Skip to main content

Hot SOSS: A Look at Our New State of Software Security Data


 

Hot off the presses! The 11th version of our annual State of Software Security report is here, and it’s filled with actionable tips and advice to help you make informed decisions when starting or optimizing your AppSec program. And we’re making it easy for you to access all this powerful data – we’re gathering up all the data, the analysis, the key takeaways, and the commentary into one insight-packed, two-day Virtual Summit. Tune in for data and guidance on open source risk, data breakdowns by industry, how language choice affects vulnerabilities, and more. The event will feature both live keynotes and on-demand, recorded sessions to watch when it’s convenient.

Featured Keynote Sessions

Software Security: The Stats and the Acts

Software Security:
The Stats and the Acts

Real-World Perspective: The Effect of Decentralized Security

Real-World Perspective: The
Effect of Decentralized Security

The Year Software took Center Stage

The Year Software
took Center Stage

Putting SOSS Data to Work for You

Putting SOSS Data
to Work for You

Day 1

Day 1
Morning Keynote
Software Security: The Stats and the Acts 11:30am EST
Chris Eng
Chris Eng
Chief Research Officer

Tune in to Veracode Chief Research Officer Chris Eng’s keynote to get an overview of the state of software security this year, and how you can use the data to improve your own application security program.


Day 1
Breakout Session
What Our Data Tells Us About Open Source Risk: And How to Address It 12:30pm EST
Brittany O’Shea
Brittany O’Shea
Senior Product Marketing Manager

Attend this session with Brittany O’Shea, Veracode senior product marketing manager, to hear more about our data on open source risk, and how to address it. You’ll learn:

  • What our new data reveals about the extent and the security third-party code in modern applications
  • Best practices surrounding identifying security vulnerabilities in open source libraries
  • Realistic and practical ways to address the problem of open source risk"

Day 1
Breakout Session
The Affect of Language Choice on Software Security 1:15pm EST
Ryan O’Boyle
Ryan O’Boyle
Manager, Product Security

All languages are not created equal. Don’t miss out as we dig into data from 130,000 application scans and discuss the latest trends in software security, including which languages can affect the security of your code.


Day 1
Fireside Chat
Real-World Perspective: The Effect of Decentralized Security 2:00pm EST
Emily Iarocci | George Garza
George Garza | Emily Iarocci
Director of Security & Risk at Manhattan Associates | Team Lead, Security Program Management

As security increasingly becomes decentralized out to individual developers, what are the implications? Do developers have the right training and tools to own security testing and decision-making? We’ll sit down with Veracode customer George Garza, Director of Security & Risk at Manhattan Associations to discuss these answers, the implications on their organizations, and their take on the keys to success.


Day 1
Breakout Session
Raising Good Software: Is It Nature or Nurture? 3:00pm EST
Annie Nielson
Annie Nielson
Product Management

How did we get to this state of software security, and what’s the best way to address it? Are some apps by their very nature simply less secure? Or are we just not nurturing the security of apps correctly? Join us for an insightful talk on software security today, and practical steps you can take to reduce your risk of breach.


Day 1
Breakout Session
SAST, DAST, SCA … is this really necessary? 3:45pm EST
Julian Totzek-Hallhuber
Julian Totzek-Hallhuber
Snr Principal Solution Architect

In a word, yes. Join this session to find out:

  • Our data on the fix rates of organizations that employ multiple testing types vs. those that use just one
  • Why you need multiple testing types
  • How and when the different testing types work together throughout the software lifecycle.

 

Day 2

Day 2
Morning Keynote
The Year Software took Center Stage 11:30am EST
John Smith
John Smith
Director Solution Architects EMEA & APAC

Tune in to Veracode’s Director of Solution Architects John Smith’s keynote address to hear more about how to apply the lessons of 2020 to keep your organization secure.


Day 2
Breakout Session
Vulnerabilities Hall of Fame 12:30pm EST
Tim Jarrett
Tim Jarrett
Sr. Director, Product Management

99 problems – and a bug is always one. Join this session to see the flaws that made it into our Vulnerability Hall of Fame and learn which languages they tend to impact the most so you can stay one step ahead.


Day 2
Breakout Session
How Does Your Industry Compare to Others When it Comes to Software Security? 1:15pm EST
Brittany O’Shea
Brittany O’Shea
Senior Product Marketing Manager

Whether you’re in healthcare, retail and hospitality, financial services, manufacturing, technology, or government and education, our recent analysis for the State of Software Security (SOSS) report uncovered key differences in software security between industries and found that these differences affect how quickly flaws are addressed.
Join us as we explore the software security of various industries and discuss:

  • Key factors that impact software security health.
  • Common flaw types affecting industries.
  • Proven methods to improve software security.

 


Day 2
Closing Keynote
Putting SOSS Data to Work for You 2:00pm EST
Chris Eng
Chris Eng
Chief Research Officer

Tune in to Veracode Chief Research Officer Chris Eng’s keynote at the conclusion of our two-day Virtual Summit to get a recap of the summit’s sessions and highlights of the actionable advice shared. He will cover what SOSS v11 tells us about:

  • Open source risk
  • Language’s affect on security
  • “Nurturing” the security of code with a less than idea “nature”
  • How the choice of testing type affects security outcomes

 


Day 2
Breakout Session
How Can the Government and Education Sector Improve Its Grades in Software Security Health? 3:00pm EST
Eric Wassenaar and Jason Phillips
Eric Wassenaar | Jason Phillips
Sr. Account Executive - SLED | Sr. Solution Architect

It’s been a challenging year for several industries, including the government and education sector. Join us as we further examine SOSS findings pertaining to these industries and discuss current AppSec trends impacting the government and education sector, common flaw types found in the sectors’ applications and steps that organizations can take to nurture their applications and improve their security health.