[Webinars] Open source, threat modeling, Node.js security
Hear about the state of open source in our Red Hat partner webinar, discover our approach to threat modeling, and learn how to secure Node.js applications.
The State of Open Source with Synopsys and Red Hat
The adoption of open source continues to grow rapidly, both in market share and in its strategic importance to businesses. Understanding how organizations use open source and do so in a way that minimizes risk is therefore essential to both an overall IT strategy and cyber security response plans. These are among the topics we’ll investigate in this joint webinar from Red Hat and Synopsys. Drawing from Red Hat’s The State of Enterprise Open Source report, technology evangelist Gordon Haff will explain why IT decision makers value open source so highly and the processes that commercial open source vendors put in place to protect their customers from vulnerabilities.
At the same time, changing development practices and escalating threats mean that security remains a concern with respect to open source software, as it is for IT more broadly. Tim Mackey, Principal Security Strategist from Synopsys will walk through findings from the Synopsys 2020 Open Source Security and Risk Analysis report with an eye on how teams can use the data to inform their overall open source governance plans.
We’ll close with some practical advice about getting the most value from open source software while keeping your organization safe.
What: The State of Open Source with Synopsys and Red Hat
When: Tuesday, Aug. 11 @ 1 p.m. Eastern / 10 a.m. Pacific
Who: Tim Mackey, Principal Security Strategist, Synopsys; Gordon Haff, Technology Evangelist, Red Hat
Threat Modeling: A Synopsys Approach
Including threat modeling early in the software development process can ensure your organization is building security into your applications. For applications that are further along in development or currently launched, it can help you pinpoint the need for additional security testing.
Threat modeling identifies the types of threats that are applicable in the context of the application and its environment. Knowledge of such threats, along with their likelihood and impact, enables us to secure our design in anticipation, identify security requirements early, and inform downstream security testing.
There are many threat modeling approaches out there. In this webinar, we provide insights into Synopsys’ threat modeling approach, which has evolved as we’ve conducted threat assessments for various types of applications for our clients.
What: Threat Modeling: A Synopsys Approach
When: Wednesday, Aug. 12 @ 9 a.m. Eastern / 3 p.m. CEST
Who: Chandu Ketkar, Senior Consultant, Synopsys; Andre Joseph, Consultant, Synopsys
This DoS Goes Loop-di-Loop
Do you know the common ways Node.js applications may be vulnerable to denial-of-service attacks?
The single-threaded nature of Node.js makes it very susceptible to DoS attacks. While the Node.js event loop allows you to perform some operations asynchronously, it’s still quite easy to write a vulnerable Node.js application by making a few simple mistakes.
In this talk, we’ll cover some common ways a Node.js application may be vulnerable to DoS attacks and some common best practices and countermeasures to defend against such attacks.
What: This DoS Goes Loop-di-Loop
When: Thursday, Aug. 13 @ 11:30 a.m. Eastern / 8:30 a.m. Pacific
Who: Allon Mureinik, Senior Manager, Synopsys
*** This is a Security Bloggers Network syndicated blog from Software Integrity Blog authored by Synopsys Editorial Team. Read the original post at: https://www.synopsys.com/blogs/software-security/webinars-aug-10-14/