Learn about the magic of IAST, how to uncover the risks of APIs and web services in M&A, and how DoD and government agencies can mitigate software risks.
Are you struggling with application security testing? Do you wish it were easier, faster, and better? Join us in this IAST webinar to learn more about interactive application security testing, a next-generation AppSec tool that provides highly accurate, real-time vulnerability results without the need for application or source code scans.
Learn how this nondisruptive tool can:
Who: Asma Zubair, senior product management manager, Synopsys; Kimm Yeo, senior product marketing manager, Synopsys
Just like most software assets contain open source, modern software applications commonly link to external web services via APIs. By using web services, developers may be inadvertently signing their companies up to terms of service or using a web service without a suitable agreement. And using these services can expose a company to security, data privacy, and operational risks that could disrupt or severely affect the business. As part of the tech M&A due diligence process, you should be aware of these web services-related risks so that you can make informed decisions about deal valuation and remediation.
Join Tony Decicco, shareholder at GTC Law Group and Affiliates, and Phil Odence, GM of Black Duck Audits, as they discuss the types of risk associated with web services and how they can affect an M&A transaction. They’ll cover:
Who: Tony Decicco, shareholder, GTC Law Group and Affiliates; Phil Odence, GM of Black Duck Audits, Synopsys
As the cyber threat landscape evolves and external dependencies grow more complex, managing risks to enterprise and connected embedded systems requires more than reactive measures. Many organizations proactively reduce attack surfaces in their cyber supply chain and assets targeted for exploitation. IT asset management should leverage automated means to detect weaknesses and vulnerabilities in software.
Addressing cyber supply chain dependencies enables the hardening of attack surfaces by comprehensively identifying exploit targets, understanding how assets are attacked, and providing responsive mitigation. Automation tools and services, testing and certification programs now provide means to reduce risk attributable to exploitable software. This presentation addresses means of using information to prioritize mitigation efforts focused on reducing exploitable attack vectors; enabling organizations to proactively harden their attack surface and become more resilient in the face of growing threats and asymmetric attacks.
Who: Joe Jarzombek, director for government, aerospace & defense programs, Synopsys