Featured
The 2024 Guide to Open Source Security and Risk
Mike McGuire, Synopsys
Securing your software supply chain begins with knowing what’s in your code. With AI-generated code and ubiquitous open source software use, it’s never been more critical to understand what risks your software may contain. In fact, last year alone we found that 84% of codebases contained at least one open source vulnerability.
Join this live Synopsys webinar as we explore the findings from the 2024 “Open Source Security and Risk Analysis” report. We’ll cover:
• The state of open source software security
• Tips for mitigating risks and keeping vulnerabilities out of your supply chain
• How to protect against security and IP risks from AI coding tools
All episodes
-
Reduce Complexity & Improve TCO with AST Vendor Consolidation
Shandra Gemmiti, Director of Product Marketing, Synopsys
The proliferation of software across every industry poses significant challenges for teams that must both keep up with the fast pace of innovation and ensure that the software they build is secure. This has led to security tool sprawl, unnecessary complexity, increased operational costs and in many cases, a decreased ability to quickly assess risk. As a result, many organizations are looking to consolidate the number of security tools and vendors they manage to improve resource efficiency and overall risk posture.
In this webinar, we will discuss the key things necessary to capitalize on consolidation initiatives beyond a simple reduction of tools, and provide a roadmap for how organizations can realize these benefits rapidly.
-
Addressing API Security in Your DevSecOps Life Cycle
Andy Pan and Scott Tolley, Black Duck
Organizations face a variety of threats from malicious actors. With the proliferation of web services, APIs are the fastest-growing attack surface in the industry. It's time to act. Join this webinar to get answers to some of the most pressing questions, such as
• What are the current industry trends on API usage?
• What are the challenges in dealing with application and API security?
• What are the solutions to API security challenges?
• What is an example of a firm that has adopted an IAST tool for API security? -
AST Tool Consolidation: Reduce Complexity and TCO with ASPM
Hugues Martin, Sales Engineer Manager
The growth of software across every industry poses significant challenges for teams that need to keep up with the fast pace of innovation while making sure the software they put into production is secure. This has led to a proliferation of tools deployed by security teams. You may ask why? In simple terms, to tackle the increasing pressure of a larger and more sophisticated threat landscape. Ultimately, teams are now left with added complexity and friction in the SDLC and a bloated total cost of ownership (TCO).
As a result, Gartner indicates an increase in organizations pursuing vendor consolidation from 29% in 2020 to 75% in 2022 to tackle the cost and complexity of present day AppSec programs. But, consolidating vendors is only one part of the equation.
Join us, as we unlock the key to mastering software security in the era of rapid innovation. We delve into a differentiated approach to consolidation initiatives that extends beyond improving TCO.
Join now and understand how to:
- Streamline tools & processes to improve resource efficiency.
- Focus your teams with prioritized risk data across your security program.
- Deliver rapid, comprehensive risk insight for improved time to audit. -
The Four Truths of Securing Your Software Supply Chain
Matthew Brady, Senior Manager Sales Engineering and Mike McGuire, Security Solutions Manager at Synopsys
In the realm of secure software supply chains, it's evident that each one possesses its unique characteristics. Consequently, the strategies for ensuring their security are equally diverse. This variance often contributes to the widespread confusion surrounding the subject. But what if we could pinpoint the shared elements among all supply chain security endeavors?
Join us for a discussion on four fundamental truths observed across every secure software supply chain. Discover how these principles can propel your security initiatives forward.
Prepare to gain insights into:
- The impact of open source software on contemporary supply chains
- The significance of consistent and reliable risk assessment
- The role of automation in facilitating effective governance
- Establishing consumer trust through vendor practices -
DevSecOps in the Wild: Examining Global Security Factors in 2023
Steven Zimmerman, DevOps Security Solutions Manager
This year’s DevSecOps Report defines a vivid image of organizations’ journey to secure their software development pipelines, with intriguing conclusions about challenges, success factors, and risk exposure across industries and maturities. Integrating security controls across the development lifecycle and CI pipelines establishes mechanisms for rapid risk detection, accelerated remediation, and automated security gates. But aligning development, AppSec, and DevOps teams to realize a vision for secure DevOps requires a clear strategy.
Join us as we examine the key findings from the Synopsys 2023 DevSecOps Survey and discuss:
• The state of DevSecOps across roles and technologies
• What a maturing DevSecOps program looks like and which tools and practices foster growth
• Recommendations for how to integrate application security without impeding DevOpsRegister today.
-
The 2024 Guide to Open Source Security and Risk
Mike McGuire, Synopsys
Securing your software supply chain begins with knowing what’s in your code. With AI-generated code and ubiquitous open source software use, it’s never been more critical to understand what risks your software may contain. In fact, last year alone we found that 84% of codebases contained at least one open source vulnerability.
Join this live Synopsys webinar as we explore the findings from the 2024 “Open Source Security and Risk Analysis” report. We’ll cover:
• The state of open source software security
• Tips for mitigating risks and keeping vulnerabilities out of your supply chain
• How to protect against security and IP risks from AI coding tools