Veracode's Greatest Hits Playlist
Overview
As the warmer days are numbered, now is the time to get outside, fire up the grill and put on your favorite music or greatest hits album. In that spirit, take a peek at our Greatest Hits playlist, which features some of our most popular webinar recordings from past events and virtual summits this year. Whether you are just getting started with AppSec or want to understand how to enhance your current program, we’ve got you covered.
Application Security Metrics & How to Track Success
Anne Nielsen, Principal Product Manager, Veracode
Metrics are critical for measuring and expanding an application security program. However, executives don't always want to see a slew of complicated charts and graphs - they want one simple number that answers, in a nutshell, is this program working?
Which Appsec Testing Type Is Right for You?
Chris Kirsch, Director of Product Marketing, Veracode
Although there are a variety of application security technologies, there is no silver bullet. You need to gather the strengths of multiple analysis techniques along the entire application lifetime — from development to testing to production — to drive down application risk. Each testing type, from static to dynamic to software composition analysis and manual pen testing, has different strengths and weaknesses and are better in different scenarios, but you won’t be effective without taking advantage of them all.
Real-World Retrospective: AppSec First Steps
Anne Correia, Veracode | Joe Leonard, CISO Advisory Services | Jason Curtis, Financial Industry Expert
With AppSec, as with most initiatives, the first step is often the most difficult. Learn from someone who’s been there. Join our conversation with Joe Leonard, a Cyber Security leader, and more as they explain their take on how organizations have kicked off their AppSec program. You’ll get best practices and lessons learned on the initial AppSec steps to take to set your organization up for success.
Key takeaways:
Hear how real companies kicked off and expanded their AppSec programs
Get AppSec best practices you can take back to your own company
Get practical advice on AppSec pitfalls to avoid
Getting AppSec Developer Buy In
Tim Jarrett, Sr. Director of Product Management, Veracode | Gene Kim, Author, Researcher
Development teams’ biggest fear when they hear their organization will enact an application security assessment program is that their development efforts will be slowed down. This team can be the biggest barrier to the success of the program because if they don’t follow the protocol set forth by the program plan, the security team will be unable to demonstrate the value of the plan.
Learning from Organizations Running Successful AppSec Programs
Pejman Pourmousa | VP of Services at Veracode & Adrian Benvenuti, VP of IT Risk and Security Architecture at Moody's
Veracode has helped thousands of customers integrate security into their development cycle, and we’ve now got lessons learned, best practices, and pitfalls to avoid. Join this session to hear from members of Veracode’s services team and a Veracode customer on how real-life AppSec programs are helping their security and development teams work together to secure code. You’ll learn:
Lessons learned from organizations who have effectively integrated security into development processes
Pitfalls to avoid when introducing security into development
Advice and tips from those who are working with development teams every day to create secure code
Veracode Security Labs – Hands-On Training to Secure Code From the Start
Fletcher Heisler - Director, Developer Enablement
How are your prospects and customers training their developers to create secure code? Veracode Security Labs shifts application security knowledge “left,” earlier in the development cycle, through guided, interactive exercises that train developers to tackle modern threats in the evolving cybersecurity landscape and deliver secure code on time.
Shifting Left with Future Proofed AppSec – Customer Conversation
John Smith, Director of Solution Architects, Veracode / Marco Ulgelmo, CISO, Quby
Meeting the demands of modern software development requires fast and accurate security solutions that you can scale up or scale down, anytime, anywhere – especially in the face of a global digital transformation. As our Static Analysis scan numbers hit a new record in March and then another record high in April, our customers continue to impress with their drive for better application security in the face of current events.
Panel - Debunking the AppSec Silver Bullet Myth with Veracode & HackerOne
Paul Farrington, Laurie Mercer, Chris Kirsch, James Kettle
There is no AppSec silver bullet. All application security scans – static analysis, dynamic analysis, penetration tests, bug bounties, etc. – have a role to play, and they all work together to fully secure your application layer.