Fortify: Code Security Webinar Series

Modern software applications and products are assembled from dozens if not hundreds of components, many of which nowadays are open-source projects. Vulnerabilities like Log4J and Spring4Shell that came to light this year reinforce the need for organizations to rapidly mature the security of their software supply chains. The software industry is still early in our collective adoption of mature software supply chain controls. In this webinar, experts and customers will share some of the best practices that organizations can take to mitigate their software supply chain exposure.

Join our esteemed panelists for this discussion:

• Stan Wisseman
Micro Focus
CTO

• John Keane
CyberRes
Software Angel of Death, Former DoD

• Emil Wåreus
Debricked
Head of Data Science

• Kevin Greene
CyberRes
Chief Technologist, Federal

APIs are the most rapidly growing attack surface, but they still aren’t widely understood and can be overlooked by developers and application security managers. In this webinar, we will discuss cautions, best practices and approaches to ensuring the security and discovery of your organizations APIs.

The application security market continues to evolve as organizations recognize that security risk needs to balance with business imperatives. Fortify partnered with DarkReading to interview hundreds of AppSec professionals and developers to discover the key challenges this ever changing landscape has created.

Based off the survey and research data, it's evident that regardless of the pace of change in technology transformation (the explosion of APIs, microservices, IaC innovation and cloud technology) there’s still a lot of room for maturity and growth in most organizations.

Did you know, that while the majority (57%) of organizations are implementing DevSecOps, almost 3 in 10 (29%) haven’t yet but plan to in the next year. Crazy as it sounds, a full 14% are not doing so and have no plans to.

Static application security testing (SAST) is becoming the norm. (56% use SAST and perform appsec assessments). But dynamic analysis (DAST) is still lagging at only 45% implementation.

There is still over 30% of organizations looking to implement MAST and almost half (46%) of organizations we surveyed are planning implementation of SCA.

Join us as we explore the key findings, implementation challenges, factors influencing tool adoption, and key take-aways.

Special note: Martin Hell (from Debricked) will be joining us to share their research on the State of Open Source Security.

Modern-day software development depends heavily on third-party components, libraries, and frameworks. However, attackers are increasingly targeting these software building blocks to compromise enterprise applications. Legacy systems, faulty code, and stretched resources are working against application security teams, but there is a path forward.

Join us for this free webinar to hear from experts about the latest tactics to fortify your software supply chain against an ever-expanding attack surface. You’ll learn about:

• How to get a comprehensive view of the software supply chain.
• Software attack vectors you might not have considered.
• How to manage risk from libraries, frameworks, and other third-party components.
• And more…

Join this webinar to learn how to secure your APIs against today's threat actors. Stan Wisseman, Head of North America Security GTM, will discuss how modern applications are different, the basics of APIs, and how to control API risks.