Hi [[ session.user.profile.firstName ]]

[Panel] Harnessing Knowledge: The State of Enterprise Application Security

As organizations strive to transform themselves for the digital economy, application development is moving further into the spotlight - and right behind it is application security.

So in 2019, AppSec can make or break a business. Instead of being overwhelmed by this pressure, there are tools and processes on the market that can help your application both meet and exceed business and security demands.

From infrastructure-as-code models to API security and DevOps, learn from this panel of global experts how to harness knowledge and accelerate application release cycles, improve security and transform your business.

Moderator: Daniel Blander, Virtual Clarity
Panelists:
Joseph Feiman, Chief Strategy Officer, WhiteHat Security
Paul Farrington, CTO, Veracode EMEA
Recorded Apr 25 2019 61 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Daniel Blander, Virtual Clarity (Moderator), Joseph Feiman, CSO, WhiteHat Security & Paul Farrington, CTO, Veracode EMEA
Presentation preview: [Panel] Harnessing Knowledge: The State of Enterprise Application Security

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Agile Blind-spots: Angles to Keep at Sight for a True Agile Transformation Oct 24 2019 10:00 am UTC 45 mins
    Cristiane (Coca) Pitzer, Retail inMotion
    This Talk is based on real-life experience while leading Agile transformation in organisations.

    I will speak about what I have learned as well as some angles I almost missed, and that other Agile Coaches typically miss while identifying corporate problems.

    A practical session where I call out the blind spots and actual actions taken to course-correct.

    Presented by:
    Cristiane (Coca) Pitzer, Head of Agile & Agile Transformation, Retail inMotion
  • [Panel] Building Applications in the Cloud: Best Practices Jul 9 2019 3:00 pm UTC 60 mins
    Panel of experts
    With an increase in the number of applications being deployed on the Cloud, so to have questions about the issues presented by this recent technology adoption.

    Join this panel of experts as they discuss the importance of getting to grips with cloud infrastructure, load variance and cloud services, and learn the key best practices that will ensure your strategy is a success.
  • SHIFT LEFT THEN SHIFT UP: Strengthening Your DevSecOps Posture Jun 20 2019 3:00 pm UTC 45 mins
    Rani Osnat, VP of Product Marketing Aqua Security
    The concept of “shift left” engages security earlier in the development cycle of cloud-native applications, accelerating development while reducing risk. However, migrating to cloud-native environments also necessitates the security team to “shift up”, focusing on the application layer to account for the shared-service model and “thin OS” environments that are prevalent in these environments.

    Attend this webinar to learn why Shifting Up provides improved security and cost efficiency in cloud-native environments, including:

    - Kubernetes orchestrated applications
    - Containers running on VMs
    - Serverless containers (e.g., AWS Fargate and Azure Container Instances)
    - Serverless functions (e.g., AWS Lambda and Azure Functions)
  • [Panel] DevOps Adoption Challenges and How to Overcome Them Jun 19 2019 3:00 pm UTC 45 mins
    TBC
    To win with DevOps, you need to be aware of potential issues and know how to overcome the challenges so that you can make the most of its benefits.

    With the incredible growth of DevOps in a short space of time comes numerous questions about how best to adopt it. From insights and driving factors of adoption - to dealing with legacy systems and incorporating robust security features - join our panel of experts to hear advice and learnings from those at the forefront of DevOps adoption.
  • Digital? Transformation? Oh, you mean shiny new tech! ...Err, no, I don't! Jun 19 2019 12:00 pm UTC 60 mins
    Daniel Breston, Technology Leadership Transformation Coach, Virtual Clarity
    Sounds easy this Digital Transformation thing. Everyone apparently is doing it. Save a bunch of money. Makes customers happy. Our organisation looks good in the press or on the stock market. Hey – we don’t even have to do it as we can outsource everything to someone else! Nirvana!

    Really? I mean REALLY? What percentage of these initiatives do not meet their expectations? What percentage of these initiatives instead make customers unhappy, or cause staff to leave or cost you money because you did not consider what these 2 words REALLY mean?

    Let’s discuss what Digital Transformation can mean to you in what I hope is an interactive session on language, leadership expectations, metrics, basic tools you need, challenges, outcomes and the impact on your people. This is not a technical session. This is a discussion for leaders at any level on how to best engage the new industrial movement of our time best known as Digital Transformation.

    About the speaker:
    Daniel Breston was a technology leader at some level for over 3 decades for large financial services organisations in the USA and UK. Now at Virtual Clarity, Daniel coaches leaders that want to benefit from or lead technology teams to help organisations do better things faster and safer. You can also find Daniel speaking at ITSM, DevOps or local conferences or join him in discussion blogs.
  • DevOps for Your Cloud Project - What’s Behind the Success of Cloud Adoption? Jun 18 2019 10:00 am UTC 45 mins
    Alberta Bosco, Sr. Product Marketing Manager at Puppet
    The shift to the cloud is about breaking down traditional barriers and opening new lines of communication and collaboration to solve problems. If you have already implemented DevOps practices in your organisation you will find it much easier to transition to the cloud.

    Why? Because cloud transformation requires significant collaboration between different teams. Because cloud adoption is complex a diverse, cross-functional team with experience and perspectives from around the company, can help create a collaborative environment that enables success.

    In this talk you will learn:

    How to manage the cultural shift required for a successful cloud project;

    How to build cross-teams, establish processes, adopt new tools and define KPIs;

    How to identify areas for improvement, increase agility and efficiency.
  • Scaling DevOps Jun 18 2019 9:00 am UTC 45 mins
    Mark Debney, DevOps Director at 6point6
    The first step in DevOps implementation at scale involves building a solid foundation of tooling, automation, architecture and testing to provide a standardised level of consistency for development teams to build upon. But where to from here?

    How do we move from dedicated DevOps engineering teams to a robust DevOps capability ingrained within multi-disciplinary teams?

    What steps can we put in place to ensure DevOps works effectively at scale?

    When we acknowledge that scaling DevOps is really about strengthening DevOps capabilities within development teams, we can identify which capabilities are core to our delivery process, how we can strengthen and share these effectively across the wider development practice and which capabilities, if any, are better suited to sit outside of a development team when running at scale.

    Join the 6point6 DevOps Director, Mark Debney, as he sets out the process for running robust and empowered DevOps at scale.

    About the speaker:
    Mark Debney, DevOps Director at 6point6

    Mark is an IT infrastructure specialist with over 20 years’ experience in technology and computer systems. His expertise lies in systems architecture and he has built a number of large-scale high transactional platforms using agile and DevOps methodologies.

    Mark is the Director for DevOps at 6point6, a leading technology consultancy, and helps to shape their DevOps offering with a focus on deploying DevOps at scale for Enterprise solutions.

    Prior to joining 6point6 Mark spent eight years at BSkyB where he was a Principal Engineer and led the Platform as a Service team, assessing emerging technologies and implementing solutions across the wider DevOps group. Before BSkyB Mark held System Administrator roles at The Prytania Group, Reading Room, AM International and was an Electronics Technician in the Royal New Zealand Navy.
  • Ask the AppSec Expert: How to Secure the Applications you Build, Buy & Manage Jun 6 2019 2:30 pm UTC 30 mins
    Paul Farrington, Veracode | Yotam Gutman, Cybersecurity Marketing Community
    Tomorrow's businesses need a simpler and more scalable way to increase the resiliency of global application infrastructure, without slowing innovation, today.

    Join this interactive 1-2-1 discussion where EMEA Chief Technology Officer, Paul Farrington (CISSP, MBCS) will share how leading businesses are;

    - Improving the level of security awareness and addressing the skills deficit
    - Enabling developers to fix flaws and prevent new ones
    - Prioritising and triaging the most exploitable flaws
    - Automating application security
    - Providing software development leaders with really useful security metrics
    - Incentivising secure development as part of their culture

    This session will show you how architects and developers are making smarter choices in designing secure software. You will also learn how to report success, and investment justification, to the board whilst setting realistic expectations throughout the software development lifecycle and not just at the destination.
  • Livestream Video - Application Security in a DevOps World Jun 6 2019 10:30 am UTC 45 mins
    Moshe Lerner, Checkmarx | Paul Farrington, Veracode | Yotam Gutman
    With today's enterprises leveraging around 1000 applications and multiple clouds, application security is becoming a key area of focus. Application security testing is being integrated into the DevOps process early on, while automation, speed and coverage and becoming critical to the success of DevSecOps programs.

    Join this interactive panel of industry experts to learn more about:
    - Why application security is critical
    - Key principles for building application security into DevOps
    - Best practices for leveraging automation
    - Speed vs Security: Where do you draw the line?
    - Recommendations for improving security in 2019

    Panellists
    Paul Farrington, EMEA CTO, Veracode
    Moshe Lerner, SVP Product Strategy & Corporate Development, Checkmarx

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • Ask the DevSecOps Expert: Software Security in DevOps & CI Environments Jun 6 2019 9:30 am UTC 30 mins
    Moshe Lerner, Checkmarx | Yotam Gutman, Cybersecurity Marketing Community
    The increased complexity of software and the need to keep up with fast-paced release cycles create new types of risk in the form of Software Exposure.

    Join this interactive 1-2-1 discussion where product strategist and industry expert, Moshe Lerner will share insights including;

    - Why you should consider software security as non-functional issue?
    - What are the key challenges for managing software security in general and in DevOps environments?
    - Best of breed vs Best of suite – Which is the right approach?
    - The difference between interactive application security testing (IAST) and dynamic application security testing (DAST)? Can IAST replace DAST?
    - How to manage and reduce application security risk at scale

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • How ATOS Uses PlateSpin Migrate Recorded: May 22 2019 52 mins
    Stephan Riebroek, Jo de Baer
    This webinar is brought to you by the Vivit Automation and Cloud Builders Special Interest Group (SIG).

    In this webinar, you will learn all about Micro Focus PlateSpin; what it is and how can this tool be used to migrate workload from one place to another. The speaker will also explain how the migration to different platforms is setup. After attending this webinar, you will know:

    • The core principles of 'lift-and-shift" server migration
    • How ATOS is using PlateSpin to successfully migrate customer applications to the cloud and other platforms
    • What major features were recently added to PlateSpin and what the future road map looks like
  • How We Approached Evaluation of ALM Octane and Now Run Agile Testing Recorded: May 16 2019 60 mins
    Gerd Fladrich, Risang Sidik
    This webinar is brought to you by the Vivit Testing Quality ALM Special Interest Group (SIG).

    Join this webinar that will demonstrate how BNP Paribas started and performed evaluation of ALM Octane and is now using the tool to run complete agile testing lifecycles. The testing lifecycle will be presented as a live demo that follows Behavior-Driven Development (BDD) methodology and uses Gherkin notation for defining test suites.

    The testing lifecycle starts with definition of requirements and user stories, heavily builds on test automation and advanced reporting, manages and synchronizes defects across tools, and feeds learnings from testing back into the requirements. It uses an integrated development and testing infrastructure including products like Confluence, Jira, Micro Focus ALM, Micro Focus ALM Octane, Jenkins, GIT, Cucumber, IntelliJ, TestCafe, and others.

    BNP Paribas’s journey with agile test automation using ALM Octane started in 2017. The webinar presents in a nutshell how evaluation of ALM Octane was approached and conducted. It explains how new methods were introduced with the objective to leverage full tool functionality. The initiative has soon helped to increase testing efficiency and created important business value.

    Webinar participants will learn:

    • How BNP Paribas has conducted evaluation of ALM Octane
    • Why ALM Octane is much more than just a successor of ALM/Quality Center
    • How ALM Octane eases flexible management of its entire surrounding tool chain
    • Why methodology like BDD shall precede tools, and not vice versa
    • How Gherkin establishes a common language for the entire agile development lifecycle that helps integrating business, development, and testing
    • How to use ALM Octane for pipeline management, reporting, defect synchronization, import of performance testing and BPT results, integration of in-sprint testing etc.
  • Turning a Service Management Support Engineer Effortlessly into Learning Content Recorded: May 9 2019 50 mins
    Anna Marie Jupp
    There are many challenges facing those who work in the ITSM field. It seems the most significant challenge is the constant changes, whether they are within the tools and customers you are supporting, the on-and-off boarding of employees, or the changes in your ITSM solution from upgrades or total replacement. The Micro Focus Adoption Readiness Tool can help you guard against these changes affecting your business.

    • How to stop your knowledge leaving the building when the SME’s move on
    • How to put together a knowledge repository and maintain your content efficiently
    • How to create new content on the fly
    • How to make this knowledge available for everyone at the point of need
  • Kubernetes in the Cloud Recorded: May 2 2019 61 mins
    Matt Baldwin, NetApp and Former Founder StackPoint Cloud; Ingo Fuchs, NetApp; Mike Jochimsen, Kaminario
    Kubernetes (k8s) is an open-source system for automating the deployment, scaling, and management of containerized applications. Kubernetes promises simplified management of cloud workloads at scale, whether on-premises, hybrid, or in a public cloud infrastructure, allowing effortless movement of workloads from cloud to cloud. By some reckonings, it is being deployed at a rate several times faster than virtualization.

    In this presentation, we’ll introduce Kubernetes and present use cases that make clear where and why you would want to use it in your IT environment. We’ll also focus on the enterprise requirements of orchestration and containerization, and specifically on the storage aspects and best practices.

    •What is Kubernetes? Why would you want to use it?
    •How does Kubernetes help in a multi-cloud/private cloud environment?
    •How does Kubernetes orchestrate & manage storage? Can Kubernetes use Docker?
    •How do we provide persistence and data protection?
    •Example use cases
  • DevOps Adoption in The Real World – 3 Ways to Drive Test Centric Continuous Deli Recorded: Apr 30 2019 59 mins
    Julian Fish, Wes Godard
    As Enterprise DevOps adoption hits the mainstream, organizations are looking to streamline and simplify their Development and Testing practices through the use of Continuous Integration (CI) and Continuous Delivery (CD). Whilst CI and CD practices can provide significant benefits, such transformations are often led by Development teams, where little thought is given about the impact that the process and technology changes will have upon testing organizations, and the need to fully align all areas of the application delivery pipeline.
    In this live webinar, join Micro Focus to understand:
    • How development, test and release processes and pipelines can be easily and simply aligned
    • How test automation can be a core component of your CD pipeline and why an orchestrated DevOps toolchain is key to successful DevOps transformation
  • Introducing a Security Feedback Loop Recorded: Apr 25 2019 31 mins
    Dan Garfield, Chief Technology Evangelist, Codefresh.io
    We’re all looking at ways to prevent vulnerabilities from escaping into our production environments. Why not require scans of your Docker images before they’re even uploaded to your production Docker registry? SHIFT LEFT!

    When your engineers get information about security vulnerabilities earlier, they're more efficient with fixes!

    Join Codefresh, as we demonstrate setting up vulnerability and compliance thresholds in a CI pipeline. We will show you how to give your teams access to your Docker images’ security reports & trace back to your report from your production Kubernetes cluster using Codefresh.
  • New Enterprise Application and Data Security Challenges and Solutions Recorded: Apr 25 2019 61 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    With sensitive data residing everywhere and the breach epidemic growing, the need for application and data protection solutions has become even more critical.

    Join Ulf Mattsson, Head of Innovation at TokenEx as he discusses:

    - New Security Challenges to Applications and Data in Cloud
    - New requirements from Regulations
    - Application and Data Security solutions for the Enterprise
    - Trends in integration of Security into Application development
    - Automating Security tasks in the Open Application development process
    - The new API Economy
    - Application Security in the new API Economy
    - Latest developments and standards in Identity Management for The API Economy
    - Emerging Data Protection options for Public, Hybrid and Private Cloud.
  • [Panel] Harnessing Knowledge: The State of Enterprise Application Security Recorded: Apr 25 2019 61 mins
    Daniel Blander, Virtual Clarity (Moderator), Joseph Feiman, CSO, WhiteHat Security & Paul Farrington, CTO, Veracode EMEA
    As organizations strive to transform themselves for the digital economy, application development is moving further into the spotlight - and right behind it is application security.

    So in 2019, AppSec can make or break a business. Instead of being overwhelmed by this pressure, there are tools and processes on the market that can help your application both meet and exceed business and security demands.

    From infrastructure-as-code models to API security and DevOps, learn from this panel of global experts how to harness knowledge and accelerate application release cycles, improve security and transform your business.

    Moderator: Daniel Blander, Virtual Clarity
    Panelists:
    Joseph Feiman, Chief Strategy Officer, WhiteHat Security
    Paul Farrington, CTO, Veracode EMEA
  • A Journey into Open Development with Lloyds Banking Group Recorded: Apr 25 2019 28 mins
    James McLeod, Software Engineering Lead, Lloyds Banking Group
    Lloyds Banking Group is a financial services group with millions of customers and a presence in nearly every UK community, both online and on the local high street. With more than one million businesses serviced through their brands, the hopes for creating the bank of the future is firmly locked in the sights of this digitally transforming organization.

    In order to hit their ambitious goal, Lloyds Banking Group is changing from a traditionally introverted bank, hardened to risk through years of manual process, into an open and collaborative organization where innovation and experimentation are driven by engineering and automation.

    During this talk you’ll learn how Lloyds Banking Group journeyed into Inner Source with the formation of engineering guilds and how this lead to the adoption of GitHub Enterprise from proof of concept to widespread use. We’ll also explore how engineering guilds formed the GitHub Enterprise Working Group to share successes and educate on best practices, while safeguarding the operation of their engineering community.

    Finally, we’ll tell the story of how Lloyds Banking Group is moving fast toward Open Source, powered by the determination and ambition of Lloyds Engineering and the Lloyds Banking Group Open Source Mission.

    About the speaker:
    James McLeod is a passionate Software Engineer with a belief in open collaboration and a drive for growing engineering communities.

    James’ role as Software Engineering Lead at Lloyds Banking Group focuses on guiding the engineering community, listening to feedback, and removing barriers through leading and advocating for Lloyds engineering guilds and Inner Source collaboration.

    His energy and passion goes beyond the workplace where James is the founder of ‘React London–Bring Your Own Project’ – a rapidly growing London meetup, with over 1300 active members.
  • Making Continuous Security in Applications a Reality Recorded: Apr 24 2019 43 mins
    Aaron Weaver - Application Security Architect, OWASP and DefectDojo
    You’ve probably heard many talks about DevSecOps and continuous security testing but how many provided the tools needed to actually start that testing? This talk does exactly that. It provides an overview of the open source AppSec Pipeline tool which has been used in real-world companies to do real security work. Beyond a stand-alone tool, the OWASP AppSec Pipeline provides numerous docker containers ready to automate, a specification to customize with the ability to create your own implementation and references to get you started.

    The talk will also cover how to add an AppSec Pipeline to your team’s arsenal and provide example templates of how best to run the automated tools provided. Finally, we’ll briefly cover using OWASP Defect Dojo to store and curate the issues found by your AppSec Pipeline. The goal of this talk is to share the field-tested methods of Aaron Weaver - If you want to start your DevSecOps journey by continuously testing rather then hear about it, this talk is for you.
Trends and insights for developing apps and maintaining service
The webcasts in this channel will highlight trends and best practices for the application development lifecycle as well as how to make sure your application maintain a steady level of service.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: [Panel] Harnessing Knowledge: The State of Enterprise Application Security
  • Live at: Apr 25 2019 3:00 pm
  • Presented by: Daniel Blander, Virtual Clarity (Moderator), Joseph Feiman, CSO, WhiteHat Security & Paul Farrington, CTO, Veracode EMEA
  • From:
Your email has been sent.
or close