Learn about web services and APIs in tech due diligence, the magic of IAST, and software risks for DoD and government agencies in our upcoming webinars.
Just like most software assets contain open source, modern software applications commonly link to external web services via APIs. By using web services, developers may be inadvertently signing their companies up to terms of service or using a web service without a suitable agreement. And using these services can expose a company to security, data privacy, and operational risks that could disrupt or severely affect the business. As part of the tech M&A due diligence process, you should be aware of these web services-related risks so that you can make informed decisions about deal valuation and remediation.
Join Tony Decicco, shareholder at GTC Law Group and Affiliates, and Phil Odence, GM of Black Duck Audits, as they discuss the types of risk associated with web services and how they can affect an M&A transaction. They’ll cover:
When: May 22 @ 2 p.m. Eastern / 11 a.m. Pacific
Who: Tony Decicco, Shareholder, GTC Law Group and Affiliates; Phil Odence, GM of Black Duck Audits, Synopsys
Are you struggling with application security testing? Do you wish it were easier, faster, and better? Join us to learn more about IAST, a next-generation AppSec tool that provides highly accurate, real-time vulnerability results without the need for application or source code scans.
Learn how this nondisruptive tool can:
When: May 22 @ 12 p.m. Eastern / 9 a.m. Pacific
Who: Asma Zubair, Senior Product Management Manager, Synopsys; Kimm Yeo, Senior Product Marketing Manager, Synopsys
As the cyber threat landscape evolves and external dependencies grow more complex, managing risks to enterprise and connected embedded systems requires more than reactive measures. Many organizations proactively reduce attack surfaces in their cyber supply chain and assets targeted for exploitation. IT asset management should leverage automated means to detect weaknesses and vulnerabilities in software.
Addressing cyber supply chain dependencies enables the hardening of attack surfaces by comprehensively identifying exploit targets, understanding how assets are attacked, and providing responsive mitigation. Automation tools and services, testing and certification programs now provide means to reduce risk attributable to exploitable software. This presentation addresses means of using information to prioritize mitigation efforts focused on reducing exploitable attack vectors; enabling organizations to proactively harden their attack surface and become more resilient in the face of growing threats and asymmetric attacks.
When: May 21 @ 12 p.m. Eastern / 9 a.m. Pacific
Who: Joe Jarzombek, Director for Government, Aerospace & Defense Programs, Synopsys