Webinars

Webinars

  • The Post-Pandemic Threat Landscape

    The pandemic rapidly accelerated digital transformation for organizations around the world. Now that the pandemic is behind us, new risks and new threats have emerged in the wake of such rapid and uncontrolled change. This talk will cover what threats to expect for the rest of this year and early next and what can organizations do today to start to get ahead of what’s coming at them. About the speaker: John Bambenek is the President and Chief Forensic Examiner for Bambenek Consulting. He began his career 20 years ago at Ernst & Young as a Project Manager and Senior Consultant providing IT architecture services to top Fortune 500 Firms. He has worked in both the public and private sector providing consulting to financial services providers. He is a published author and has contributed to IT security courses and certification exams covering subjects such as penetration testing, reverse engineering malware, forensics and network security. He has participated in many incident investigations spanning the globe including the DNC breach and election-related hacking during the 2016 US Presidential campaign. He has appeared in as an expert in the New York Times, Washington Post and was once on The Daily Show with Jon Stewart. Read More

  • True Tales from AppSec Customers

    Customers tell the best stories. This is an adventure story set in the world of AppSec told by GuidePoint Security’s rockstar AppSec customers like The Motley Fool + Insight Global. Their live talk will cover trending AppSec topics + peeking into the future. A genuine discussion about their triumphs + challenges they encounter every day working as an industry leader in Application Security. You’ll get to know our remarkable AppSec customers through their comments around the following thought-provoking topics + more: • Shifting Left: How far left do you shift and what does that truly mean? • Quality code is secure code. Why AppSec isn’t so special. • The future of API protection Spend an hour with our customers. We bet you’ll find a lot in common. Read More

  • Without Correlation, Your AppSec Testing Approach Needs an Update

    Unlike monolithic applications of the past, where coding was all in the same language, an average cloud-native application can have anything from 50-5,000 different components. The problem is, any one of those could be rife with vulnerabilities that present an expanding attack surface. Although organizations use an abundance of AST tools to test their code, they all lack results correlation, and that missing piece distorts their view of their overall security risks. Checkmarx recognizes the inefficiency of trying to manually correlate results from the many siloed testing solutions, and the deficiency of alternate solutions that merely aggregate results. It led us to develop Checkmarx Fusion to provide advanced correlation in modern application development environments. In this webinar, join Stephen Gates, senior solution specialist, and Miki Sharon, senior product manager, Checkmarx, for a deep dive on Checkmarx Fusion and Checkmarx One AST Platform. Learn which AppSec testing approaches don’t fit well in modern development environments See the new functionality Checkmarx Fusion brings to the software development industry Understand the main use cases of Checkmarx Fusion and Checkmarx One and what’s included View live demonstrations of both solutions in action, performed by our subject matter experts After this webinar, you’ll fully understand why your AppSec testing approach is flawed. Read More

  • How to Build a Blueprint for Secure Software

    Application Developers are increasing taking the “DevSecOps” ethos to heart. They are realizing that security is not just something that gets bolted onto apps or around networks. Instead, security needs to be built into the applications that they create. While many have turned to SAST solutions to identify vulnerabilities such as Log4Shell in Log4J, others rightfully wonder how to protect the code that they write themselves, code that – by definition – contains working examples of how to penetrate the security perimeter that their InfoSec colleagues have put in place. This webinar shows: * How threat actors reverse engineer applications * How a “Protection Blueprint” secures applications * What unobfuscated and disassembled machine code looks like to a threat actor * How obfuscated machine code makes the threat actor’s job more difficult * What anti-tamper measures do to prevent reverse engineering of applications Read More

  • Why Can’t We Make Secure Software?

    A lot is expected of software developers these days; they are expected to be experts in everything despite very little training. Throw in the IT security team (often with little-to-no knowledge of how to build software) telling developers what to do and how to do it, and the situation becomes strained. This silo-filled, tension-laced situation, coupled with short deadlines and pressure from management, often leads to stress, anxiety and less-than-ideal reactions from developers and security people alike. This session will explain how job insecurities can be brought out by IT leadership decisions, and how this can lead to real-life vulnerabilities in software. This is not a talk about “feelings;” this is a talk about creating programs, governance and policies that ensure security throughout the entire SDLC. No more laying blame and pointing fingers, it’s time to put our egos aside and focus on building high-quality software that is secure. Application security expert Tanya Janca will explore the cause and effect of insecurities and other behavioral influencers and present several detailed and specific solutions that can be implemented at your own place of work, immediately. About the speaker: Tanya Janca, also known as SheHacksPurple, is the best-selling author of Alice and Bob Learn Application Security. She is the Director of Developer Relations and Community at Bright Security, as well as the founder of We Hack Purple, an online learning community that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over 25 years, won countless awards, and has been everywhere from public service to tech giants, writing software, leading communities, founding companies and “securing all the things.” She is an award-winning public speaker, active blogger and streamer, and has delivered hundreds of talks on six continents. She values diversity, inclusion, and kindness, which shines through in her countless initiatives. Read More

  • Eliminate Ransomware Risks With the Right Backup Strategy

    Every 39 seconds, someone in the world gets hit with a cyberattack. When this happens, backup remains the last line of defense to protect most applications and data. How vulnerable is your backup environment? Join this presentation to learn about comprehensive security measures every company needs in place to secure a clean, current backup so you can recover when hackers breach your back door. We will also share one company’s recent ransomware attack experience, including the impact of security measures and the lessons learned. Talking points: The three common threat pillars Key areas for implementing comprehensive backup security Back from the brink: case study of a customer cyberattack Read More

  • Update Your Application Security Strategy

    Once considered an afterthought in software design, in today's cloud-native, app-centric world, application security must be top of mind. Widespread applications usage over distributed and public networks invites a variety of potential threats. Frequent testing and adherence to application security best practices can limit the possibility of unauthorized code being used to steal, share or modify sensitive user information. This panel of experts will discuss the importance of a comprehensive application security program that incorporates best practices, threat identification and security testing. Join us to learn about: --Potential application threats --Program requirements for app security --Implementing app security standards --Using DevSecOps initiatives to improve security --Application security testing methods Moderator: Jo Peterson VP, Cloud & Security Services at Clarify360 Panelists: Stan Lowe, CISO of Synchronoss Technologies Matt Decapua, Application Security Architect for Travel + Leisure Daniel Shugrue, Lead Product Marketer at Digital.ai Read More

  • Social Engineering and Security Awareness

    Malicious actors exploit human nature to get what they want. Technology can help, but it is not going to stop everything. Once a malicious actor is in direct communication with someone in your organization, there is little that your technology can do. This talk covers the fundamental reasons for the necessity of a security awareness program in every organization and provides a model of what it should look like. Key takeaways include: --The properties of a good security awareness program --Security-aware policy --The limits and value of technical solutions as they pertain to social engineering attacks About the speaker: Joseph Carrigan is a Software Engineer with over 17 years of software development experience in a broad range of fields including computer and software security, microcontroller development, data migration, data integration, data warehousing and network communication. He has a B.S. (’99) in Computer and Information Science from The University of Maryland, University College and an M.S. (’08) in Computer Science from Capitol College. Read More

  • Build Resistance to Attacks by Unlocking the Value of Ethical Hackers

    Attack surfaces are expanding, spurred on by the continuous release of new digital services and business transformation. In this session, you will learn why it’s time to implement an attack resistance management strategy to find unknown risks missed by automated tools, then unlock the security expertise of ethical hackers to identify critical gaps and prioritize fixes for your exploitable assets. About the Speaker: Sean Ryan is a Sr. Principal, Product Marketing Manager at HackerOne, where he helps organizations to identify the gaps in their security posture and improve their attack resistance. Prior to joining HackerOne, Sean worked for a prominent industry analyst firm covering identity security, and before that he led the market & competitive intelligence practice for a Fortune 500 IT infrastructure and security software provider. Read More

  • Building a Robust Enterprise Security Program

    Let’s take a moment to consider your Enterprise Security Program. Is it healthy and functional? Do you have the right people and processes? How are you layering security controls to be most successful? In this session we will discuss the components and management framework that result in a successful Enterprise Security Program. You can expect to learn: How do the most successful organizations structure their security controls? What are the enterprise strongholds that attackers are actively exploiting? What are some quick wins you can perform to get C-level buy in for furthering your Security Program? Read More