unique session you’ll see the application scanned with both the Checkmarx One AppSec Platform and the Checkmarx One Assist Agentic AI platform. Vulnerabilities will be revealed, and real-world security validations will be demonstrated.

GenAI Code Under the Microscope

Bringing security and development teams together is the goal of many organizations.  But it requires a cultural change that takes time to develop. Meanwhile, AI is having a major impact on AppSec, both for good and bad. How are these two themes connected? 

Find out in this inspiring webinar featuring the acknowledged expert in the field. Patrick Debois is a true pillar of the DevOps Community whose current focus is on GenAI’s connection to DevSecOps. In this conversation, he guides you through the issues and points the way forward, including:  

The benefits of aligning security and DevOps. 
GenAI as a security champion. 
Maturing DevSecOps Through GenAI 
Keeping development friction low. 

Make GenAI Your Security Champion

Driving Cultural and Technological Change

Get practical with a look at how your developers will benefit, as manual remediation is taken off their plate so they can get on with coding.

Checkmarx One Assist: Say Hello to the Future

Take a final trip to the frontlines of Agentic AI and see how it’s reshaping software engineering, AppSec and your future.

Rise of Agentic AI: Dev & AppSec Impact

Yes, it’s real. See Agentic AI in action, integrating with dev workflows, and automatically solving problems without slowing down pipeline.

Stay in Flow, Code Safe with Agentic

Join best-selling author Gene for a truly inspiring session that includes a look at the opportunities and risks of AI writing the code for us.

Lessons Learned in DevSecOps and Vibe Coding

How can Agentic AI accelerate your speed of development? Find out as Sandeep outlines a genuine evolution in AppSec happening now.

Game On: Agentic AI for Dev & AppSec

Hear from a leading voice who shares insights on the adoption of AI coding assistants, and the foundational shifts required to successfully integrate Agentic AI.

Shaping Secure DevOps

Forget what you know about security being a blocker on speed.

Find out how elite engineering teams are actually using security to accelerate software delivery.
This webinar explores how modern AppSec practices, powered by intelligent automation and AI, can reduce friction in the development lifecycle, minimize change failures, and cut down resolution times.
You’ll learn:
• How AppSec strategies directly influence DORA performance.
• Real-world examples of reducing MTTR for security vulnerabilities.
• Practical steps to align Dev, Sec, and Ops for measurable delivery impact.
• How multi-agent AI can accelerate secure coding at scale.
 
And the end result?  A faster, safer path to production.
Watch now and start making a difference to developer productivity and velocity.

Using Security to Speed up Development

DevOps was always meant to include security, but in reality, the cultures didn’t align—leaving many organizations without a mature DevSecOps strategy. So how do you complete the DevSecOps journey? 

Join Techstrong and Checkmarx for DevSecOps: Cracking the Code, a new webinar series packed with expert insights and actionable advice to help you successfully evolve from DevOps to DevSecOps.

Cracking the Code: How do you complete the DevSecOps journey?

DevOps thrives on speed, innovation, and continuous delivery, while security operates on principles of caution, risk mitigation, and compliance. Too often, these priorities create friction instead of synergy, making the transition to DevSecOps challenging. But security should not be a bottleneck—it should be an enabler. Achieving this requires more than just implementing security tools; it demands a shift in culture toward trust, collaboration, and shared accountability. In this live panel discussion, industry experts will explore how organizations can bridge the gap between DevOps and security, transforming security from an afterthought into an integrated, seamless part of the development process.
Join us as we bring together a panel of experts to share real-world experiences, insights, and strategies for building a DevSecTrust mindset—where security and speed go hand in hand.

From Silos to Synergy Aligning DevOps & Security Mindsets

Developers now hold greater influence over tooling and implementation decisions. Greater autonomy has furthered the DevSec divide and challenged CISOs to adapt their leadership style.

This webinar looks at how CISOs can bring developers and security together to reduce risk, increase efficiency, and embrace this transformation by redefining their role:

- Balance control over your security strategy and tool acquisition in a new era of distributed authority.
- Evolve your role to integrate security and business goals while enabling developer autonomy, resulting in the release of secure, working software.
- Align development and security priorities to reduce risks, improve efficiency, and position security as a business enabler.

Redefining the CISO: Bridging the DevSec Divide in the Age of Developer Autonomy

As Open-Source Software (OSS) becomes integral in finance, security challenges - especially around protecting the software supply chain - are intensifying. While awareness of these threats is widespread among AppSec professionals, only 7% use the necessary advanced tools to mitigate these risks effectively.

Tailored for executives in finance, join our upcoming webinar on April 25, 11 AM EST, with industry leaders Jonathan Meadows, a Citi Tech Fellow and Chair of the OpenSSF, and Tzachi Zorenshtain, Head of Security Research at Checkmarx. They will share their expert perspectives on the unique supply chain security challenges facing financial institutions and provide practical, actionable strategies to overcome them.

You’ll leave this session understanding:

How to identify and guard against the key supply chain threats facing the financial industry.
How to employ cutting-edge strategies to preempt and counter the newest attack vectors.
How to engage with and contribute to community efforts focused on fortifying software supply chains.

Citi’s Formula for Supply Chain Security & Integrity

Supply Chain

Open Source

Cyber Security

Application Security

Financial Security

Risk Management

Threat Analysis

Threat Detection

Security Analysis

Threat Defence

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Citi’s Formula for Supply Chain Security & Integrity

Presented by

About this talk

Checkmarx