Share this:

Webinar: Expecting Secure, High-Quality Software: Mitigating Risks throughout the Lifecycle

September 10, 2018

 

Speaker: Joe Jarzombek, Director for Government, Aerospace and Defense Programs, Synopsys, Inc.

Presented live on September 10, 2018

 

 

This CISQ webinar is brought to you by our sponsor, Synopsys

 

As the cyber threat landscape evolves and external dependencies grow more complex, managing risk in the supply chain must focus on the entire lifecycle.  The Internet of Things (IoT) is contributing to a massive proliferation of a variety of types of software-reliant, connected devices throughout critical infrastructure sectors.  With IoT increasingly dependent upon third-party software of unknown provenance and pedigree, software composition analysis and other forms of testing are needed to determine ‘fitness for use’ and trustworthiness. Application vulnerability management should leverage automated means for detecting weaknesses and vulnerabilities. Addressing software supply chain dependencies enables enterprises to harden their attack surface by: comprehensively identifying exploitable components and providing more responsive mitigations.  Security automation tools and services, and testing and certification programs now provide means upon which organizations can use to reduce risk exposures attributable to exploitable software in IoT devices.

 

Attendees will learn:

  • How external dependencies create risks throughout the IoT/software supply chain;
  • How software composition, static code analysis, fuzzing, and other forms of testing can be used to determine weaknesses and vulnerabilities that represent vectors for attack and exploitation;
  • How testing can support procurement and enterprise risk management to reduce risk exposures attributable to exploitable software in IoT devices.

 

Watch the webinar on CISQ YouTube / Download the presentation

 

Resources from Synopsys:

Synopsys Continuous Integration Continuous Delivery and Deployment

Coverity Static Analysis

Black Duck Software Composition Analysis

Black Duck Binary Analysis

Synopsys Fuzz Testing Defensics

 

 

2 thoughts on “Webinar: Expecting Secure, High-Quality Software: Mitigating Risks throughout the Lifecycle

Leave a Reply

Your email address will not be published. Required fields are marked *

*

code

Comment validation by @