Name: Optimizing and Maturing an AppSec Program
Start: 2019-05-21T17:00:00Z
End: 2019-05-21T17:00:59.000Z
Location: BrightTALK
Rating: 0

CyberRes is now OpenText™ Cybersecurity – Reduce risks, preserve trust, contain disruption, and make your business resilient to today's and tomorrow's cyber threats.
OpenText™ Cybersecurity helps organizations of all sizes protect their most valuable and sensitive information. Our portfolio of end-to-end security solutions offers businesses a resilient security foundation with 360-degree visibility across their organization, enabling them to enhance security and trust every step of the way. To find out more, visit: https://www.cyberres.com 

Weak passwords are notoriously vulnerable to phishing, brute force attacks, and social engineering. Increasingly, enterprises are removing them altogether, to eliminate these attack vectors and make it significantly harder for unauthorized users to gain access.

This webinar (March 12, 2024) explore a new survey from Dark Reading and OpenText on the use of traditional credentials among industry professionals and their urgency to move beyond them. 

We’ll also cover the benefits IT and Security teams can expect by adopting a passwordless paradigm.

About OpenText IAM:
NetIQ Identity and Access Management Platform provides comprehensive workforce and customer identity solutions to enterprise scale organizations – leveraging Identity to provide secure access, effective governance, scalable automation, actionable analysis and insight across their Cloud, Mobile, & Data platforms. 

NetIQ is part of OpenText Cybersecurity. OpenText has completed the purchase of Micro Focus, including CyberRes. Our combined expertise expands our security offerings to help customers protect, detect, and evolve their security posture. They can confidently be their best—and more secure—across their entire organization.

LEARN MORE at the NetIQ homepage: https://www.microfocus.com/en-us/cyberres/identity-access-management

State of Passwordless: Latest insights from OpenText

In this demo video, discover how you can cull data at the point of collection—for efficient investigation, legal, compliance, regulatory, or other business needs.

Demo: Reducing cost and complexity with streamlined data collection

This session discusses the impact big data is having on the collection of ESI and how to address the associated time, resource and financial challenges eDiscovery professionals face.

The Importance of Information Assurance in Today’s Big Data World

This session discusses the steps you can take to reduce your collection costs by as much as 90% while also eliminating the risks associated with over-collection.

Streamline and Save: Smart ESI Collection Strategies for eDiscovery

In today's digital landscape, the need for robust application security has never been more critical. With cyber threats constantly evolving, organizations must ensure that their software is resilient against potential vulnerabilities. But where do you start when it comes to establishing an effective application security program?
Join us for an insightful webinar, "Jumpstarting your AppSec Program with Fortify on Demand," as we explore how you can fortify your applications and defend against security breaches with confidence. Hosted by industry experts, this session will provide a comprehensive overview of leveraging Fortify on Demand, a cutting-edge managed application security solution, to kickstart your AppSec journey.
 
Key Topics Covered:
1. The Evolving Threat Landscape: Understand the current cybersecurity landscape and the pressing need for application security.
2. The Basics of Application Security: Gain a foundational understanding of application security principles and best practices.
3. Introduction to Fortify on Demand: Learn about Fortify on Demand, its features, and how it can empower your organization's security efforts.
4. Getting Started with Fortify: Practical steps for implementing Fortify on Demand and integrating it into your software development lifecycle.

Jumpstart Your AppSec Program With Fortify on Demand

In this session, we will discuss the security and business limitations of static authentication implementations. Discover the value of dynamic access control and find out how your organization can achieve it.

Raising access security without driving users crazy

Guest speaker Heidi Shey is a Principal Analyst at Forrester serving security and risk professionals. Her research primarily focuses on data security and privacy strategy, policies, and related technology controls. She will discuss Data Security Platforms, the new market segment defined in The Forrester Wave™: Data Security Platforms Q1 2023, with an overview of the research, key points not to miss, and a view to the future. Join us for a conversation with Heidi on the convergence of data security, privacy, and governance use cases. You’ll gain insights you can put into practice, including:

• Ways to achieve continuous data visibility to understand data value and risk
• How security and risk professionals are addressing data protection
• Operationalizing data security and privacy practices

Data Security Platforms - Present and Future

Today, passwordless authentication technologies are being used for more than multi-factor authentication. They are used to improve usability and resist phishing attacks while keeping friction low. Unfortunately, too often, deployment and implementation barriers prevent organizations from adopting password technologies to the level they want.

In this webinar, we will cover the following:

Considerations for selecting authentication methods and devices
Enrollment strategies for different methods
Forming a long-term strategy and set of practices for managing and maintaining your authentication environment

Scaling Passwordless Authentication

While the landscape of application development continues to evolve, organizations have been transitioning their application development and workflows to the cloud, taking advantage of its scalability, flexibility, and cost-efficiency. However, with the benefits of DevOps come the challenges of bringing your security tools with you into that cloud environment. Fortify Hosted is designed to transition with your developers to continue driving secure application development as you move from on-prem to cloud environments by providing Fortify application security capabilities in a cloud-based SaaS offering.
Join us for this upcoming webinar as we discuss:
• How to manage software security activities in the cloud without worrying about infrastructure
• How to remediate vulnerabilities more easily with an enterprise-grade AppSec platfrom that provides a central view of risk
• How to integrate into your DevSecOps pipeline in the cloud, enabling seamless AppSec testing for every release

Secure DevOps in the Cloud with Fortify Hosted

With the ongoing expansion of multi-factor technologies to secure digital access for employees and consumers, the strong authentication market is forecast to continue its double-digit growth for at least the next five years. Add in the increasingly mainstream expectation of passwordless capabilities, and this growth will likely keep going.
In this webinar, Jim Gerken and Chris Barngrover review passwordless authentication best practices and how NetIQ enables organizations to deploy it across their environment.

Make authentication as advanced as your business

Join us for an informative webcast sponsored by OpenText™ Voltage™, where we will explore the critical topic of privacy compliance obligations in the United States and Canada. In this webcast, we will delve into the challenges faced by organizations in meeting current and emerging privacy regulations and provide valuable insights from the analyst report Privacy Compliance in North America: Status and Progress in 2023 by Osterman Research.

Discover how organizations are navigating the complex landscape of privacy regulations, ensuring the appropriate protection of data and extending rights to individuals. Gain a deeper understanding of the implications of elevated privacy requirements and their impact on various industries.

Key highlights from the report include:
• The disconnect between claims of maturity and actual security realities.
• The growing trend of extending synthesized rights from state-level regulations to all residents in the United States.
• Insights into the commitment of compliance and legal teams towards privacy.
• Challenges faced in identifying and protecting sensitive data.
• Strategies for elevating protections and improving readiness for the next wave of privacy regulations.

Don't miss this opportunity to gain valuable insights into privacy compliance practices and stay ahead of the evolving regulatory landscape. Register now for this informative webcast sponsored by OpenText™ Voltage™.

Data Privacy Compliance: A Look at Current Progress and Future Roadmap

Join this webinar to learn how to secure your APIs against today's threat actors. Stan Wisseman, Head of North America Security GTM, will discuss how modern applications are different, the basics of APIs, and how to control API risks.

Fortify Your APIs to Make Sure They're Battle Ready

Modern-day software development depends heavily on third-party components, libraries, and frameworks. However, attackers are increasingly targeting these software building blocks to compromise enterprise applications. Legacy systems, faulty code, and stretched resources are working against application security teams, but there is a path forward. 

Join us for this free webinar to hear from experts about the latest tactics to fortify your software supply chain against an ever-expanding attack surface. You’ll learn about:  

• How to get a comprehensive view of the software supply chain. 
• Software attack vectors you might not have considered. 
• How to manage risk from libraries, frameworks, and other third-party components. 
• And more…

Shoring Up the Software Supply Chain Across Enterprise Applications

The application security market continues to evolve as organizations recognize that security risk needs to balance with business imperatives. Fortify partnered with DarkReading to interview hundreds of AppSec professionals and developers to discover the key challenges this ever changing landscape has created.

Based off the survey and research data, it's evident that regardless of the pace of change in technology transformation (the explosion of APIs, microservices, IaC innovation and cloud technology) there’s still a lot of room for maturity and growth in most organizations.

Did you know, that while the majority (57%) of organizations are implementing DevSecOps, almost 3 in 10 (29%) haven’t yet but plan to in the next year. Crazy as it sounds, a full 14% are not doing so and have no plans to.

Static application security testing (SAST) is becoming the norm. (56% use SAST and perform appsec assessments). But dynamic analysis (DAST) is still lagging at only 45% implementation.

There is still over 30% of organizations looking to implement MAST and almost half (46%) of organizations we surveyed are planning implementation of SCA.

Join us as we explore the key findings, implementation challenges, factors influencing tool adoption, and key take-aways.

Special note: Martin Hell (from Debricked) will be joining us to share their research on the State of Open Source Security.

Key Takeaways from the 2023 State of Code Security Report

How are cybersecurity priorities changing in 2023? CIOs and CISOs are responding to changing technology and data breach trends, the economic outlook, and escalating regulatory demands for cybersecurity and data privacy. Guest speaker Michael Sampson of Osterman Research uncovers CISO and CIO assessments of their own organizations’ relative cybersecurity strengths and weaknesses, and how and where they’re placing spending priorities. 

Hear the research results and implications for four focus areas: applications, data, cloud platforms, and on-premises infrastructure.
• What types of cybersecurity incidents did respondents experience last year?
• Where do they see the biggest gaps between current and desired security posture?
• What are their top investment priorities?
• What is the impact of the Board of Directors on cybersecurity approaches?

Download the Osterman Report to learn more about the top cybersecurity investment priorities for CISOs and CIOs in 2023: https://www.microfocus.com/ostermanreport2023

Top Cybersecurity Investment Priorities for CIOs and CISOs in 2023

Join our Data Science Team for a deep dive into the models and math that drive the behavioural analytics within ArcSight Intelligence. See what makes us different from other “AI” solutions on the market and learn how a data science-first approach can revolutionize your security posture.

Beyond the Buzz – Under the Hood of AI and ML in Cyber

Beyond the capabilities of NetIQ Identity Governance, a successful use of it depends on the teams involved knowing how to onboard, manage and maintain their governance environment. In this webinar, Jim Montgomery will teach attendees how to adopt governance best practices.

• Learn the concrete differences between identity synchronization and modern identity governance 
• Learn deployment and onboarding best practices
• How to ensure long-term and scalable success, leveraging the IGA investment

Scaling IGA to Cover the Whole Enterprise

Discover how Identity Powered Zero Trust helps eliminate potential threats and data breaches on Tuesday, January 24th. Zero trust is about recognizing who is trying to access and whether or not they should be able to access. During this webinar we will provide best practices for implementing Zero Trust strategies around identity and how NetIQ's holistic approach can help you better understand your overall security posture as well as:

• How to detect a compromised user account?
• How to gain more visibility, oversight, and control over your own environment?
• How to measure your security policies and whether or not they are working as they should?
• How to drastically limit the scope of your exposure to threats?

Zero Trust Series: Boost security with Identity Powered Zero Trust

Many organizations turn to the guidance provided by the OWASP Top 10 for their application security programs. While this is a great way to get started, a more mature and optimized program is needed to avoid being the next headline. Over 60% of applications tested by our software security research team last year had one or more critical or high-severity security flaw NOT covered by the OWASP Top 10. Organizations that only test or mitigate security risks found within these Top 10 are still very vulnerable to attacks. In this webinar, we discuss steps to take to mature your application security program, along with some success stories of companies that have done this with the help of Micro Focus Fortify.

Optimizing and Maturing an AppSec Program

Application Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Optimizing and Maturing an AppSec Program

Presented by

About this talk

More from this channel