Hi [[ session.user.profile.firstName ]]

Improving Web & Mobile Application Security

As companies grow to recognise the threat posed by insecure web and mobile applications to their security posture – through recent incidents of ‘hacktivism’ and data breach, application security programs designed to eliminate risk earlier in the development lifecycle, or to mitigate 3rd party risk have grown in importance. This session will examine the common threats and flaws in web and mobile applications, look at the different testing methodologies deployed to identify and remediate, and share findings from Veracode’s analysis of current state of software security based on real-world data. Attendees will learn how the development of an Application Risk Management (ARM) program can assist in improving their internal development cycles through the adoption of an SDLC approach, or the introduction of a 3rd-party scanning program to assess risks in their supply chain.

Speaker Bio:
Jason has been part of the information security industry for over 15 years, working in the fields of email security, encryption, public key infrastructure and authentication. As EMEA Solutions Architect at Veracode he manages technical and future development of their cloud-based application risk management platform across Europe.

Prior to Veracode, Jason has held senior technical roles at Cisco, Ironport and Clearswift. Jason has also participated in a number of industry associations, involved in research and speaking at groups including the Open Web Application Security Project (OWASP), the Cloud Security Alliance (CSA), the Information, MAAWG (Messaging Anti Abuse Working group), Systems Security Association (ISSA). Jason holds a BSc in Information Systems from Edith Cowan University, Western Australia.
Recorded Aug 10 2011 48 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jason Steer, EMEA Solutions Architect, Veracode
Presentation preview: Improving Web & Mobile Application Security

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Social Engineering, Phishing and Protecting the Enterprise Dec 13 2018 4:00 pm UTC 60 mins
    Jan Liband (SlashNext) | John Bambenek (ThreatSTOP) | JP Bourget (Syncurity)
    This webinar is part of the 2019 Trends and Predictions series on BrightTALK.

    Join top security leaders for an interactive discussion on how to better secure the enterprise in 2019:
    - Top threats on the horizon and what's at risk
    - Cyber defenses and your employees
    - Basic cyber safety recommendations to protect against social engineering, phishing and email cyber attacks
    - Use cases and examples
    - Actions to take today to protect your employees and enterprise from cyber criminals
    - What to expect in 2019

    Speakers:
    - John Bambenek, VP Security Research & Intelligence, ThreatSTOP
    - JP Bourget, Founder & Chief Security Officer, Syncurity
    - Jan Liband, CMO, SlashNext
  • Trends in Cyber Attacks and Breaches Dec 11 2018 1:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF LTD
    As the scale, sophistication, and targeting of cyber-attacks increase, organisations need to manage risk in ways beyond those traditionally handled by the information security function.

    In this webinar, Steve Durbin, Managing Director at the ISF will offer his insights into how security and business teams across the entire organisation can work together to minimise the impact of a breach, in order to protect organisations from damaging shareholder value and business reputation.


    About the presenter

    Steve Durbin is Managing Director of the Information Security Forum (ISF). His main areas of specialism include strategy, information technology, cybersecurity and the emerging security threat landscape across both the corporate and personal environments.
  • [Earn 1 CPE] Critical Actions to Prevent a Data Breach in 2019 and Beyond Nov 29 2018 6:00 pm UTC 75 mins
    Moderated by Colin Whittaker. Panelists: Idan Shoham, CTO Hitachi
    Today’s organizations face a cybersecurity landscape more difficult to navigate than ever before. When it comes to data breaches, the risk for organizations is high, from the easily calculable costs of notification and business loss to the less tangible effects on a company's brand and customer loyalty. With large-scale data breaches continuing to make the headlines in 2018, organizations must be proactive, not reactive, in the face of looming cyber threats. Proactive threat intelligence can enable organizations to prevent breaches or compromises before they occur.

    On this webinar our panel of experts will discuss some critical actions organisations can consider to prevent a data breach, and attendees will learn:

    - Strategies you can implement now to help you protect against a breach.
    - Best practices for gathering the intelligence to predict and prevent attacks.
    - How to use threat intelligence to improve your organization’s security posture and reduce the risk of an attack.
    - Steps to fortify your last line of defense.
  • Securing Your Cloud Networks Nov 6 2018 10:00 am UTC 60 mins
    TBC
    Join this live panel discussion with experts at VMworld US for all things virtual and cloud networking; from security, network virtualization and beyond.

    Tune into this interactive Q&A session with world renowned Data Center, Cloud, Virtualization, and Infrastructure experts as they discuss the following:

    - How to secure your application infrastructure and the role of micro-segmentation
    - How to ready today's cloud network for tomorrow's demands
    - How technologies like SD-WAN and IoT are extending beyond the data center to the edge, and what that means for your customers

    This live panel will be streamed directly from VMworld US in Las Vegas! Join us for live Q&A from the comfort of your desk.
  • CISO Panel - Protecting Critical Infrastructure in the Age of Threats Oct 30 2018 4:00 pm UTC 60 mins
    Dan Lohrmann (Security Mentor) | Chris Morales (Vectra) | Dave Klein (GuardiCore)
    This webinar is part of BrightTALK's coverage of the 15th National Cyber Security Awareness Month (NCSAM).

    Join CISOs and other security leaders for an interactive discussion on how to better secure our critical infrastructure:
    - Top threats on the horizon and what's at risk
    - Key vulnerabilities & how advancements in technology have changed the game
    - Threat intelligence & what needs to be improved now
    - What government agencies can learn from the private sector about cybersecurity
    - Recommendations for protecting critical infrastructure from attacks and subversion by online adversaries
    - What to expect in 2019

    Speakers:
    - Dan Lohrmann, Chief Strategist & Chief Security Officer (CSO), Security Mentor
    - Chris Morales, Head of Security Analytics, Vectra Networks
    - Dave Klein, Director, Engineering & Architecture, GuardiCore
  • CISO Panel - Cybersecurity and the New CISO [NCSAM] Oct 29 2018 4:00 pm UTC 60 mins
    Gary Hayslip (Webroot) | Dan Lohrmann (Security Mentor) | Mark Weatherford (vArmour)
    This webinar is part of BrightTALK's coverage of the 15th National Cyber Security Awareness Month (NCSAM).

    Learn how the role of Chief Information Security Officer (CISO) has changed in the age of data breaches and high-profile cyber attacks.

    Join well-known CISOs at the top of their game for an interactive discussion on:
    - How the role of CISO has changed in the last few years
    - Hiring and retaining a CISO
    - Top challenges for CISOs
    - Dealing with stress & pressure associated with the role
    - How to keep your security team happy
    - Tools, technology and policies CISOs swear by
    - What keeps CISOs up at night
    - Why leadership buy-in is essential to boost cybersecurity
    - Future trends and predictions

    Speakers:
    - Gary Hayslip, CISO, Webroot
    - Mark Weatherford, Chief Cybersecurity Strategist, vArmour
    - Dan Lohrmann, Chief Strategist & CSO, Security Mentor
  • Cloud Security Trends and Best Practices for 2019 Oct 23 2018 3:00 pm UTC 60 mins
    Dave Klein (Guardicore) | Panelists TBA
    As more corporate data moves to the cloud, the new challenge is to efficiently manage security in both the cloud and on premises. How are organizations coping and what are the solutions they should be employing?

    Join this keynote panel of security and cloud experts as they discuss:
    - Cloud security challenges today
    - Extending network security to the cloud
    - Security policy management in the cloud
    - Security automation
    - Best practices and recommendations for improving your enterprise security posture
    - Future trends in cloud security
  • Security in the Cloud: Identity Management, Access Control and Authentication Oct 23 2018 12:00 pm UTC 45 mins
    Emma Bickerstaffe, Senior Research Analyst, ISF LTD
    Organisations increasingly rely on cloud services, motivated by the benefits of scalability, accessibility, flexibility, business efficiencies and reduced IT costs. However, there are several security implications that organisations need to address, including the challenge of verifying identity and managing access to cloud services.

    Cloud services bring added complexity to identity and access management, exacerbated by the distribution of data across a myriad of applications accessed by users from multiple devices and locations. Failure to adequately implement user authentication and access control in the cloud can be exploited by attackers to gain access to users’ credentials, manipulate systems and compromise data.

    In this webinar, Senior Research Analyst Emma Bickerstaffe will discuss identity management, access control and user authentication in the cloud environment, and consider how organisations can effectively tackle this security concern.
  • Cloud Strategy & Improving Your Enterprise Security Posture in 2019 Oct 22 2018 5:00 pm UTC 60 mins
    Sushila Nair (NTT DATA Services) | Panelists TBA
    This keynote panel is part of Cloud Month on BrightTALK.

    Join this keynote panel of security and cloud experts as they discuss:
    - The most prevalent security risks and challenges and how to contend with them
    - Your cloud strategy and how it affects your overall security posture
    - How to extend network security to the cloud
    - Areas for automation
    - Best practices on how to secure your enterprise in 2019
  • When Biometrics Simply Don't Cut It Oct 10 2018 5:00 pm UTC 60 mins
    Ehab Samy, Vice President of Product Management for Plurilock
    Identifying a user through fingerprints, facial recognition or iris scanning is simply not enough for today's digital age. Join us to learn about the shift from point-in-time identification to behavioral biometrics and how it is impacting today's workforce. Ehab Samy, Vice President of Product Management for Plurilock, will explore game-changing practices in continuous authentication and identity management to control access to physical spaces, applications, and government services.
  • CISO Panel - Best Practices for Cyber Hygiene [NCSAM] Oct 4 2018 4:00 pm UTC 60 mins
    Gary Hayslip (Webroot) | Joseph Kucic (Cavirin) | Dan Lohrmann (Security Mentor)
    This webinar is part of BrightTALK's coverage of the 15th National Cyber Security Awareness Month (NCSAM).

    Discover the basic cyber hygiene practices your organization should have in place to drastically reduce your risk exposure.

    Join well-known CISOs at the top of their game for an interactive discussion on:
    - How to achieve basic cyber hygiene
    - Best practices for minimizing your cyber risk
    - Cybersecurity awareness & employee training
    - Ethical hacking
    - Cyber insurance

    Speakers:
    - Gary Hayslip, CISO, Webroot
    - Joseph Kucic, CSO, Cavirin Systems
    - Dan Lohrmann, Chief Strategist & CSO, Security Mentor
  • Privacy & Security in the Age of IoT Oct 2 2018 4:00 pm UTC 60 mins
    Elena Elkina (Aleada Consulting ) | Parnian Najafi Borazjani (FireEye) | Ondrej Krehel (LIFARS) | John Bambenek (ThreatSTOP)
    This webinar is part of BrightTALK's Privacy Insights Series and National Cyber Security Awareness Month (NCSAM).

    With the proliferation of the Internet of Things into every sphere of our lives, it's now more important than ever to understand the security and privacy risks associated with connected devices. With smart home devices, office tools, children's toys, even medical devices being vulnerable to cyber attacks, becoming cyber aware should be a key priority for everyone.

    Join privacy and cyber security experts for an interactive panel roundtable discussion on:
    - The privacy and security vulnerabilities and risks stemming from IoT devices
    - The basic safety measures you can deploy to protect your home and workplace against cyber threats
    - Best practices for privacy and security safeguards
    - What to do in the event of a breach
    - What the future of privacy looks like

    Speakers:
    - Elena Elkina, Partner at Aleada Consulting
    - Parnian Najafi Borazjani, Senior Analyst, FireEye
    - Ondrej Krehel, Digital Forensics Lead, CEO & Founder, LIFARS
    - John Bambenek, VP Security Research & Intelligence, ThreatSTOP

    Audience members are encouraged to send questions to the speakers to be answered during the live session.
  • CISSP Exam Prep Clinic #5: Difference between CISSP and CISSP Associate status Sep 29 2018 3:15 pm UTC 45 mins
    Mission Critical Institute
    Learn about the CISSP employment endorsement and the CISSP Associate Status.

    In Clinic #5, you will learn about the CISSP employer endorsement and how it works. You will also learn what happens when you pass the exam but still cannot meet all of the CISSP employment requirements. Specifically, you receive information about the CISSP Associate status and how employers will respond to you when you pass the exam and still need more experience.


    If you want to pass your CISSP Exam the first time, you’ll want to attend and then review this series of five live online CISSP Exam Prep Clinics. In these five valuable CISSP exam clinics you will learn about:

    • The new CISSP exam format, the “adaptive exam format”
    • How hands-on labs will help you prepare for your exam
    • Tactics to select the best answer for each question
    • How to get your employment endorsement and what happens if you need more experience

    These five Clinics include tips for all 8 CISSP domains covered in the exam.

    Register today and move closer to your goal!

    SPONSORED BY: Mission Critical Institute
  • [Earn 1 CPE] Compliance vs Risk: Aligning Priorities & Prioritizing Threats Sep 27 2018 5:00 pm UTC 75 mins
    Colin Whittaker, Moderator. Stephen Boyer, CTO at BitSight; Marc French, SVP at Mimecast; Scott Petry, CEO at Authentic8.
    Compliance is a fundamental pillar to effective risk management at any company. However, simply complying with laws and regulations without considering the broader threat landscape can result in disaster. Certainly, a balance between compliance and risk is necessary. Ensuring compliance represents an organization's starting point, not the endgame, should be a priority.

    In a dynamic threat environment, forward-thinking organizations have concluded that the goal of total protection is elusive and that a risk-based approach to governance and management of cybersecurity is necessary. That is easier said than done, as the way most information security professionals measure risk today fails to quantify threats in terms the business can understand and use. In this CPE accredited webinar, our panel of experts will discuss:

    - Aligning risk and compliance metrics and controls across functional domains.
    - Benchmarking existing process for managing the risks identified by stakeholders.
    - Creating a transparent 'system of record' and collaborative process life-cycle management system.
    - Prioritizing control efforts accordingly.
    - Aligning compliance investments with compliance risk ratings and business priorities.
  • Enabling Digital Transformation - What to Expect at IP EXPO Europe 2018 Sep 26 2018 2:00 pm UTC 60 mins
    Simon Bitton, Sean McAvan
    With just a few weeks to the must-attend IT event of the year for CIOs, IT Managers and Directors, Security specialists, Technical experts, we've gathered some of the elite speakers who will be taking the stage to debate the hottest solutions, trends and the biggest opportunities and challenges for businesses to successfully embrace digital change.

    Topics to be covered include:

    - Cyber Security
    - DevOPs
    - AI Analytics
    - Blockchain
    - Internet of Things

    What will they be talking about at ExCeL London, on the 3-4 of October 2018, what do they want to hear about, what are they looking forward to?

    Presenters
    Simon Bitton, Director of Marketing, Europe, Park Place Technologies
    Sean McAvan, Managing Director, Navisite Europe
  • Threat Hunter: Implications of an Active Cyber Defense Sep 25 2018 5:00 pm UTC 62 mins
    Griff James (Damrod Analysis) | Wyatt Hoffman (CEIP) | Will Lymer (Loki Labs) | Philip Thomas (Reed Smith)
    It is beyond the ability or willingness of the world’s governments to protect and secure information technology. What role then can the private sector play in making cyberspace safer? Can private enterprises do anything to strike back at attackers, curtailing their freedom of action and raising the costs of malicious activity?

    Consisting of academics and industry experts, this panel will explore the potential for active cyber defence to impede and deter malicious activity and the conditions under which it could be conducted responsibly.

    Speakers:
    - Griff James, Director at Damrod Analysis
    - Wyatt Hoffman, Research Analyst, Cyber Policy Initiative at Carnegie Endowment for International Peace
    - Will Lymer, Chief Growth Officer at Loki Labs
  • CISSP Exam Prep Clinic #4: Pass the CISSP the 1st Time - Best Answer Selection Recorded: Sep 22 2018 42 mins
    Mission Critical Institute
    Learn how to analyze exam answer choices so you can select the best answers.

    In Clinic #4, you will learn tactics for analyzing the answer choices and then selecting the “best answer”. Often there is no “right” answer and you need to eliminate the less likely answers.

    If you want to pass your CISSP Exam the first time, you’ll want to attend and then review this series of five live online CISSP Exam Prep Clinics. In these five valuable CISSP exam clinics you will learn about:

    • The new CISSP exam format, the “adaptive exam format”
    • How hands-on labs will help you prepare for your exam
    • Tactics to select the best answer for each question
    • How to get your employment endorsement and what happens if you need more experience

    These five Clinics include tips for all 8 CISSP domains covered in the exam.

    Register today and move closer to your goal!

    SPONSORED BY: Mission Critical Institute
  • Beyond the Breach: Recommendations for Effective Response Recorded: Sep 19 2018 58 mins
    Heather Stratford-Geibel (Stronger.tech) | Sushila Nair (NTT DATA) | John Matthews (ExtraHop)
    Discover the latest trends in cyber crime, your organization's vulnerabilities, and how to go about preventing, detecting and responding to a breach.

    Join this interactive Q&A panel with top security experts across the ecosystem to learn more about:
    - Trends in breaches and cyber attacks
    - What to do (and not to do) after a breach
    - What's new on the threatscape
    - Best practices and recommendations for improving your security posture

    Speakers:
    - Heather Stratford-Geibel, CEO of Stronger.tech
    - Sushila Nair, Sr. Director, NTT DATA Services
    - John Matthews, CIO, ExtraHop
  • Next Generation Data Protection and Security: The Blockchain Advantage Recorded: Sep 19 2018 62 mins
    Joseph Pindar (Gemalto), Ulf Mattsson (TokenEx), David Morris (Unit221B), Alastair Johnson (Nuggets)
    How can Blockchain improve trust, security, and compliance? Can the decentralised nature of this technology be the missing piece in solving cybersecurity challenges?

    Listen in to this panel of security luminaries where they will discuss:
    -Key considerations for leveraging the blockchain in the age of GDPR
    -What sort of infrastructure must be in place to ensure a secure environment?
    -Is the blockchain itself secure?
    -How do you build a trust network around the blockchain?
    -What are some of the cybersecurity challenges that can be mitigated and managed by the blockchain?
  • Stay One Step Ahead of the Hacker - Maintain your company's Core Purpose and... Recorded: Sep 19 2018 38 mins
    Felicity March, Cyber Security Specialist, IBM
    Felicity will discuss what steps, methods and techniques that your organisation could employ to stay One Step Ahead of the Hacker.

    Felicity has spent her life immersed in technology and is passionate about ensuring companies build Resilience right into the core of their strategy and architecture. She understands the importance of Transformation into the Digital World as well as the risks of not having services available.
    Felicity started her career as a hacker, and has worked for technology giants for over 25 years, in that time she has worked and advised Companies, Governments and Standards bodies on the emerging IT trends and ensuring integrity and sustainability is baked into the heart of IT.

    Felicity has a wealth of expertise and experience throughout her career and her insights and perspective are refreshing. She also is an advocate of driving STEM skills in to the younger generation and is an active mentor and coach to the next generation of technologists.

    Felicity lives in Winchester with her family, three dogs and not enough motorbikes.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Improving Web & Mobile Application Security
  • Live at: Aug 10 2011 11:00 am
  • Presented by: Jason Steer, EMEA Solutions Architect, Veracode
  • From:
Your email has been sent.
or close