[Webinars] Tech due diligence, IAST, and government software
Learn about web services and APIs in tech due diligence, the magic of IAST, and software risks for DoD and government agencies in our upcoming webinars.
Growth of Web Services & APIs and the Risks in M&A
Just like most software assets contain open source, modern software applications commonly link to external web services via APIs. By using web services, developers may be inadvertently signing their companies up to terms of service or using a web service without a suitable agreement. And using these services can expose a company to security, data privacy, and operational risks that could disrupt or severely affect the business. As part of the tech M&A due diligence process, you should be aware of these web services-related risks so that you can make informed decisions about deal valuation and remediation.
Learn about the risks of web services in our tech due diligence webinar
Join Tony Decicco, shareholder at GTC Law Group and Affiliates, and Phil Odence, GM of Black Duck Audits, as they discuss the types of risk associated with web services and how they can affect an M&A transaction. They’ll cover:
- Typical terms of service and common pitfalls
- The legal compliance, data privacy, security, and business risks that come with web services
- Real-world examples of these risks
- How a buyer can get a better understanding of these risks in a target’s codebase or a seller can prepare for diligence to avoid risks in this area
What: Growth of Web Services & APIs and the Risks in M&A
When: May 22 @ 2 p.m. Eastern / 11 a.m. Pacific
Who: Tony Decicco, Shareholder, GTC Law Group and Affiliates; Phil Odence, GM of Black Duck Audits, Synopsys
AppSec Hype or Reality? Demystifying IAST
Are you struggling with application security testing? Do you wish it were easier, faster, and better? Join us to learn more about IAST, a next-generation AppSec tool that provides highly accurate, real-time vulnerability results without the need for application or source code scans.
Learn about the future of AppSec in our IAST webinar
Learn how this nondisruptive tool can:
- Run in the background and report vulnerabilities during functional testing, CI/CD, and QA activities.
- Prioritize and triage vulnerability findings in real time with 100% confidence.
- Fully automate secure code delivery and deployment, without the need for extra security scans or processes.
- Free up development and security resources to focus on strategic or mission-critical tasks and contributions.
What: AppSec Hype or Reality? Demystifying IAST
When: May 22 @ 12 p.m. Eastern / 9 a.m. Pacific
Who: Asma Zubair, Senior Product Management Manager, Synopsys; Kimm Yeo, Senior Product Marketing Manager, Synopsys
Mitigating Risks Throughout the Lifecycle for Government Agencies
As the cyber threat landscape evolves and external dependencies grow more complex, managing risks to enterprise and connected embedded systems requires more than reactive measures. Many organizations proactively reduce attack surfaces in their cyber supply chain and assets targeted for exploitation. IT asset management should leverage automated means to detect weaknesses and vulnerabilities in software.
Learn how to mitigate risks in our government software webinar
Addressing cyber supply chain dependencies enables the hardening of attack surfaces by comprehensively identifying exploit targets, understanding how assets are attacked, and providing responsive mitigation. Automation tools and services, testing and certification programs now provide means to reduce risk attributable to exploitable software. This presentation addresses means of using information to prioritize mitigation efforts focused on reducing exploitable attack vectors; enabling organizations to proactively harden their attack surface and become more resilient in the face of growing threats and asymmetric attacks.
What: Mitigating Risks Throughout the Lifecycle for Government Agencies
When: May 21 @ 12 p.m. Eastern / 9 a.m. Pacific
Who: Joe Jarzombek, Director for Government, Aerospace & Defense Programs, Synopsys
*** This is a Security Bloggers Network syndicated blog from Software Integrity Blog authored by Synopsys Editorial Team. Read the original post at: https://www.synopsys.com/blogs/software-security/webinars-may-20-25/
