Software Integrity Blog
[Webinars] NVD data feed alternatives and software security metrics
Learn about a better, faster alternative to NVD vulnerability data feeds and how to measure software security effectiveness and use metrics to drive change.
The State of Vulnerability Reporting: Is NVD Dead?
The Synopsys Cybersecurity Research Center (CyRC) has a dedicated team of security analysts who specialize in sourcing, curating, and analyzing open source software vulnerabilities. The team delivers a customer-focused vulnerability feed comprising open source vulnerability reports called BDSAs (Black Duck Security Advisories). These reports are timely, accurate, and packed with relevant actionable information.
In this webinar, Siobhan Hunter, security research lead, reveals why the high-quality content of the BDSA feed is best in class, with examples of how our BDSA feed compares with the NVD and insights into how we discover and deliver valuable vulnerability information for our customers every day.
What: The State of Vulnerability Reporting: Is NVD Dead?
When: Available on demand
Who: Siobhan Hunter, security research lead, Synopsys
Creating and Maintaining Effective Metrics for Assessing Enterprise Security
When IT security leaders speak with top management, they’re typically asked two questions:
- How safe is the organization from cyber threats?
- How well are enterprise defenses working?
During this webinar, top experts will discuss key metrics for assessing security posture, as well as the performance of the security team. You’ll learn about some useful ways to measure cybersecurity effectiveness, and how to use those metrics to demonstrate new risks as well as the ongoing performance of your security initiatives.
What: Creating and Maintaining Effective Metrics for Assessing Enterprise Security
When: Available on demand
Who: Stacey Halota, VP of information security and privacy, Graham Holdings; Mike Ware, managing principal, Synopsys; Sara Peters, senior editor, Dark Reading
More by this author
- Agile, CI/CD & DevOps
- Application Security
- Automotive Cyber Security
- Cloud Security
- Container Security
- DAST
- Data Breach Security
- Developer Enablement
- Featured
- Financial Cyber Security
- Fuzz Testing
- Healthcare Security & Privacy
- Interactive Application Security Testing (IAST)
- IoT Security
- Medical Device Security
- Mergers & Acquisitions
- Mobile App Security
- News & Announcements
- Open Source Security
- Public Sector Cyber Security
- Security Standards and Compliance
- Security Training & Awareness
- Software Architecture & Design
- Software Compliance, Quality & Standards
- Software Composition Analysis (SCA)
- Software Security Program
- Software Security Research
- Static Analysis (SAST)
- Web Application Security
- Webinars