Name: Secure Your Software Supply Chain
Start: 2023-11-07T10:17:00Z
End: 2023-11-07T10:17:52.000Z
Location: BrightTALK
Rating: 0

Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.

While generative AI (GenAI) is revolutionizing enterprise efficiency, how can businesses take advantage of its benefits without compromising on security?  
Join our webinar, hosted by Poshmark and Checkmarx, to gain firsthand insights from industry experts Saran Makam and Steve Boone on how to navigate GenAI adoption and ensure successful implementation. 

We’ll also discuss the benefits of leveraging GenAI, including:
Establishing effective governance frameworks 
Identifying both existing and emerging threats 
Enhancing AppSec while improving developer experience 

After the presentation, we'll demo how Checkmarx' new AI tools, CheckmarxGPT and AI Security Champion, can help your organization tap into the full potential of AI.

Decode GenAI with Poshmark: Best Practices for Adoption

Join us as we unpack the complexities and challenges of securing cloud-native applications across diverse cloud environments. Discover how Checkmarx Cloud Insights provides the actionable insights you need to enhance security operations and mitigate risks effectively.

Our experts will be showing how you can:

Understand Cloud Complexity: Learn how the integration of multiple cloud service providers and complex infrastructures impacts your security posture.
Actionable Insights: Explore how correlating data across your software development lifecycle and runtime environments helps pinpoint vulnerabilities effectively.
Streamlined Security Operations: See how smart prioritization and Attack Path Analysis can transform your security strategy by focusing on the most exploitable risks.

Key Features of Checkmarx Cloud Insights:

Integration Across Platforms: Seamless connections with AWS, Wiz, and other leading CNAPP vendors.
Prioritized Risk Management: Methods to cut through the noise of alert fatigue by focusing on internet-facing vulnerabilities.
Real-Time Remediation: Strategies to identify the exact location of vulnerabilities within your codebase and accelerate the remediation process.
Get a firsthand look at how Cloud Insights integrates runtime data with pre-deployment information to provide a holistic view of vulnerabilities and risks, enhancing your organizations ability to safeguard assets and address threats promptly.

Bringing Cloud Insights to Application Security

As Open-Source Software (OSS) becomes integral in finance, security challenges - especially around protecting the software supply chain - are intensifying. While awareness of these threats is widespread among AppSec professionals, only 7% use the necessary advanced tools to mitigate these risks effectively.

Tailored for executives in finance, join our upcoming webinar on April 25, 11 AM EST, with industry leaders Jonathan Meadows, a Citi Tech Fellow and Chair of the OpenSSF, and Tzachi Zorenshtain, Head of Security Research at Checkmarx. They will share their expert perspectives on the unique supply chain security challenges facing financial institutions and provide practical, actionable strategies to overcome them.

You’ll leave this session understanding:

How to identify and guard against the key supply chain threats facing the financial industry.
How to employ cutting-edge strategies to preempt and counter the newest attack vectors.
How to engage with and contribute to community efforts focused on fortifying software supply chains.

Citi’s Formula for Supply Chain Security & Integrity

In today's fast-paced business environment with constantly evolving needs and technologies, developers are pressured to deliver more within tighter deadlines and with fewer errors. Discover how to navigate this evolving landscape of digital protection and unlock the secrets of modern application security with our experts. Dive deep into the strategic consolidation of security platforms, learn how to harness the power of DevSecOps for seamless developer integration, and master the art of securing cloud-native applications. 

Join us for an exclusive session filled with actionable insights and cutting-edge strategies that will empower you to safeguard your applications from code to cloud. 

You will learn how you can:

Identify vulnerabilities from the start
Reduce overhead
Improve code quality

Securing Modern Application Development: The CISO and Security Team Perspective

With more enterprises moving to multi-cloud and hybrid environments, protecting their business-critical applications has become increasingly complex.   

Join our upcoming fireside chat on August 1, featuring Brad Schaufenbuel, CISO of Paychex and co-moderated by Daniel Deeney, Co-Founder and CEO of Paladin Cloud and Ori Bendet, VP of Product Management at Checkmarx. They will share their expert perspectives on the security challenges facing cloud-based businesses today – and the best ways you can protect your organization against them. 

You’ll leave this session understanding:

The importance of improving the developer experience
The role AI plays in modern application security
How industry leaders are prioritizing their top security risks

Paychex + Paladin Cloud Defending Against Cloud-Based Threats

Developer experience matters. See how Checkmarx integrates with:
—Top code repositories to scan code as early as check-in
—The most popular IDEs your developers are using
—Common bug-tracking tools to put vulnerabilities in the language of developers

Build trust with developer experience

Hear directly from our experts about:
—Top enterprise-specific challenges that our AppSec platform is designed to help solve.
—New platform features designed to help you better prioritize and remediate vulnerabilities.
—Demonstrations of our tools that help you get the most out of platform consolidation.

Get the most out of consolidation

Join our experts to hear about:
—Checkmarx’ AI-powered AppSec vision
—How AI is impacting development practices
—Bringing AI to DevSecOps
—How Checkmarx’ latest AI-driven tools accelerate AppSec

GenAI: The good, the bad and the unknown

Join our experts for a deep dive to:
—Explore what it means to be proactive vs. reactive with API security.
—Learn why popular runtime solutions can’t identify shadow APIs.
—See how to scan source code to discover every API.
—Prioritize remediation based on business context.

Shift everywhere to secure APIs

Introducing Checkmarx One 3.0.

To succeed you need to build that trust. As CISO, AppSec, and development leaders, you’re measured on how well you secure your applications, and your ability to prioritize your teams on what matters and impacts your business.

Settling for good enough is not enough. An enterprise AppSec platform is key to your business success: Introducing Checkmarx One 3.0.
Join our platform launch and experience first-hand why leaders like SAP, Salesforce, Siemens, Sanofi, and Toyota choose us as their enterprise AppSec partner.

Technology That Builds #DevSecTrust

To keep up with today's “need it now” consumers, organizations are developing applications at hyper-fast speeds —which involves the use of open-source libraries, APIs, and containers. But these modern development tactics are expanding the attack surface.
You need end-to-end application security that is fast, efficient, and developer friendly. That’s where Checkmarx One Application Security Platform and Brinqa's Attack Surface Intelligence Platform come into play. The platforms are the perfect pairing to strengthen your security posture and streamline vulnerability management.
In our upcoming webinar, hosted by Checkmarx CISO Peter Chestna, you will learn how this powerful integration can help you:
Detect vulnerabilities faster.
Prioritize vulnerabilities based on their criticality.
Improve developer experience by reducing alert fatigue and offering expert guidance.
Track your KPIs and develop a plan for vulnerability management.

Better Together: Checkmarx One and the Brinqa Platform

Unlike monolithic applications of the past, where coding was all in the same language, an average cloud-native application can have anything from 50-5,000 different components. The problem is, any one of those could be rife with vulnerabilities that present an expanding attack surface. Although organizations use an abundance of AST tools to test their code, they all lack results correlation, and that missing piece distorts their view of their overall security risks.

Checkmarx recognizes the inefficiency of trying to manually correlate results from the many siloed testing solutions, and the deficiency of alternate solutions that merely aggregate results. It led us to develop Checkmarx Fusion to provide advanced correlation in modern application development environments.

In this webinar, join Stephen Gates, senior solution specialist, and Miki Sharon, senior product manager, Checkmarx, for a deep dive on Checkmarx Fusion and Checkmarx One AST Platform.

    —Learn which AppSec testing approaches don’t fit well in modern development environments
    —See the new functionality Checkmarx Fusion brings to the software development industry
    —Understand the main use cases of Checkmarx Fusion and Checkmarx One and what’s included
    —View live demonstrations of both solutions in action, performed by our subject matter experts
    —After this webinar, you’ll fully understand why your AppSec testing approach is flawed.

Without Correlation, Your AppSec Testing Approach Needs an Update

If shadow and zombie APIs are climbing your AppSec priority list, you’re not alone. Software development teams are increasingly using APIs for web applications and other needs, and that’s motivating attackers to find ways to exploit them.

In fact, security experts are predicting that APIs will continue to experience a growing number attacks. It’s a gap in application security testing that has become a growing problem for many teams.

This webinar will introduce our solution. Checkmarx has found a way to shift API security way left, giving AppSec teams complete API visibility and helping them fix problems earlier in the SDLC – faster and at a lower cost. Our experts will cover:

-   An explanation of shadow and zombie APIs
-   How Checkmarx identifies and fixes vulnerable APIs earlier in the SDLC
-   Remediation that prioritizes the vulnerabilities that represent real risks

Understanding Growing AppSec Concerns Around API Security

Some recent high-profile vulnerabilities, such as Log4Shell, left many AppSec teams wondering, “Do I have vulnerable open source code in any of my apps?” Many were unsure, which illustrated perfectly the need for a Software Bill of Materials (SBOM), increasingly a must-have for those who build and use modern applications.

Developers source most of the code in their applications from the open source community and other vendors to form the basic plumbing of an application, allowing them to focus on their custom code. But with so much open source code, which in turn often includes other open source code, it’s nearly impossible to manually track what’s in an application. Without the transparent view that an SBOM delivers, organizations struggle to identify and address vulnerabilities like Log4Shell.

In this webinar, you’ll learn:

    —What’s driving the need for SBOMs, including compliance mandates
    —What an SBOM contains and how it’s generated
    —How an SBOM increases visibility into application composition
    —The value of an SBOM in real-world scenarios

Software Bill of Materials: Learn About This Vital Supply Chain Security Tool

The banking industry was recently hit with some alarming news: Two first-of-their-kind attacks hit the industry’s open-source software supply chain. The Checkmarx research team uncovered the attacks — and is offering its insight to help you adapt quickly and minimize your risk.

In this Webinar, Tzachi Zorenshtain, Head of Software Supply Chain at Checkmarx, talks about ways to prevent frontlines attacks. As a CISO or AppSec manager, you can expect detailed information regarding these types of attacks, including:

—Threat trends — Get a look into a six-month build-up of attacks. 
—A look behind enemy lines — Dive deep into adversary tactics, techniques, and procedures (TTPs).
—Strategizing your reaction — Arm yourself with a blueprint for an AppSec approach resilient against these calculated strikes.
—Don’t miss this opportunity to gain vital intel needed to protect against this new attack trend.

Shield your Bank from Supply Chain Attacks

The use of open-source software has quickly exposed all parts of the software development process as part of the overall attack surface and has even led to the creation of new attack types.  Enterprises must put in place protection against next-generation SCS attacks, like AI package hallucinations, dependency confusion, typosquatting, and repo jacking.  
 
Hear our experts talk about the ever-changing SCS landscape and some of our industry-leading solutions. Jossef Harush, Head of Software Supply Chain Security, and Rachel Levi, SCS Senior Product Manager, will dive into: 

—How malicious actors are using open-source software to target the software supply chain 
—Our new tool and product features that add necessary context for enterprises 
—The impact of generating code with AI tools on the supply chain

Secure Your Software Supply Chain

Supply Chain

Software Development

Security

DevSecOps

Software Supply Chain

Attack Surface

Enterprise Security

Artificial Intelligence

Open Source

Application Security

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Secure Your Software Supply Chain

Presented by

About this talk

More from this channel