DevSecOps best practices are increasingly being adopted to better secure software supply chains. The challenge, as always, is finding ways to optimize these processes so that developers will embrace them and so that the rate at which applications are being built and deployed doesn’t slow down. DevSecOps brings application development teams and cybersecurity teams together to shift application security further left as seamlessly as possible.

View Webinar

DevSecOps best practices are increasingly being adopted to better secure software supply chains. The challenge, as always, is finding ways to optimize these processes so that developers will embrace them and so that the rate at which applications are being built and deployed doesn’t slow down. DevSecOps brings application development teams and cybersecurity teams together to shift application security further left as seamlessly as possible.

There’s an important choice to be made when managing application security risks today: Remediate security issues early in pre-production or pay more to fix them in production while hoping you don’t get compromised or attacked. For Bob Durfee, head of DevSecOps at Takeda Pharmaceutical, the choice is simple: He’s determined to resolve security issues in 10 minutes during the pre-production phase of application development instead of taking weeks to remediate the same issues in production.

Join us to learn how Bob has successfully worked with his development leaders to engineer software with security in mind along the pre-production software supply chain. Liav Caspi, CTO of Legit Security, will be joining Bob to share how new security methods and tools now enable teams to find security issues earlier in the development process than ever before.

In this webinar you will:

  • Learn how to gain buy-in from development leaders to embed security into development
  • Become familiar with modern software supply chain risks such as: hard-coded secrets risks, infrastructure-as-code risks, pipeline risks and SDLC misconfiguration risks
  • Understand the value of fixing security issues before production
View Webinar

DevOps is terrific for delivering new innovative applications to the market. But the newer trend of “shift left, shift right, shift everywhere” has increased the pressure on developers and DevOps engineers to add application security (AppSec) testing and tooling management in CI/CD pipelines to their already long list of responsibilities.

With “shift everywhere,” existing DevSecOps implementations have to evolve to manage AppSec risk without impeding the agility and frequency of software delivery. The good news is, it can be done.

As DevOps turns to multi-cloud, workload containerization and infrastructure-as-code, securing and distributing secrets across teams and environments has become a complex undertaking. Left unmanaged, this leads to secrets sprawl; in other words, the exposure of credentials in source control servers, DevOps tools and every component that makes up the software development life cycle (SDLC). With exposed secrets, attackers can gain easy access to an organization’s critical resources. They can breach the perimeter to carry out attacks, hijack computing power, exfiltrate customer data and compromise the integrity of the software supply chain.

To help security and DevOps teams regain visibility and control over the secrets used in the SDLC, GitGuardian has developed its own Secrets Management Maturity Model. During this webinar, Mackenzie Jackson, developer advocate at GitGuardian, will discuss this model in detail, highlight the benefits of automated secrets detection and remediation and describe how these can be used to infuse security into development workflows.

You should attend this webinar if you want to:

  • Learn about the challenges of securely managing and distributing secrets in the SDLC
  • Understand that successful secrets management is a combination of education, tooling and process
  • Discover how your organization can develop its secrets management program
  • Learn more about the benefits of automated secrets detection and remediation and GitGuardian’s platform
View Webinar