Watch webinars about application security, DevSecOps, license compliance and software supply chain security.
Application security is an effective tool for defending against attacks. But as IT infrastructures shift to “software-defined everything” and move to the cloud, traditional AppSec models no longer are enough to protect the application. This webinar takes a look at how companies are addressing new models to address more dispersed and dynamically connected applications, from...
Join us for a webinar featuring Forrester VP and Research Director Amy DeMartine to learn more about why open source security has become critical for securing modern applications, the main considerations when evaluating an open source security and license compliance solution and what she sees in store for the future. Additionally, WhiteSource Senior Director of...
Kubernetes has become the default way for many organizations to scale and orchestrate their use of containers. However, organizations are starting to find themselves needing to take the necessary steps to protect their containers. Automating security checks throughout the development life cycle can help reduce risk and allow organizations to develop and deploy securely. Join Shiri Ivstan, Senior Product Manager at WhiteSource and Yaniv Peleg Tsabari, Senior...
Many organizations are using containers to develop and manage their applications. Containers enable development teams work faster, deploy more easily and efficiently, and operate at a much larger scale. However, there are many security measures that need to be taken across the entire software development lifecycle, especially when it comes to open source security. In...
DevOps success depends on three things: people, processes and tools. While tools and processes can be easy enough to address, the people part of the equation can be more difficult to tackle. Changing the culture of an organization can be akin to turning a cruise ship midstream. Join this webinar to hear the top 10...
The Payment Card Industry (PCI) Security Standards Council recently released a new security framework to replace the previous standard (PCI PA-DSS). The new framework is set to better address the changes that the software development industry has seen in the past few years. Agile and DevOps methodologies, cloud and containerized environments and widespread open source...
DevOps is a global phenomenon, with organizations in countries far and wide adopting DevOps tools, processes and culture to increase the speed, efficiency and reliability of their applications. In this webinar, we’ll delve into why DevOps has such a global reach and take a look at some of the international companies that have found success...
Gone are the days where open source components were only used by individual developers, start-ups or small corporations. Today, even the biggest corporate giants have realized the numerous benefits open source usage brings, thereby openly embracing this as part of their software to help them focus their efforts and push more code out of the...
Many security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy orders of magnitude faster than human gating can achieve. Similarly, security groups believe that policy enforcement is their biggest (only?) lever… “If we can just update the...
DevSecOps is often associated with securing a development pipeline in traditional CI/CD frameworks. Join this session, held by Henrik Johansson, Principal – Office of the CISO at AWS, as he discusses and shows: – how public cloud technology enables you to fully embrace security automation in your infrastructure – how to account security using managed...
Is your organization ready to embrace a DevOps mindset? Receive a pragmatic view from an agent of chaos, who’s promoting the goal for a single continuous integration and delivery pipeline, shifting testing, security, code reviews, and other opportunities to improve information sharing and quality to the left, shifting configuration to the right, and most importantly,...
Open source software has become the building block in the applications we interact with nowadays. The good? Thanks to the time and cost efficiency it brings, organizations are able to facilitate productivity and innovation at a faster pace than ever. The bad (or rather, less good)? Many organizations are grappling with the security aspect when...
All static analysis tools produce false positives, and often require developer context to determine exploitability of a security risk. Automating a static scan is usually straightforward but building automation workflows around SAST findings require that your Pipelines become smarter over time. Optimizing the data provided by SAST tools is an often overlooked aspect to integrating...
DevSecOps has taken the world by storm. Ever since the DevSecOps philosophy stepped into the limelight in the past few years, a growing number of organisations are trying to ensure their businesses are set up with the security in mind (and practice) from the get-go. In theory, the concept is great. In practice? Less so,...
DevSecOps is often associated with securing a development pipeline in traditional CI/CD frameworks. Join this session, held by Henrik Johansson, Principal – Office of the CISO at AWS, as he discusses and shows: – how public cloud technology enables you to fully embrace security automation in your infrastructure – how to account security using managed...
David Habusha, Dan Beauregard and Cody Wood discuss DevSecOps challenges and new tools you can use
Thanks to containerization and automation, applications are being developed and delivered faster than ever. With tools such as AWS ECR, developers are able to store, manage and deploy Docker container images without having to worry about operating their own container repositories or scaling the underlying infrastructure. With this, however, arise challenges around managing the security...
Last week The Forrester Wave™: Software Composition Analysis, Q2 2019 was published. We took part in MediaOps panel discussion to discuss the results of the report and which SCA vendors are right for software development and security teams and their needs.
Containers increase speed, simplify operations, improve development efficiency and bring a slew of other benefits, making them a top choice for agile deployment infrastructure. In our latest panel webinar with Container Journal, we outlined the critical importance of container security and provides best practices and tools to ensure your container environment is as secure as...
Containers are shaping the way organizations are developing and managing applications nowadays. However, many are not always fully aware of the measures that need to be taken across the entire software development lifecycle, especially when it comes to open source security aspects. The mindset of securing our applications needs to be shifted – to continuous...
Open source software components play an important role by providing us with the building blocks of our products. However, even as we enjoy the benefits of open source components, they are not without their challenges, especially when it comes to security vulnerabilities. In this webinar with Circle CI, you’ll learn how: – WhiteSource Orb can...
It is no secret – open source has become the main building block in modern applications, and it is almost impossible to develop software at today’s pace without it. However, as the open source community grows, and the number of reported vulnerabilities keeps climbing, manually verifying the security and compliance of open source components can...
application security is becoming a key area of focus for organizations. Join this interactive Q&A panel of industry experts to learn more about: – How to integrate application security testing into the DevOps process early on – Why automation, speed and coverage are critical to the success of DevSecOps programs – Speed vs Security: Where...
It’s no secret that open source components form the backbone of today’s software, comprising between 60-80% of modern applications. But with this, comes the alarming rise in open source vulnerabilities – more than 3,500 open source vulnerabilities were reported in 2017 – that’s 60% higher than the previous year, and the trend continued in 2018....
You don’t need an expert to tell you that open source software will be ubiquitous in the enterprise in 2019. You also don’t need an expert to tell you that this will present security challenges either. But what can you do in 2019 to ensure your open source software is as secure as you can...
According to the latest open source security research report from WhiteSource, “The State of Open Source Vulnerabilities Management” for 2018, almost 97% of developers rely upon open source components in order to develop their applications nowadays. But with the recent spike in disclosed open source vulnerabilities, the question arises whether security and development teams have...
DevSecOps represents a fundamental shift from the status quo by making security a much more collaborative effort. Applications are the business in this digital age. Securing the applications that drive your business is essential to providing safe digital experiences to your entire business ecosystem. With DevSecOps, security is automated and integrated into the development process....
WhiteSource’s Reut Netzer was featured in IMA’s Webinar. Reut presented The Top 3 Strategies to Reduce Your Open Source Security Risks. Please note that this webinar was in French.
DevSecOps offerings that are just DevOps lipstick on a traditional security-as-a-gate pig. Also, security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy an order of magnitude or more faster than human gating can achieve. What’s needed to...
Love it or hate, the annual RSA Conference (RSAC) in San Francisco is the largest cyber security conference in the world. It is where the world comes to talk and learn security. Inevitably every year at RSAC there are some technologies that become the industry buzzwords and hot buttons. These generally stay on top of...
Open Source has become the key building block for application development in today’s market, where companies are under constant pressure to accelerate time to market. The increasing adoption of open source components, however, has introduced new security challenges that most teams are not prepared to mitigate in their current posture. In this webinar, we will...
A continuous solution for open source management that is pre-integrate into your DevOps cycle is a critical enabler that DevOps teams should insist on implementing.
In this webinar we learn how to address any open source security concerns within your organization, understand the difference between securing your open source components and your proprietary code,
Rami Sass, Co-Founder at WhiteSource presented how you can use Jenkins latest integration with WhiteSource to fully monitor and control all open source licenses, including dependencies.
oin Corregan Brown, co- founder of ProjectLocker, and Rami Sass, co-founder of WhiteSource to learn about the benefits of cloud-based development and how to best manage the use of open source.
