Software Integrity Blog


[Webinars] Tech due diligence, IAST, and government software

Learn about the magic of IAST, how to uncover the risks of APIs and web services in M&A, and how DoD and government agencies can mitigate software risks.

IAST webinar: The future of AppSec

AppSec Hype or Reality? Demystifying IAST

Are you struggling with application security testing? Do you wish it were easier, faster, and better? Join us in this IAST webinar to learn more about interactive application security testing, a next-generation AppSec tool that provides highly accurate, real-time vulnerability results without the need for application or source code scans.

Learn about the future of AppSec in our IAST webinar

Learn how this nondisruptive tool can:

  • Run in the background and report vulnerabilities during functional testing, CI/CD, and QA activities.
  • Prioritize and triage vulnerability findings in real time with 100% confidence.
  • Fully automate secure code delivery and deployment, without the need for extra security scans or processes.
  • Free up development and security resources to focus on strategic or mission-critical tasks and contributions.

What: AppSec Hype or Reality? Demystifying IAST

Who: Asma Zubair, senior product management manager, Synopsys; Kimm Yeo, senior product marketing manager, Synopsys

Watch now

Web services in M&A webinar

Growth of Web Services & APIs and the Risks in M&A

Just like most software assets contain open source, modern software applications commonly link to external web services via APIs. By using web services, developers may be inadvertently signing their companies up to terms of service or using a web service without a suitable agreement. And using these services can expose a company to security, data privacy, and operational risks that could disrupt or severely affect the business. As part of the tech M&A due diligence process, you should be aware of these web services-related risks so that you can make informed decisions about deal valuation and remediation.

Learn about the risks in our web services in M&A webinar

Join Tony Decicco, shareholder at GTC Law Group and Affiliates, and Phil Odence, GM of Black Duck Audits, as they discuss the types of risk associated with web services and how they can affect an M&A transaction. They’ll cover:

  • Typical terms of service and common pitfalls
  • The legal compliance, data privacy, security, and business risks that come with web services
  • Real-world examples of these risks
  • How a buyer can get a better understanding of these risks in a target’s codebase or a seller can prepare for diligence to avoid risks in this area

What: Growth of Web Services & APIs and the Risks in M&A

Who: Tony Decicco, shareholder, GTC Law Group and Affiliates; Phil Odence, GM of Black Duck Audits, Synopsys

Watch now

Government software webinar: Mitigating risks throughout the lifecycle

Mitigating Software Risks for DoD and Government Agencies

As the cyber threat landscape evolves and external dependencies grow more complex, managing risks to enterprise and connected embedded systems requires more than reactive measures. Many organizations proactively reduce attack surfaces in their cyber supply chain and assets targeted for exploitation. IT asset management should leverage automated means to detect weaknesses and vulnerabilities in software.

Learn how to mitigate risks in our government software webinar

Addressing cyber supply chain dependencies enables the hardening of attack surfaces by comprehensively identifying exploit targets, understanding how assets are attacked, and providing responsive mitigation. Automation tools and services, testing and certification programs now provide means to reduce risk attributable to exploitable software. This presentation addresses means of using information to prioritize mitigation efforts focused on reducing exploitable attack vectors; enabling organizations to proactively harden their attack surface and become more resilient in the face of growing threats and asymmetric attacks.

What: Mitigating Software Risks for DoD and Government Agencies

Who: Joe Jarzombek, director for government, aerospace & defense programs, Synopsys

Watch now


More by this author