Some recent high-profile vulnerabilities, such as Log4Shell, left many AppSec teams wondering, “Do I have vulnerable open source code in any of my apps?” Many were unsure, which illustrated perfectly the need for a Software Bill of Materials (SBOM), increasingly a must-have for those who build and use modern applications. Developers source most of the code in their applications from the open source community and other vendors to fo...

Because of recent Common Vulnerabilities and Exposures (CVE) announcements like Apache Log4j, software teams have been upended all over the world. This results in scheduled work coming to a grinding halt, and triage and emergency “surgery” being performed on applications. If not prepared, productivity can be derailed for weeks or even months. The longer it takes, the more pressure is applied by management. You're invited... Please...

The transition to Agile development is complex and challenging, especially for legacy programs. Where do you start and what obstacles may exist? Agile and DevSecOps are often touted as silver bullets to accelerating delivery of mission winning capability. These modern development and deployment methodologies offer many benefits, but navigating their implementation requires a data-driven understanding of which applications will benefit the most...

Interactive Security Testing, DevSecOps, and NIST SP 800-53 Rev. 5 The need for increasing levels of software security is becoming even more apparent as organizations migrate applications to the Cloud and adopt DevSecOps as part of their software development and operational processes. During this panel discussion, you will hear from todays’ top industry leaders including Dr. Ross from NIST who will highlight the latest security guidance...

For the first time Create a secure SDLC utilizing static analysis SAST Come to the FBC show on July 21st at the Ronald Reagan Building running from 0800-1330 and learn how Checkmarx is securing Federal Agencies SDLC to remediate potential risks early in your code development with the least amount of disruption to the existing SDLC process. Checkmarx was recently mentioned in one of the world’s most popular software development publicati...