Software Integrity Blog

 

[Webinars] DevOps, security tool abuse, Coverity and ThreadFix

Practice DevSecOps with automated continuous testing, defend your apps from security tool misuse, and learn how Coverity and ThreadFix enable developers.

Register for the security tool abuse webinar

Security Tool Misconfiguration and Abuse

As your organization’s security program matures, you’ll add tools and techniques to automate processes to improve your security posture. However, if you don’t configure these tools properly, they can lead to the total compromise of your network by an attacker.

In this webinar, Thomas Richards will review case studies of penetration testers abusing these tools, as well as remediation methods to prevent attacks.

What: Security Tool Misconfiguration and Abuse

When: Available on demand

Who: Thomas Richards, network and red team practice director, Synopsys

Watch now


Register for the DevSecOps webinar

Shift Left, Shift Right, or Run Security Right Through the Middle?

Demands for more secure software and more rapid application development have led to the emergence of DevSecOps. DevSecOps maturity requires a risk-based approach to adding security activities, increasing depth, and improving testing governance. The best strategy is to shift from a reactive to a proactive security approach that injects security at the right time and place with automated continuous testing.

This presentation covers these aspects of automated continuous testing:

  1. Practices to avoid
  2. Drawbacks
  3. Prerequisites
  4. When and where to use automated testing
  5. Best practices for implementing and improving continuous testing throughout the development life cycle

What: Shift Left, Shift Right, or Run Security Right Through the Middle?

When: Available on demand

Who: Meera Rao, senior principal consultant, Synopsys; Brandon Dunlap, moderator, (ISC)2

Watch now


Register for the Coverity and ThreadFix webinar

Enabling Developers in Your Application Security Program With Coverity and ThreadFix

Developers need to move quickly and efficiently. Coverity’s speed, accuracy, ease of use, and scalability meet the needs of even the largest, most complex environments. ThreadFix allows you to centralize all test and vulnerability data in one place so your software security team can spend less time on manually correlating results and more time focusing on higher-level risk decisions. Join us to get a firsthand look at how Coverity and ThreadFix arm development teams with the tools they need to advance security programs in real time.

What: Enabling Developers in Your Application Security Program With Coverity and ThreadFix

When: Available on demand

Who: Dan Cornell, CTO and principal, Denim Group; James Croall, Coverity product management director, Synopsys

Watch now

 

More by this author