Training

3rd Party Risk Management

5 Steps to Managing Security Risk from Your Software Vendors

5 Steps to Managing Security Risk from Your Software Vendors
Application vulnerabilities are real and hackers are targeting industries that offer the best avenues for illicit monetary gains. At the same time, economic, competitive and time-to-market pressures are driving enterprises to use third-party commercial off-the-shelf (COTS), open source, outsourced code and crowd-sourcing as part of their application development and acquisition process - and therefore exposing these enterprises to unacceptable level of unbounded corporate risk.
  • Understand the major security implications to your application portfolio that come from third-parties like COTS vendors, outsourcers, crowd-sourcers, and open-source applications

  • Learn 5 best practices to help you manage the security of your application portfolio and the sources of your risk

  • Learn how you can cost-effectively manage the risk of built, bought or outsourced code without additional hardware, software or personnel investments
This webinar will discuss a cost-effective five-step process that enterprises can apply to their third-party application portfolio to gain visibility into their security state, meet regulatory requirements, and establish a third-party governance framework to protect their critical assets.

Background

Application Security is rising to the top of the agenda for Security and Engineering executives. According the Computer Emergency Response Team (CERT), 75% of new attacks target the application layer. The 2009 Verizon Data Breach report states that "Financial Services firms were singled out and fell victim to some very determined, very sophisticated and - unfortunately - very successful attacks in 2008. This industry accounted for 93% of the over 285 million records compromised".

One thing is clear - Application vulnerabilities are real and hackers are targeting industries that offer the best avenues for illicit monetary gains. At the same time, economic, competitive and time-to-market pressures are driving enterprises to use third-party commercial off-the-shelf (COTS), open source and outsourced code as part of their application development process.

While this mixed code base of unknown security quality may be an acceptable artifact of modern application development and acquisition, it pushes liability onto the enterprise resulting in an unacceptable level of unbounded corporate risk.

This webinar will discuss five cost-effective steps you can take to comprehensively assess your entire portfolio of software applications (whether bought, built internally, outsourced or crowd-sourced)while also meeting your governance, risk and compliance (GRC) requirements.

Special guest presenter, Sam King, VP of Product Marketing at Veracode, will provide insights as to the best practices that financial institutions are implementing to ensure the integrity of their application security posture while meeting GRC requirements.

Webinar Registration

This webinar is available OnDemand.

View Now


Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.