Application vulnerabilities are real and hackers are targeting industries that offer the best avenues for illicit monetary gains. At the same time, economic, competitive and time-to-market pressures are driving enterprises to use third-party commercial off-the-shelf (COTS), open source, outsourced code and crowd-sourcing as part of their application development and acquisition process - and therefore exposing these enterprises to unacceptable level of unbounded corporate risk.
Understand the major security implications to your application portfolio that come from third-parties like COTS vendors, outsourcers, crowd-sourcers, and open-source applications
Learn 5 best practices to help you manage the security of your application portfolio and the sources of your risk
Learn how you can cost-effectively manage the risk of built, bought or outsourced code without additional hardware, software or personnel investments
This webinar will discuss a cost-effective five-step process that enterprises can apply to their third-party application portfolio to gain visibility into their security state, meet regulatory requirements, and establish a third-party governance framework to protect their critical assets.
Application Security is rising to the top of the agenda for Security and Engineering executives. According the Computer Emergency Response Team (CERT), 75% of new attacks target the application layer. The 2009 Verizon Data Breach report states that "Financial Services firms were singled out and fell victim to some very determined, very sophisticated and - unfortunately - very successful attacks in 2008. This industry accounted for 93% of the over 285 million records compromised".
One thing is clear - Application vulnerabilities are real and hackers are targeting industries that offer the best avenues for illicit monetary gains. At the same time, economic, competitive and time-to-market pressures are driving enterprises to use third-party commercial off-the-shelf (COTS), open source and outsourced code as part of their application development process.
While this mixed code base of unknown security quality may be an acceptable artifact of modern application development and acquisition, it pushes liability onto the enterprise resulting in an unacceptable level of unbounded corporate risk.
This webinar will discuss five cost-effective steps you can take to comprehensively assess your entire portfolio of software applications (whether bought, built internally, outsourced or crowd-sourced)while also meeting your governance, risk and compliance (GRC) requirements.
Special guest presenter, Sam King, VP of Product Marketing at Veracode, will provide insights as to the best practices that financial institutions are implementing to ensure the integrity of their application security posture while meeting GRC requirements.
Ms. King has more than 15 years of experience in working with Fortune 100 organizations to deliver large enterprise application solutions and managed security services. Prior to her tenure at Veracode, Ms. King held roles at VeriSign (formerly Guardent) in product management, product marketing, professional services and client services. In her Product Management role she was responsible for new product/service development and developed the Managed Vulnerability Protection Service (MVPS). She also built a team of project managers, solution design architects and provisioning engineers to deploy managed security services for enterprise customers as well as a global base of channel partners. Prior to VeriSign, she served also served as Technical Team Lead for i-cube/Razorfish, where she led major technical engagements ranging from legacy system transformations of mainframe business applications into three tiered client-server architectures to development of large scale custom applications and web applications.