Name: Key Takeaways from the 2023 State of Code Security Report
Start: 2023-05-03T19:16:00Z
End: 2023-05-03T19:16:45.000Z
Location: BrightTALK
Rating: 0

CyberRes is now part of OpenText Cybersecurity. We bring the expertise of one of the world’s largest security portfolios to help our customers navigate the changing threat landscape by building both cyber and business resiliency within their teams and organizations. We are here to help enterprises accelerate trust, reliability, and survivability through times of adversity, crisis, and business volatility.

We are a part of a larger set of digital transformation solutions that fight adverse conditions so businesses can continue to run today, keep the lights on, and transform to grow and take advantage of tomorrow’s opportunities.  Visit CyberRes at: https://www.cybrerres.com

Join us for an informative webcast sponsored by OpenText™ Voltage™, where we will explore the critical topic of privacy compliance obligations in the United States and Canada. In this webcast, we will delve into the challenges faced by organizations in meeting current and emerging privacy regulations and provide valuable insights from the analyst report Privacy Compliance in North America: Status and Progress in 2023 by Osterman Research.

Discover how organizations are navigating the complex landscape of privacy regulations, ensuring the appropriate protection of data and extending rights to individuals. Gain a deeper understanding of the implications of elevated privacy requirements and their impact on various industries.

Key highlights from the report include:
• The disconnect between claims of maturity and actual security realities.
• The growing trend of extending synthesized rights from state-level regulations to all residents in the United States.
• Insights into the commitment of compliance and legal teams towards privacy.
• Challenges faced in identifying and protecting sensitive data.
• Strategies for elevating protections and improving readiness for the next wave of privacy regulations.

Don't miss this opportunity to gain valuable insights into privacy compliance practices and stay ahead of the evolving regulatory landscape. Register now for this informative webcast sponsored by OpenText™ Voltage™.

Data Privacy Compliance: A Look at Current Progress and Future Roadmap

Join this webinar to learn how to secure your APIs against today's threat actors. Stan Wisseman, Head of North America Security GTM, will discuss how modern applications are different, the basics of APIs, and how to control API risks.

Fortify Your APIs to Make Sure They're Battle Ready

Modern-day software development depends heavily on third-party components, libraries, and frameworks. However, attackers are increasingly targeting these software building blocks to compromise enterprise applications. Legacy systems, faulty code, and stretched resources are working against application security teams, but there is a path forward. 

Join us for this free webinar to hear from experts about the latest tactics to fortify your software supply chain against an ever-expanding attack surface. You’ll learn about:  

• How to get a comprehensive view of the software supply chain. 
• Software attack vectors you might not have considered. 
• How to manage risk from libraries, frameworks, and other third-party components. 
• And more…

Shoring Up the Software Supply Chain Across Enterprise Applications

How are cybersecurity priorities changing in 2023? CIOs and CISOs are responding to changing technology and data breach trends, the economic outlook, and escalating regulatory demands for cybersecurity and data privacy. Guest speaker Michael Sampson of Osterman Research uncovers CISO and CIO assessments of their own organizations’ relative cybersecurity strengths and weaknesses, and how and where they’re placing spending priorities. 

Hear the research results and implications for four focus areas: applications, data, cloud platforms, and on-premises infrastructure.
• What types of cybersecurity incidents did respondents experience last year?
• Where do they see the biggest gaps between current and desired security posture?
• What are their top investment priorities?
• What is the impact of the Board of Directors on cybersecurity approaches?

Download the Osterman Report to learn more about the top cybersecurity investment priorities for CISOs and CIOs in 2023: https://www.microfocus.com/ostermanreport2023

Top Cybersecurity Investment Priorities for CIOs and CISOs in 2023

Join our Data Science Team for a deep dive into the models and math that drive the behavioural analytics within ArcSight Intelligence. See what makes us different from other “AI” solutions on the market and learn how a data science-first approach can revolutionize your security posture.

Beyond the Buzz – Under the Hood of AI and ML in Cyber

Beyond the capabilities of NetIQ Identity Governance, a successful use of it depends on the teams involved knowing how to onboard, manage and maintain their governance environment. In this webinar, Jim Montgomery will teach attendees how to adopt governance best practices.

• Learn the concrete differences between identity synchronization and modern identity governance 
• Learn deployment and onboarding best practices
• How to ensure long-term and scalable success, leveraging the IGA investment

Scaling IGA to Cover the Whole Enterprise

Data Access Governance is a market segment that focuses on identifying and addressing threats that can come from inappropriate access to sensitive and valuable unstructured data – the file-based data that makes up 80 percent of an organization’s stored data.
NetIQ Data Access Governance is a market leader in the Data Access Governance market segment that meets the requirements of Data Access Governance, as well as delivers an extended set of additional features and benefits.

David Condrey, a recognized thought leader in Data Access Governance, will detail the risks that today make Data Access Governance a necessity for securing sensitive and high-value unstructured data and then share the specifics of five organizations that deployed NetIQ Data Access Governance.

Zero Trust Series: 5 Customer Experiences with Data Access Governance

As today's environments become increasingly complex and hybrid, many organizations face challenges enforcing security policies and access controls. NetIQ AD Bridge allows you to extend AD authentication and authorization to both non-Windows resources and cloud resources such as SaaS, containers, or virtual machines.

Consolidate policy silos with Universal Policy Administrator and address potential policy collisions and gaps.

Zero Trust Series: Universal Policy Admin & AD Bridge to Manage

Enterprises are increasingly embracing zero trust as a necessary strategy for securing the business and proactively managing risk. Identity and privilege access management are critical first steps to zero trust, but many have not gotten further than implementing multi-factor authentication. Privilege management and identity governance are emerging as a bigger focus for organizations, but defenders are still figuring out how to stay ahead of the rapidly changing digital landscape and all its threats.

This webinar explores the results of new research commissioned by NetIQ (part of CyberRes, a Micro Focus line of business) and conducted by Dark Reading. While many organizations have enabled multi-factor authentication, research results make a strong case that they are increasingly exploring a more comprehensive approach that integrates identity management and privileges management across Zero Trust environments.

Zero Trust Series: State of Zero Trust: Latest Insights from NetIQ

Discover how Identity Powered Zero Trust helps eliminate potential threats and data breaches on Tuesday, January 24th. Zero trust is about recognizing who is trying to access and whether or not they should be able to access. During this webinar we will provide best practices for implementing Zero Trust strategies around identity and how NetIQ's holistic approach can help you better understand your overall security posture as well as:

• How to detect a compromised user account?
• How to gain more visibility, oversight, and control over your own environment?
• How to measure your security policies and whether or not they are working as they should?
• How to drastically limit the scope of your exposure to threats?

Zero Trust Series: Boost security with Identity Powered Zero Trust

What if privacy could be a catalyst for growth and help solve broader business problems as well? As you look to change behavior, improve your privacy stance, and mobilize your operations to support global privacy regulations, consider the tools you have on hand and ask yourself, are they doing enough? What if there’s more beyond privacy policies and posture – technology that can help accelerate your organization forward?

Voltage advanced privacy-enabling technologies will give you, your team, and your organization that competitive edge. 

Join us to find out:
• How you can transform your privacy practice with secure analytics, data minimization, data retention, and information lifecycle management
• Into an engine that also drives competitive advantage, corporate sustainability, and cost containment

How Does Privacy Compliance = Innovation + Growth?

Can threat intelligence be your trusted, reliable partner in your SecOps workflows? Now there is a high-quality threat intelligence feed that automatically integrates into your SOAR/EDR engines in auto-block mode. Threat intelligence plays a pivotal role in your security portfolio, enabling you to proactively defend against and pre-empt cyberattacks. Unfortunately, many security professionals are having a hard time implementing, automating, and utilizing the vast array of threat intelligence available to their organizations. 

Listen to this recording as we tackle these challenges and highlight the importance of automating threat intelligence as a critical part of a resilient cybersecurity portfolio.

How I learned to trust my threat intelligence solution

Organizations are discarding the model of “Trust but Verify” and moving toward a zero trust model. That is, “Never Trust, Always Verify, Enforce Least Privileges.”

Effective implementation of zero trust requires a risk assessment of the access to data or the environment. And then, based on the risk level, facilitating authentication, authorization, privilege, and lifecycle management to meet compliance standards across modern, hybrid enterprises.

Zero trust also requires protection of data in use, in transit, and at rest while enabling adaptive access to trusted entities.

Join us to hear from: 

Fernando Mitre Caetano Moisés
Cybersecurity & Privacy Partner, PwC Brazil

Kevin Hansen
Chief Technology Officer, Public Sector at Micro Focus Government Solutions

Satyavathi Divadari
Chairman, CSA Bangalore

CSA Series: Enabling Zero Trust for the Cloud

Explosive growth of digitization and cloud adoption increased the threat landscape across different sources that include cloud, IoT, edge computing and many more.

Advanced threats evolved overtime that includes ransomware, attacks on cloud platforms, and IoT/ OT devices.

Extended threat landscape requires capabilities that includes centralized threat insights, early detection, proactive threat hunting, layered analytics, and automated response to address the concerns of internal threats and external threats such as local, regional, industry and global across sector levels.

CSA Series: Multi-layer Intelligence for Cyber Resilience

Application security continues to evolve from shifting left to shifting everywhere as we move further into a cloud-driven era.  Learn from our panel of experts as they discuss the challenges of cloud-driven application security in 2022 and the critical capabilities to address them.  With their experience and expertise, they will discuss the best strategies to allow software security risks to balance with business imperatives that accelerate the speed of digital innovation covering various topics such as:

• DevSecOps - Security must keep pace with the ‘everything-as-code’ era to transition from point of friction to enablement, without sacrificing quality.
• Cloud Native AppSec - The adoption of containers, microservices, APIs, serverless, infrastructure-as-code and other cloud-first technologies introduces new risks that must be addressed in the SDLC.
• Software Supply Chain - Increasingly a target for threat actors, it’s critical to ensure the software your organization delivers – comprised of open source, commercial and custom code – is properly secured during development.

CSA Series: Critical AppSec Capabilities that accelerate Cloud Transformation

Do you want to know how to take competitive advantage of multi-cloud while managing privacy and security effectively and efficiently? Find out from our panel of experts as they discuss the challenges of multi-cloud adoption, deliberate on solutions that enable privacy and empower zero trust, and describe how to reduce risk exposure with threat intelligence and automation.

With their experience and expertise, they will discuss the best strategies to enable the acceleration of multi-cloud with security solutions:

• How privacy enablement increases cost efficiencies and reduces risk with data minimization, monetization, and protection.
• How zero trust enablement helps in securing access to data and assets across multi-cloud.
• How threat intelligence helps in staying abreast of the latest and greatest threat actors attacking assets on hybrid-cloud.
• How Artificial Intelligence aids in reducing risk exposure, specifically on cloud.
• How to automate security and privacy-enabling technologies and reduce risk.

CSA Series: Privacy Enablement & Artificial Intelligence in the Multi-Cloud Era

This webinar is a preview of the recent release of the Cloud Security Alliance (CSA) research paper, titled "Technology and Cloud Security Maturity," sponsored by CyberRes, a Micro Focus line of business.

Our panel discusses diverse opinions of CISOs, CPOs, Security Strategists, and Solution Integrators around the technology evolution in the areas of cloud security and privacy.

You'll hear from: 
Jim Reavis
CEO, Cloud Security Alliance

Veronica Rose
Director, ISACA Board, Senior IS Auditor, KPMG

Bob Guay
Director, CISO, Emerging Security Technology, J&J

Stan Wisseman
Chief Security Strategist-NA, CyberRes

Satavathi Divadari
Chairman, CSA Bangalore (Moderator)

CSA Series: Evolution of Cloud Security & Privacy Technologies

The application security market continues to evolve as organizations recognize that security risk needs to balance with business imperatives. Fortify partnered with DarkReading to interview hundreds of AppSec professionals and developers to discover the key challenges this ever changing landscape has created.

Based off the survey and research data, it's evident that regardless of the pace of change in technology transformation (the explosion of APIs, microservices, IaC innovation and cloud technology) there’s still a lot of room for maturity and growth in most organizations.

Did you know, that while the majority (57%) of organizations are implementing DevSecOps, almost 3 in 10 (29%) haven’t yet but plan to in the next year. Crazy as it sounds, a full 14% are not doing so and have no plans to.

Static application security testing (SAST) is becoming the norm. (56% use SAST and perform appsec assessments). But dynamic analysis (DAST) is still lagging at only 45% implementation.

There is still over 30% of organizations looking to implement MAST and almost half (46%) of organizations we surveyed are planning implementation of SCA.

Join us as we explore the key findings, implementation challenges, factors influencing tool adoption, and key take-aways.

Special note: Martin Hell (from Debricked) will be joining us to share their research on the State of Open Source Security.

Key Takeaways from the 2023 State of Code Security Report

DevSecOps

Fortify

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Key Takeaways from the 2023 State of Code Security Report

Presented by

About this talk

More from this channel