We all know that shifting security left is the right approach for securing our apps. We also know that it isn’t enough - developers also need to be empowered to own security. They require tools that integrate into the way they are already working and they need guidance and assistance from the security team. This is especially true for the most challenging vulnerabilities of all: those that are not so easy to fix, but too important to ignore.

Join us for the NeoSystems Deltek GovCon Coffee Show where industry thought leaders discuss all things government contracting with hosts Elizabeth Jimenez, Director of Corporate Marketing at NeoSystems, and Wolf Thiers, Portfolio Advisor at Deltek.

We talk about supply chain risk, GDPR, Data Audits, how companies can make sure their processes for transferring data to 3rd parties remain on track. Jacob highlights the interplay between DevOps and security. A very interesting discussion indeed. For full disclosure - Armature Systems is a partner of Riscosity, and helps clients with purchasing, deploying, and operationalizing Riscosity's platform..

Application Architecture Summit, January 2021 How to protect your CI/CD pipeline so it doesn’t turn into a vulnerability superspreader. CI/CD pipelines bring so much application security good to the development process. They help increase test coverage and reduce human error by automating away toil. But without proper controls, an over-privileged and insufficiently monitored CI/CD pipeline can turn into a vulnerability superspreader. This talk will show you how to manage identity-based access so your CI/CD pipeline stays secure using the open-source solution Teleport and Github Actions.

What would you do, if you could predict a data breach? In this webinar recording, Penguin, Sainsbury’s, Tesco, and others will show how they use SecurityScorecard to predict and prevent data breaches. They will explain how they engage with their subsidiaries and suppliers, showing you how hundreds of breaches have been predicted in 2021 and what that means for 2022.

Cloud native development has changed the way developers both build and secure applications. Snyk’s cloud native application security platform is designed to work like a developer tool – making it not only easy to find issues, but to fix them quickly.

Webinar recording on "Threat Landscape for the Philippines Financial Industry" topic, hosted by Cyberint for the Bankers Association of the Philippines.

Dive in to the Pwnkit privilege escalation vulnerability with Kyle and Brian!

In this live hack webinar on the Log4Shell exploit we give a brief overview of the vulnerability and dive right into some examples of the exploit in action. We then show several real-world remediation approaches as well as other fixes outside of code. We feature a final round of fun demos, including container and IaC hacks and Java-based game hacks. We wrap up with a great list of takeaway resources and answer your questions.