 |
Shifting from a Test-Dependant to Design-Driven Organization  |
|
|
Application penetration testing is a great way to assess the
risk of vulnerabilities before deployment, but should merely
serve as a backstop to prove your application was designed
securely. This webcast will discuss requirements and design
best practices and how they yield efficiency gains and
reduced vulnerabilities throughout the lifecycle |
|
|
|
|
|
Six Key Security Activities for Software Engineering &
Development |
|
|
Adopting a security engineering mindset to application
development means that security is considered from project
inception through deployment. This webcast will present six
security engineering activities that can be leveraged to
refine and extend their existing life cycle activities. |
|
|
|
|
|
Hunting Down Vulnerabilities in your Code: Effective Review Techniques |
|
|
A security-focused code review is one of the most important
activities that you and your team can do in order to improve
the security of your software. You can use a security code
review to find vulnerabilities in code that is not yet ready
to test or to find problems that would be very hard to find
with testing techniques. This webcast describes the
activities, process and tools that you need to find security
problems in your code quickly and effectively. |
|
|
|
|
|
The Future of Application Security -Smarter Spending, Less
Churn |
|
|
Finding, fixing and preventing software application
vulnerabilities has long been considered an expensive and
time-consuming process – not so anymore. Organizations now
have direct access to the knowledge, technology and proven
processes that can tackle software application security with
greater effectiveness and yield higher ROI. This Webinar
will demonstrate how to do so. |
|
|
|
|
|
Next Generation Static Code
Analysis - Fast, Accurate and Primed |
|
|
Static source code analysis (SCA) provides the means to
discover security defects early in the development lifecycle,
but the current generation SCA tooling is prone to reporting
“false positives”. This webcast will discuss how new generation
static analysis tools can restore the industry’s confidence
in automated code scanning as a viable means of catching
problems early. |
|
|
|
|
|
Creating Secure Code - and Cultivating a Defensive Mindset
|
|
|
This webcast addresses common coding
pitfalls and design errors and provides practical and
effective techniques developers can employ to reduce the
susceptibility of code to vulnerabilities. |
|
|
|
|
|
TeamMentor - Secure Software
Development in a Box |
|
|
Learn how
TeamMentor,
a unique secure development guidance system, helps software
teams build and deploy more secure software by providing
just-in-time and accurate guidance through all phases of the
development process. |
|
|
|
|
|
Fundamentals of Information Security
|
|
|
This webcast presents the concepts of
threats, risks and business continuity and describes how
attackers tend to penetrate an organization's assets.
Attendees will learn how to recognize information security
concerns and respond accordingly using a set of best
practices. |
|
|
|
|
|
Writing Secure Code in ASP.Net |
|
|
This webcast, delivered by a seasoned
developer and software security expert, addresses common
coding pitfalls and design errors and offers practical
techniques developers can employ to minimize
the likelihood of introducing vulnerabilities into their ASP.NET code. |
|
|
|
|
|
A Proactive Approach to Building a Successful Security Development Lifecycle (SDL)
|
|
|
A good offense starts with security as part
of the whole development lifecycle and requires specialized
security knowledge and tools that organizations can adopt
quickly and with minimal disruption to their development
process. Three industry leaders discuss why and how you can
get your organization on the right path. |
|
|
|
|
|
The Most Dangerous Vulnerabilities – Finding, Understanding and Mitigating Them
|
|
|
This webcast, presented by a Senior Security Trainer and Security Testing
practitioner, highlights the three most dangerous vulnerabilities that often slip past conventional testing efforts
- helping you assess your own capabilities and determine whether or not you are properly prepared to defend against them. |
|
|
|
|
|
Software Security: An ISO 27002/ITIL Perspective
|
|
|
With the advent of new regulations around data security and privacy,
executive decision-makers can no longer afford to relegate software
security to a lesser role. This talk introduces a new way of elevating
software security to its rightful position within larger IT security
risk management frameworks such as ISO 27002, PCI DSS and ITIL. |
|
|
|
|
|
Application Security Maturity (ASM) Model and
Roadmap
|
|
|
Security Innovation analyzed application security data points from
client engagements over a span of nearly 10 years and distilled the
data into a diagram, which explains where each organization fits
into the maturity continuum of three application security phases.
This webcast allows organizations to see where they fit into the
model and offers tips for progressing to a state of high
maturity. |
|
|
|
|
|
Tough Application Security Questions to Ask Your Software Vendor
|
|
|
The overall “risk” that a piece of software carries has as much to do
with how a vendor supports it as it does with how secure the code is.
Vulnerabilities cost a besieged company money and deploying security
patches is expensive. This webcast offers fifteen questions that organizations can ask to assess a vendor’s
commitment to security. |
|
|
|
|
|
Web Security Urban Legends
|
|
|
This webcast discusses the inherent security challenges of Web
applications and urban legends that lead to a false sense of
security. Topics include outside and inside threats of web
applications, limits of Network Security systems, the two most dangerous web vulnerabilities, and
counter-measures to help protect your enterprise. |
|
|
|
|
|
Tackling PCI-DSS and 6.6 Requirements
|
|
|
Two industry experts, with more than 20 years of application security
and PCI Compliance experience, will discuss important changes to
requirement 6 of the PCI-DSS. Attendees will gain a clear
understanding of the specific actions that must be taken to comply
with the new requirements. |
|
|
|
|
|
Secure Software Design
|
|
|
Many software development teams fundamentally lack adequate security expertise and
unknowingly incorporate vulnerabilities into their applications.
This webinar will bridge this knowledge gap and arm development
teams with principles and techniques for secure software design. |
|
|
|
|
|
The Art of IT Risk Threat Modeling |
|
|
Threat modeling can quickly assess hundreds of applications, be
leveraged for better risk management decisions, and integrate into
risk management frameworks. This webcast examines the critical
activities involved in threat modeling and demonstrates its benefits
in the context of IT risk management. |
|
|
|
|
|
Building a Sustainable PCI Program (and Achieving Payment Brand Safe Harbors)
|
|
|
This webinar offers practical advice and tips on how to achieve sustainable PCI
compliance at a reasonable cost and with improved security. It
offers a risk
management approach to information security where you aim for data
security and become compliant along the way. |
|
|
|
|
Techniques to Quickly Understand Your Application Security Risks
|
|
|
Applications pose inherent risks that need to be understood if they are to
be mitigated. In this presentation, you'll learn effective ways to gain a quick and clear understanding of
your most imposing threats and how to reduce your overall
risk. |
|
|
|
|
|
How to Break Software Security
|
|
|
Proactive organizations invest heavily to
ensure that their software development teams attain the
specialized knowledge needed to conduct effective security
testing. This webcast provides an overview of the techniques
needed to effectively recognize and expose security flaws in
software. |
|
|
|
|
|
Biggest Application Security Mistakes Organizations Make
|
|
|
Organizations continue to make seemingly
avoidable mistakes when it comes to Application Security.
This webcast, presented by a seasoned veteran in the
Software Quality and Security space, will discuss the
underlying causes of security mistakes, specific mistakes
organizations make and best practices/infrastructure needed
for a secure process for software development and
management. |
|
|
|
|
|
How to Break Web Software
|
| |
The primary author of all
three “How to Break..” books will take you on a journey through the set of techniques
for breaking (from a security standpoint) web applications. This
talk covers all the normal basics (SQL injection, XSS, etc.) but
goes beyond that to more advanced and sinister attacks. |
|
|
|
|
Attacking Applications with Holodeck
|
|
Learn how to use Holodeck to discover and
exploit an application's entry-points (files, libraries,
api's, shared resources, etc.). Touches upon software
security principles, the value of fault-injection (Holodeck's
underlying engine) and monitoring/controlling entry points. |
|
|
