Secure By Design: Ensuring That Security Is Built In
As software becomes a bigger component of the value delivered by companies in every industry, it is no exaggeration to say that every company is becoming a software company that is competing with software.
Companies are pushing the envelope on how to tool up their internal software factory to make software better, faster and more efficiently. By necessity, developers more often assemble software than create it from scratch, as they are more frequently incorporating open source libraries to speed up time-to-market. However, as open source libraries increase, so do the number of vulnerabilities, resulting in increased risk.
In this session, Chris Wysopal, Chief Technology Officer and Co-Founder at CA Veracode discusses what it means to build software secure by design. He will describe how to build a software development process that has continuous security, is measurable, and is transparent.
TOPICS:
|
|
|
Cloud Security with Continuous Security Validation
How do you manage your security portfolio? Do you use regulatory frameworks as a basis? As a target? Experience shows that these frameworks are an important starting-off point but should not be considered the targeted end-state.How confident are you that your controls will function correctly during a real attack? Time and time again, we see that having the controls does not mean they will work in a real emergency. If they don’t work as intended, is it because they’re not configured correctly? Or do you have a gap? Congratulations! You invested in getting the best of breed controls and the best talent to configure, manage, and monitor these. Now, how do you test your cloud environment? You know how to test your controls, but when should you do it? And how often? Most frameworks and best practices guidelines suggest you do so annually or when you make a major change to your environment, but how does the external threat landscape come into consideration? You now have the insights and data to show your controls will function in a real-world attack. How do you use this intel when talking to your board? Is it always doom and gloom or is celebrating successes equally important? This presentation makes a case for integrating continuous breach attack simulation as a practical approach to rationalizing your security portfolio. We examine the notion of abiding by the spirit of the compliance framework vs. the letter of that framework and discuss how you can get the most benefit out of your security controls through simulating real-world scenarios without risk to your environment. We then conclude with the positive impact that performing continuous breach attack simulation can bring to your communications up to the executive and board level.
TOPICS:
|
|
|
How Security Researchers Strengthen the DOD's Security
On July 4th, 2022, Chief Digital and Artificial Intelligence Office (CDAO), Directorate for Digital Services (DDS), DoD Cyber Crime Center (DC3), and HackerOne publicly launched the Hack U.S. bug bounty challenge, allowing ethical hackers from around the globe to earn monetary rewards for reporting of critical and high vulnerabilities from within the DoD Vulnerability Disclosure Program (VDP) published scope.
Watch this webinar to hear Corben Leo, a security researcher from the Hack U.S. program, discuss:
-How the Hack U.S. Bug Bounty Challenge was performed
-Results of the Hack U.S. Bug Bounty Challenge
-Key differences between VDP's and bug bounty programs
-How both VDP's and bug bounty programs can benefit your agency
TOPICS:
|
|
|
Symantec Protection Suite Challenge
Check out this demo to take Symantec's Protection Suite Challenge and see how your network security stacks up so you can focus on your business.
|
|
|
Lowering Risk by Applying Consistent Security Across All of Your Locations
Security in today's IT infrastructure presents challenges to all sorts of organizations, but especially to distributed enterprises. Branch offices and remote locations are often less secure than the headquarters or main data center location. Watch this webcast to learn how and why you should ensure that every location is properly secured.
|
|
|
Symantec IM Manager
Symantec IM Manager 8.2 seamlessly manages, secures, logs, and archives corporate instant-messaging traffic with certified support for public and enterprise IM networks.
|
|
|
If Developers Own Security Testing in DevOps - What is Security's Role?
Application security is “shifting left.” As the responsibility for ensuring the stability and security of software shifts to developers, what does this mean for security professionals? What does their job look like if developers are responsible for security testing?
Learn:
•What the security professional’s role and responsibilities look like in a DevSecOps shop
•The DevSecOps cultural changes that will affect security
•The attributes that security tools will need in this new landscape
•Best practices for security professionals looking to not only survive, but thrive, in a DevSecOps world
TOPICS:
|
|
|
How Cloud Security Defense Secures Your Cloud Infrastructure?
In a traditional data centre, you create one perimeter, secure it by installing firewall, WAF, SIEMS etc. and you should have confidence level to ensure your data centre is secure. However, when you migrate to cloud (whether it is SaaS, PaaS or IaaS), you may not know how to secure it. Whether to consider its native security or out-of-the box cloud security solutions. Since it is a public cloud you have to be more cautious no matter how secure your crown jewel or meet regulatory compliance. Secure workload, data and source code are extremely important when you are moving to the cloud.
TOPICS:
|
|
|
Cisco Security Suites Delivered by Security Cloud
Cisco is committed to simplifying the complexity of security solutions while continuing to improve our customer’s security posture. Security should be reliable, friction free, and easy to buy. The Cisco Security Suites are delivered though the Cisco Security Cloud and designed with clear outcomes in mind. They’re powered by AI (Artificial Intelligence) and built to protect what matters most, because a business is only as strong as their security.
TOPICS:
|
|
|
Cisco Security Suites Delivered by Security Cloud
Cisco is committed to simplifying the complexity of security solutions while continuing to improve our customer’s security posture. Security should be reliable, friction free, and easy to buy. The Cisco Security Suites are delivered though the Cisco Security Cloud and designed with clear outcomes in mind. They’re powered by AI (Artificial Intelligence) and built to protect what matters most, because a business is only as strong as their security.
TOPICS:
|
|
|