Watch webinars about application security, DevSecOps, license compliance and software supply chain security.
As the microservices development environment becomes more and more popular in cloud-based companies, the CI/CD volume is getting bigger and bigger and is changing the way organizations such as LivePerson can integrate DevSecOps tools into their CI/CD processes. Join Nir Koren, DevOps CI/CD Team Lead at LivePerson, as he discusses: -Why it is crucial to...
Application security should be a critical part of the DevOps process, as these days even the smallest vulnerability can wreak major havoc should they lead to failures or data breaches. As a result, however, application security and vulnerability scanning tools abound for every step of the software development life cycle, which means more tools to...
There are a lot of myths in application security. By partnering with developers, Target has busted several common security myths and proved that an effective security program can take a different approach. This session will describe how to successfully implement a “credit score” to security measurement practices, build an exclusive security champions program, and stop...
Security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy orders of magnitude faster than human gating can achieve. What’s needed to add security to DevOps are tools that work well with rapid-cycle CI/CD pipelines and an approach...
The known open source core model had many challenges which led several companies to try and find a better licensing model. Join Matt Asay, Head of Open Source Strategy and Marketing at AWS, as he discusses innovative companies like Cloudera, Redis Labs, MongoDB and RackN, and their solutions to problems like competing with cloud providers...
Much has been written about the three pillars of DevOps—culture, technology and process—but less discussed is the “human” element of DevOps—what it takes from a people perspective to take care of those “doing DevOps” to promote success and prevent issues such as burnout or job dissatisfaction. This panel webinar looks at ways in which organizations...
It’s a fact: software development teams are constantly bombarded with an increasingly high number of security alerts. Since fixing all vulnerabilities is unrealistic, it’s imperative that teams find a method to zero in on the security vulnerabilities that matter. The key: prioritization. But, there’s a big question: Which is the best way to prioritize? There...
Enterprises and Developers already know the importance of managing vulnerabilities and dependencies, so why do so many still fall behind? Like maintaining good physical health, software projects require more than just good intentions – there needs to be sensible and achievable process that developers want to follow, and the rewards must outweigh the demands. In...
DevSecOps is usually a tool or fast speed approach to the organization. This talk, however, will take you through a different approach. With a holistic view of the organization, the security phoenix methodology takes into account a large organization with assessment, maturity matrix, scoring system and measurement options. We will walk through the problem of...
Digital transformation has been occurring in organizations of all sizes for the past few years, yet the process isn’t moving fast enough to move the needle in many companies. How can DevOps help increase the velocity and impact of digital transformation? This panel webinar discusses the relationship between DevOps and digital transformation and ways organizations...
The Covid-19 pandemic led to a lot of tech companies converting to remote teams almost overnight, and for some this may even become the norm. While conferencing such as Zoom are widely known for substituting for face-to-face meetings, it’s much less appreciated how the disruption has increased asynchronous communication approaches as people are not always...
With incident response and penetration testing currently receiving most of our application security dollars, it would appear that industry has decided to treat the symptom instead of the disease. “Pushing left” refers to starting security earlier in the SDLC; addressing the problem throughout the process. From scanning your code with a vulnerability scanner to red...
Waterfall, Agile, DevOps… it seems that every few years, a new methodology is born for optimum software creation. While these processes all have their strengths and weaknesses, the streamlining and red tape they often bring can feel like a hindrance to a developer’s main goal of building great software. So how do we shift secure thinking...
Your organization has already embraced the DevOps methodology? That’s a great start. But what about security? It’s a fact – many organizations fear that adding security to their DevOps practices will severely slow down their development processes. But this doesn’t need to be the case. Tune in to hear Jeff Martin, Senior Director of Product...
The continuous integration/continuous delivery market has gone through many changes since DevOps came on the scene, but it remains the backbone of the DevOps toolchain. Application release automation has also joined the ranks of must-have DevOps technologies. So where does the market stand currently and what can we expect to see in the next generation...
GitLab helps you to scale security across your Continuous Integration (CI) process enabling developers to test their code with every code change, right in their existing workflow. By seamlessly integrating WhiteSource’s security application testing solution in GitLab CI, we further reduce context switching and increase developer productivity. This enables developers and InfoSec professionals to work...
WhiteSource’s Annual Report on The State of Open Source Security Vulnerabilities in 2020 found that a record-breaking number of new open source security vulnerabilities in was published in 2019. In our research, we focused on open source security’s weakest and strongest points in the hopes of bringing some clarity to the fast-paced and complex space...
Open source security, once viewed as an oxymoron, has come into its own as a way for organizations to secure their environments without breaking their bank. As a result, a plethora of open source security technologies have flooded the market, creating more opportunity as well as challenges and a healthy dose of confusion. The webinar...
Have you considered what truly separates accidental vulnerabilities in open source from intentionally malicious releases? Although often grouped together as “vulnerabilities”, malicious open source components are very different, right from their very creation through to the way you mitigate and remediate them as an end user. The past 12 months saw a record-breaking time for...
Open Source has become the key building block for application development in today’s market, where companies are under constant pressure to accelerate time to market. The increasing adoption of open source components, however, has introduced new security challenges that most teams are not prepared to mitigate in their current posture. Join the industry expert, at...
In the runup to KubeCon + CloudNativeCon Europe, we’ll examine what’s happening in the Kubernetes and containers landscape, including new technologies, services and ecosystems worth knowing about as well as changes looming on the horizon.
Open-source components are prevalent in approximately 97% of modern applications and dominate anywhere between 60-80% of their codebases. This is hardly surprising given how integrating open source accelerates software development and enables organizations to keep up with today’s frantic release pace and standards of constantly supplying new features and improvements. However, taking into consideration the...
Most online attacks begin when a hacker discovers a single vulnerability in an enterprise application. But how can organizations eliminate these vulnerabilities before they are exploited? While most enterprises are focused on application scanning and remediation, many software development experts are advocating better, more secure application development initiatives that prevent vulnerabilities from occurring in the...
Today no one can claim ignorance about the need for an open source vulnerability strategy, so what is yours? Are you the fire alarm type, who prefers to sit tight unless a vulnerability alert is ringing in your inbox? Or are you the fire hose type, staying ahead of the game with a never-ending stream...
Application security is a top priority today for companies that are developing software. However, it is also becoming more challenging and complex as release frequency continues to rise, more open source components are adopted, and the requirements for data security are getting stricter. Thanks to new DevOps practices and tools, development cycles are getting shorter,...
Amid all the talk of shifting left, mingling the DevOps and Security tribes and how can we do code better, faster and with more quality a funny thing happened. Security vendors are developing security tools for devs and DevOps. The security team still pays for them, but they won’t buy them without Dev and DevOps...
DevSecOps approach, testing tools and practices are integrated even further left in the development pipeline. Join Senior Product Manager, Shiri Ivtsan, as she discusses: Where and how developers are implementing DevSecOps in the SDLC; Best practices for developers to adopt DevSecOps and more efficiently handle vulnerabilities; Necessary steps for implementing a process for detection, prioritization,...
Over the past few years, more and more companies are turning to containerized environments to scale their applications. However, keeping containers secure throughout the development life cycle presents many challenges to security and development teams. In order to address them, organizations need to adopt a new set of security processes and tools. This session will...
The push to the cloud has introduced a previously unknown level of agility to many organizations, but sometimes at the expense of data security. Human error often is the cause of cloud security blunders, putting sensitive data at risk and causing real damage to companies in terms of financial liability and loss of reputation. This...
Container images are based on many direct and indirect open source dependencies, which most developers are not aware of. What are the security implications of only seeing the tip of the iceberg? What are the challenges one faces when relying so heavily on open source? And how can teams overcome these? Join Codefresh and WhiteSource,...
Application security is a top priority today for companies that are developing software. However, it is also becoming more challenging and complex as release frequency continues to rise, more open source components are adopted, and the requirements for data security are getting stricter. Thanks to new DevOps practices and tools, development cycles are getting shorter,...
The need to include security as part of the DevOps process is well-understood, and greater numbers of DevOps teams are shifting security left to ensure their applications are more secure. But how can an organization scale its DevSecOps efforts without introducing unnecessary friction in the software development life cycle? This webinar explores some of the...
The container space has evolved dramatically, growing into a thriving ecosystem that goes well beyond containers to include orchestration platforms, monitoring tools and more to enable end-to-end container management. In this webinar, we explore the expanding category of container management, including technology and market trends and the essentials an organization needs to manage its container...
The days when financial institutions relied solemnly on proprietary code are over. Today, even the largest financial services firms have realized the benefits of using open source technology to build powerful, innovative applications at a reduced time-to-market. However, the financial services industry faces strict regulatory requirements that present it with a unique set of challenges,...
Over the past few years, open source has grown in popularity especially among developers using open source code in their application development efforts. In the security space, however, open source hasn’t been as widely embraced, mostly because of concerns over vulnerabilities. But is open source software really less secure?
Organizations enjoy the speed that DevOps brings to development and delivery. However, most security and compliance monitoring tools have not been able to keep up, becoming the most significant barrier to continuous delivery. Now some good news: you can easily integrate security into your existing processes to solve this challenge. In this session, Shiri Ivtsan,...