Fortify Training Services. Securing Your Entire Software Portfolio FRAMEWORK*SSA
|
|
- Domenic McCarthy
- 8 years ago
- Views:
Transcription
1 Fortify Training Services Securing Your Entire Software Portfolio FRAMEWORK*SSA Fortify s holistic approach to application security truly safeguards our enterprise against today s ever-changing security threats. Craig Schumard, CISO, CIGNA
2 Framework*SSA Training TeamStart Training Philosophy Fortify s mission is to empower our customers to achieve Software Security Assurance (SSA). As part of a successful SSA initiative, all members of a software development organization need to understand both the fundamentals of software security and the tactical implications on their work. Fortify covers both of these key aspects through the TeamStart methodology, which bridges the gap between theory and practice to provide relevant training with high retention and effectiveness. As part of Framework*SSA, the TeamStart methodology has been developed from training engagements across Fortify s sizable customer base. TeamStart Workshops Our TeamStart training workshops feature proven, hands-on exercises and examples customized for your environment and organizational processes, and using your code. For each application, a member of Fortify s staff of security experts delivers a five-day on-site TeamStart workshop customized using your application source code, your programming language, and your build system. Each TeamStart is targeted at an application s development or security team. TeamStart is the most effective program option for enabling rapid success with Fortify 360. elearning Courses To support and scale a training initiative, Fortify offers a comprehensive elearning program aimed at promoting secure coding practices within all parts of a customer s development and security organizations. These self-paced sessions are rich in content and easy to deploy to large, distributed teams. They also provide a reference and refresher after an instructor-led TeamStart to promote retention, and they are effective in training new team members. Most enterprises lack formal secure development training programs. 57% of organizations don t have systematic training programs addressing application security training for their developers. - Forrester Study Application Risk Management in Business Survey
3 Fortify Training Program A Training Program for Software Security Success Fortify combines instructor-led TeamStart workshops and elearning courses to provide a comprehensive program for educating an application team on software security and use of Fortify 360. The recommended program below establishes a fundamental software security capability within an organization before teaching the organization how to use Fortify 360 to automate many security processes. To maximize the value of the TeamStart, product-focused elearning is recommended. Product-focused elearning courses reinforce learning objectives from the TeamStart while affordably scaling the Fortify 360 training initiative to new and non-critical participants of the development process. Additionally, custom or advanced training can be developed to address the specific software security needs of an organization. Recommended Stages of Learning ASSESS ADOPT MATURE SSA elearning COURSES Application Security Fundamentatals Secure Java or.net Coding FORTIFY TEAMSTART For Fortify 360 SCA or Fortify 360 RTA FORTIFY PRODUCT elearning Fortify 360 SCA with Eclipse or Visual Studio ADVANCED or CUSTOM TRAINING Ex: Advanced Auditing, Custom Rules The Path to Software Security Assurance SSA elearning Courses The SSA elearning Courses are recommended before the TeamStart workshop to ensure members of the development organization - including management, architects, product managers, business analysts, security team members, developers, quality engineers, and auditors - have the fundamental background in application security necessary to understand and appreciate the business impact of security vulnerabilities. The Secure Coding courses provide security team members, developers, and quality engineers the background in secure software development necessary for understanding security issues identified in Fortify 360. Fortify TeamStart The Fortify TeamStart builds on an application team s software security and secure coding knowledge to educate the team on best practices for using Fortify 360 in their specific application environment. A TeamStart workshop is limited to a single application team because a significant portion of the examples and exercises are based on the participant s application, providing a rich, relevant, and productive training experience. Fortify Product elearning Courses Fortify Product elearning Courses keep TeamStart knowledge fresh and actionable. Participants in a TeamStart will find the courses useful as a reference and refresher after completing the TeamStart. Fortify Product elearning courses are also useful for training new team members who will be joining an application team utilizing Fortify 360 or for team members who are not directly responsible for the security of their application. Advanced Custom Training The Fortify training program is the most effective method to educate an application team on developing secure applications with Fortify 360, but some advanced or custom topics may not be covered. For advanced software security concepts and Fortify 360 product usage, Fortify offers custom training classes to mature an application team s software security and Fortify 360 capabilities.
4 Fortify TeamStart Tailored Training Workshops for Software Security Assurance The Intersection of Theory and Practice Combining the benefits of rigorous theory and on-the-job practice, Fortify TeamStart is the most efficient and effective method of adopting Fortify 360 inside your organization. Fortify tailors each TeamStart to a specific application based on your actual source code and software development life cycle (SDLC) processes. Participants learn practical software security coding practices while remediating existing vulnerabilities in their application using Fortify 360. Why TeamStart? Rapid integration of Fortify technology into an SDLC often requires changes to existing SDLC processes as well as education on Fortify products. To accelerate adoption of the new products and processes, Fortify TeamStart training delivers participants the necessary head start with its speedy, proven methods. TeamStart Training Workshops On-the-Job Training Classroom Training Benefits Regardless of an application team s current level of comfort with coding secure software, a TeamStart workshop empowers your team to adopt SSA as an application best practice using Fortify products. To facilitate this learning, TeamStart workshops provide: Maximum training effectiveness through session customization Content focused on your environment, processes, and code Proven methods for rapid adoption of Fortify technology No wasted time, effort, or expense In a TeamStart, You Will Learn: Role-specific Fortify 360 product usage and process deployment Secure programming theory and practical application Common software security vulnerabilities to avoid Integration of Fortify 360 Server into SDLC workflows and processes Remediation and prevention using Fortify 360 Development techniques and practices for secure coding, in your language of choice
5 Fortify F200 TeamStart F200: Securing Software Using Fortify 360 SCA F200 TeamStart Workshop Benefits Completion of this course will empower your application teams to become operational with Fortify in the context of your unique environment. Throughout the course, participants are taught methods of developing secure code using Fortify 360 SCA. Each workshop features an expert instructor, hands-on exercises and custom training materials. This course is the fastest and most effective way to begin the process of identification and remediation of vulnerabilities within your applications source code. Programming Languages Offered: Java,.NET, and C/C++. Who Should Take this Class Developers, software architects, security professionals, and project managers who will use Fortify 360 SCA. There are no prerequisites,but to maximize value from this course, participants should have development experience in the course programming languages, build experience and some exposure to application security. This course is also intended for practitioners interested in Fortify s Associate Certification. In This Course, You Will Learn Secure programming theory and applications Development techniques and practices for secure coding Common software security vulnerabilities to avoid Language-specific techniques for writing secure software Identification and remediation of software vulnerabilities using Fortify 360 SCA Integration of Fortify 360 into software development workflows and processes Fortify 360 audit and remediation interfaces including Audit Workbench (AWB) and IDE Plug-ins Remediation processes using Fortify 360 Sample F200 TeamStart Workshop Outline Introduction to Software Security Need for risk management Basic vocabulary of application security How to locate relevant resources Understanding the OWASP Top 10 Impact of common vulnerabilities Strategies to address application security Current and future trends Demonstration of Common Vulnerabilities Review of sample code and its vulnerabilities Examples of common intrusions and hacks Remediation techniques, including Fortify 360 SCA Overview of Fortify 360 Source Code Analyzer (SCA) Review of SCA s functionality Walkthrough of translation, analysis, and scan models In-depth presentation of SCA s analyzers Customizing SCA scans using rule packs Understanding the value of FPR files Using Audit Workbench (AWB) Advantages of using AWB Primary features of this GUI environment Walkthrough of functionality Fortify 360 SCA with Command Line Interface (CLI) Tapping into features not available in AWB Creating scripts using SCA within a CLI environment Apache ANT integration Using IDE Plug-ins Review of language-specific IDE plug-ins Advantages of using plug-ins Building and interpreting Fortify Project (FPR) files Half-day exercise using your source code to perform an indepth analysis and interpretation of FPR files Putting product knowledge to the test in your development environment Hands-On Exercises Participants receive hands-on instruction using Fortify 360 SCA in their software environment. Exercises include: Identifying vulnerabilities in the participants software Installing and using IDE Plug-ins on developer machines Integrating Fortify 360 into the build environment Using Audit Workbench to diagnose results
6 Fortify elearning Courses Computer-Based Training for Reinforcement and Scale Fortify offers a comprehensive elearning program aimed at promoting secure coding practices within customers entire development and security organizations. These self-paced sessions are rich in content and easy to deploy to large, distributed teams. At the lowest cost per participant for training, Fortify s elearning courses are the most efficient option for training large teams. They also provide a education reinforcement after instructor-led TeamStarts, and are effective in training new team members. The Value of elearning Learning to write secure code and to effectively use Fortify 360 SCA to identify and prevent vulnerabilities can be challenging and time consuming. elearning is the most value-focused method of scaling your Fortify training initiative to the entire organization. Our best-in-class courses will affordably help your development and security teams understand software security problems and how to address them using Fortify products. Quick and easy to deploy, these courses fit the needs of all Fortify students at their own pace and schedule.we maximize your investment by addressing the root cause of vulnerabilities with pragmatic remediation methods. Fortify elearning courses are also valuable in reinforcing previous instructor-led training. As retention declines, a computer-based refresher keeps skills sharp by reintroducing advanced concepts and features.
7 Software Security Assurance (SSA) Courses Completion of this bundle of elearning courses empowers participants to reduce the security vulnerabilities in the software that they write and maintain. Participants will develop an improved understanding of application security and learn how to use this knowledge in their environment. Who should take these courses? Developers, software architects, security professionals, and project managers interested in developing secure applications. SSA COURSES F301: Application Security Fundamentals F302N: Secure.NET Coding F302J: Secure Java Coding This course opens participants eyes to the world of software security. Participants will learn the basics of software security, the vulnerabilities and threats that can attack applications, strategies for designing and building secure applications, and how to manage risk in their code and their SDLC. This course will educate participants to develop secure.net applications while avoiding common coding errors. Participants will learn leading practices in the eight security categories of authentication, authorization, auditing & logging, exception handling, session and state management, input validation, cryptography, and testing approaches. Similar to the Secure.NET Coding course, this course will educate participants on developing secure Java software while avoiding common vulnerabilities. Fortify Product Courses Upon completion of these courses, participants understand how Fortify 360 addresses their security problems and how to audit, analyze, and interpret the results of Fortify 360 SCA in their environment. Who should take these courses? All users of Fortify 360 SCA. FORTIFY PRODUCT COURSES F310E: Fortify 360 SCA with Eclipse F310V: Fortify 360 SCA with Visual Studio This course shows students how to install the Eclipse plug-in and use the plug-in to secure their code. Topics include how to audit, organize, and customize issues, how to use collaboration features, how to generate and customize reports, and how to troubleshoot problems during scanning. This course shows students how to install the Visual Studio plug-in and use the plug-in to secure their code. Similar to the Fortify 360 SCA with Eclipse module, topics in this module include how to audit, organize, and customize issues, how to use collaboration features, how to generate and customize reports, and how to troubleshoot problems during scanning.
8 In February 2009, Gartner positioned Fortify in the Leaders Quadrant in the Magic Quadrant for Static Application Security Testing (SAST). The report is available at Custom and Advanced Training Fortify offers custom and advanced training to meet your organization s specific software security needs. Fortify s team of software security specialists have taught a number of custom and advanced training sessions including Custom Rules training, Advanced SCA Auditing, and Advanced Enterprise Integration. Contact Fortify to develop a course plan for your specific needs. Fortify Certification Program Fortify has developed a certification process to ensure that your employees have mastered the basics of software security and understand how to use Fortify 360 SCA. Fortify reinforces the lessons taught in instructor-led training and elearning courses with a practical exam at either the Associate or Professional Levels. A Fortify Certification puts your team in position to deliver exceptional results. Talk to a Fortify Security Practice Manager to include the certification process in your training program. About Framework*SSA Framework*SSA provides the knowledge and practices necessary to achieve success with Software Security Assurance. It includes methodology, metrics, and assets that help organizations maximize the value of their Fortify investment. About Fortify Fortify s Software Security Assurance solutions protect companies and organizations from today s greatest security risk: the software that runs their businesses. Fortify reduces the threat of catastrophic financial loss and damage to reputation as well as ensuring timely compliance with government and industry mandates. Fortify s customers include government agencies and Global 2000 leaders in financial services, healthcare, e-commerce, telecommunications, publishing, insurance, systems integration and information technology. FORTIFY SOFTWARE INC. MORE INFORMATION IS AVAILABLE AT 2215 BRIDGEPOINTE PKWY. TEL: (650) SUITE 400 FAX: (650) SAN MATEO, CALIFORNIA CONTACT@FORTIFY.COM
Fortify. Securing Your Entire Software Portfolio
Fortify 360 Securing Your Entire Software Portfolio Fortify Fortify s holistic approach to application security truly safeguards our enterprise against today s ever-changing security threats. Craig Schumard,
More informationHP ESP Partner Enablement Fortify Proof of Concept Boot Camp Training
HP ESP Partner Enablement Fortify Proof of Concept Boot Camp Training HP and HP Enterprise Security Products are committed to your success as an HP Partner. In the Fortify Proof of Concept Boot Camp Training,
More informationSeven Practical Steps to Delivering More Secure Software. January 2011
Seven Practical Steps to Delivering More Secure Software January 2011 Table of Contents Actions You Can Take Today 3 Delivering More Secure Code: The Seven Steps 4 Step 1: Quick Evaluation and Plan 5 Step
More informationApplication Security Center overview
Application Security overview Magnus Hillgren Presales HP Software Sweden Fredrik Möller Nordic Manager - Fortify Software HP BTO (Business Technology Optimization) Business outcomes STRATEGY Project &
More informationPassing PCI DSS Section 6 Compliance
Passing PCI DSS Section 6 Compliance From Secure Payment Applications to Software Security Assurance Executive Summary If your company stores or processes credit card information, you must be able to demonstrate
More informationOpen Source Security Study How Are Open Source Development Communities Embracing Security Best Practices?
Open Source Security Study How Are Open Source Development Communities Embracing Security Best Practices? Fortify s Security Research Group and Larry Suto July 2008 Open Source Security Study WWW.FORTIFY.COM
More informationAccelerating Software Security With HP. Rob Roy Federal CTO HP Software
Accelerating Software Security With HP Rob Roy Federal CTO HP Software If we were in a cyberwar today, the United States would lose. Mike McConnell Former DNI, NSA. Head of Booz Allen Hamilton National
More informationHP Fortify Software Security Center
HP Fortify Software Security Center Proactively Eliminate Risk in Software Trust Your Software 92% of exploitable vulnerabilities are in software National Institute for Standards and Technology (NIST)
More informationIs your software secure?
Is your software secure? HP Fortify Application Security VII konferencja Secure 2013 Warsaw - October 9, 2013 Gunner Winkenwerder Sales Manager Fortify CEE, Russia & CIS HP Enterprise Security +49 (172)
More informationHP Fortify application security
HP Fortify application security Erik Costlow Enterprise Security The problem Cyber attackers are targeting applications Networks Hardware Applications Intellectual Property Security Measures Switch/Router
More informationLeveraging Network and Vulnerability metrics Using RedSeal
SOLUTION BRIEF Transforming IT Security Management Via Outcome-Oriented Metrics Leveraging Network and Vulnerability metrics Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965 Freedom
More informationHP Fortify Application Security Lucas v. Stockhausen PreSales Manager HP Fortify EMEA lvonstockhausen@hp.com +49 1520 1898430 Enterprise Security
HP Fortify Application Security Lucas v. Stockhausen PreSales Manager HP Fortify EMEA lvonstockhausen@hp.com +49 1520 1898430 Enterprise Security The problem Cyber attackers are targeting applications
More informationCapturing the New Frontier:
Capturing the New Frontier: How Software Security Unlocks the Power of Cloud Computing Executive Summary Cloud computing is garnering a vast share of IT interest. Its promise of revolutionary cost savings
More informationPassing PCI Compliance How to Address the Application Security Mandates
Passing PCI Compliance How to Address the Application Security Mandates The Payment Card Industry Data Security Standards includes several requirements that mandate security at the application layer. These
More informationBuilding on these core skills, customers can work on advanced concepts, such as:
OpenStack Training OVERVIEW OnX s OpenStack training courses provide a deep and practical understanding of all aspects of today s most popular cloud platform. Unlike other training providers, OnX offerings
More informationIBM Rational AppScan: Application security and risk management
IBM Software Security November 2011 IBM Rational AppScan: Application security and risk management Identify, prioritize, track and remediate critical security vulnerabilities and compliance demands 2 IBM
More information90% of data breaches are caused by software vulnerabilities.
90% of data breaches are caused by software vulnerabilities. Get the skills you need to build secure software applications Secure Software Development (SSD) www.ce.ucf.edu/ssd Offered in partnership with
More informationProduct Roadmap. Sushant Rao Principal Product Manager Fortify Software, a HP company
Product Roadmap Sushant Rao Principal Product Manager Fortify Software, a HP company Agenda Next Generation of Security Analysis Future Directions 2 Currently under investigation and not guaranteed to
More informationApplication Code Development Standards
Application Code Development Standards Overview This document is intended to provide guidance to campus system owners and software developers regarding secure software engineering practices. These standards
More informationBuilding Assurance Into Software Development Life- Cycle (SDLC)
Application Software Assurance Center of Excellence (ASACoE) Building Assurance Into Software Development Life- Cycle (SDLC) James Woody Woodworth Operations Chief, ASACoE & Sean Barnum, Principal Consultant
More informationSecurity Training Programs
Security Training Programs. www.emagined.com Overview According to numerous sources, nothing in the information security arena brings a better return on investment (ROI) than security training and awareness.
More informationVulnerability. Management
Solutions.01 Vulnerability Management.02 Enterprise Security Monitoring.03 Log Analysis & Management.04 Network Access Control.05 Compliance Monitoring Rewterz provides a diverse range of industry centric
More informationA Strategic Approach to Web Application Security The importance of a secure software development lifecycle
A Strategic Approach to Web Application Security The importance of a secure software development lifecycle Rachna Goel Technical Lead Enterprise Technology Web application security is clearly the new frontier
More informationHow to start a software security initiative within your organization: a maturity based and metrics driven approach OWASP
How to start a software security initiative within your organization: a maturity based and metrics driven approach Marco Morana OWASP Lead/ TISO Citigroup OWASP Application Security For E-Government Copyright
More informationApplication Security Testing as a Foundation for Secure DevOps
Application Security Testing as a Foundation for Secure DevOps White Paper - April 2016 Introduction Organizations realize that addressing the risk of attacks on their Website applications is critical.
More informationPerfecto Mobile. All rights reserved. www.perfectomobile.com/academy
Contents Overview... 2 Training Options... 2 Certification... 2 Prerequisites... 3 Perfecto Mobile Selenium WebDriver- SA Series... 4 Perfecto Mobile Automation PMA Series... 6 Perfecto Mobile UFT- UA
More informationThe Top Web Application Attacks: Are you vulnerable?
QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding
More informationRed Hat Training & Certification Tandem Solutions Presentation. Scott Stewart Training Partner Manager sstewart@redhat.com
Red Hat Training & Certification Tandem Solutions Presentation Scott Stewart Training Partner Manager sstewart@redhat.com History of Red Hat Training 1999-1 st Course Delivered in Raleigh, NC Red Hat Linux
More informationCoverity Services. World-class professional services, technical support and training from the Coverity development testing experts
Coverity Services World-class professional services, technical support and training from the Coverity development testing experts Coverity has helped over 1,100 customers around the globe assure the quality,
More informationRSA Archer Training. Governance, Risk and Compliance. Managing enterprise-wide governance, risk and compliance through training and education
RSA Archer Training Governance, Risk and Compliance Managing enterprise-wide governance, risk and compliance through training and education www.emc.com/rsa-training 1 RSA Archer Training Table of Contents
More informationContenu du Cours : IBM Mobile Application
Contenu du Cours : IBM IBM Middle East and Africa University IBM Copyright 2014 IBM CONFIDENTIAL - Why IBM? IBM MARKET LEADER IN THE MOBILE APPLICATION SPACE GARTNER Magic Quadrant Development Platforms
More informationAddressing FISMA Assessment Requirements
SOLUTION BRIEF Heeding FISMA s Call for Security Metrics and Continuous Network Monitoring Addressing FISMA Assessment Requirements Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965 Freedom
More informationVA SOFTWARE ASSURANCE PROGRAM OFFICE
VA Code Review Process elearning Module Start >> VA Code Review Process elearning Module Getting Started About Fortify About VA This section provides an introduction to this elearning course. This section
More informationThe AppSec How-To: Achieving Security in DevOps
The AppSec How-To: Achieving Security in DevOps How do you integrate security within a Continuous Deployment (CD) environment - where every 5 minutes a feature, an enhancement, or a bug fix needs to be
More informationVOLUME 3. State of Software Security Report. The Intractable Problem of Insecure Software
VOLUME 3 State of Software Security Report The Intractable Problem of Insecure Software Executive Summary April 19, 2011 Executive Summary The following are some of the most significant findings in the
More informationJBoss. choice without compromise
JBoss Enterprise Middleware choice without compromise JBOSS ENTERPRISE APPLICATION PLATFORMS: CHOICE WITHOUT COMPROMISE The JBoss open choice strategy In today s dynamic business world, the need to quickly
More informationVulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War
Vulnerability Risk Management 2.0 Best Practices for Managing Risk in the New Digital War In 2015, 17 new security vulnerabilities are identified every day. One nearly every 90 minutes. This consistent
More informationCisco Security Optimization Service
Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless
More informationGovernance, Risk, and Compliance (GRC) White Paper
Governance, Risk, and Compliance (GRC) White Paper Table of Contents: Purpose page 2 Introduction _ page 3 What is GRC _ page 3 GRC Concepts _ page 4 Integrated Approach and Methodology page 4 Diagram:
More informationYour world runs on applications. Secure them with Veracode.
Application Risk Management Solutions Your world runs on applications. Secure them with Veracode. Software Security Simplified Application security risk is inherent in every organization that relies on
More informationIntegrating Application Security into the Mobile Software Development Lifecycle. WhiteHat Security Paper
Integrating Application Security into the Mobile Software Development Lifecycle WhiteHat Security Paper Keeping pace with the growth of mobile According to the November 2015 edition of the Ericsson Mobility
More informationInfrastructure As Code: Fueling The Fire For Faster Application Delivery
A Forrester Consulting Thought Leadership Paper Commissioned By Microsoft March 2015 Infrastructure As Code: Fueling The Fire For Faster Application Delivery Table Of Contents Executive Summary... 1 Companies
More informationHP Application Security Center
HP Application Security Center Web application security across the application lifecycle Solution brief HP Application Security Center helps security professionals, quality assurance (QA) specialists and
More information1000 Projects later. Security Code Scans at SAP
1000 Projects later Security Code Scans at SAP About Us Ruediger Bachmann is a Development Architect at SAP AG working, as member of the central code analyses team, in the areas application security and
More informationBIRT Performance Scorecard Root Cause Analysis and Data Visualization The Path to Higher Performance
BIRT Performance Scorecard Root Cause Analysis and Data Visualization The Path to Higher Performance Best-in-Class Performance Management powered by Best-in-Class Business Intelligence BIRT Performance
More informationVulnerabilities: A 360 Degree Approach
Assessing Application Vulnerabilities: A 360 Degree Approach Dr. Brian Chess Founder and Chief Scientist Fortify ASSESSING APPLICATION VULNERABILITIES: A 360 DEGREE APPROACH WWW.FORTIFY.COM 1 Assessing
More informationeeye Digital Security Product Training
eeye Digital Security Product Training Retina CS for System Administration (4MD) This hands-on instructor led course provides security system administration/analysts with the skills and knowledge necessary
More informationBusiness Case Outsourcing Information Security: The Benefits of a Managed Security Service
Business Case Outsourcing Information Security: The Benefits of a Managed Security Service seccuris.com (866) 644-8442 Contents Introduction... 3 Full- Time Experts vs. a Part- Time In- House Staff...
More informationHIGH-IMPACT COMPLIANCE TRAINING SOLUTIONS
HIGH-IMPACT COMPLIANCE TRAINING SOLUTIONS LEGAL, HOSPITALITY, CARE, ES&H Skillsoft Global Compliance Solutions TRAINING AND FUNDING ARE THE KEYS TO EFFECTIVE PROGRAMMES Compliance programmes are used to
More informationThe Information Assurance Process: Charting a Path Towards Compliance
The Information Assurance Process: Charting a Path Towards Compliance A white paper on a collaborative approach to the process and activities necessary to attain compliance with information assurance standards.
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationPractical Applications of Software Security Model Chris Nagel
Practical Applications of Software Security Model Chris Nagel Software Security Consultant Fortify Software Introductions About Me: Chris Nagel Software Security Consultant With Fortify for 2+ Years Before
More informationStories From the Front Lines: Deploying an Enterprise Code Scanning Program
Stories From the Front Lines: Deploying an Enterprise Code Scanning Program Adam Bixby Manager Gotham Digital Science 10/28/2010 YOUR LOGO HERE Introduction Adam Bixby, CISSP, MS o Manager at Gotham Digital
More informationApplication Security 101. A primer on Application Security best practices
Application Security 101 A primer on Application Security best practices Table of Contents Introduction...1 Defining Application Security...1 Managing Risk...2 Weighing AppSec Technology Options...3 Penetration
More informationTraining Catalog: July - December 2015
Training Catalog: July - December 2015 Table of Contents Introduction to Vendavo University... 2 Open-Enrollment Training Schedule: July December 2015... 3 Application and Functional Courses... 4 Vendavo
More informationelearning for Secure Application Development
elearning for Secure Application Development Curriculum Application Security Awareness Series 1-2 Secure Software Development Series 2-8 Secure Architectures and Threat Modeling Series 9 Application Security
More informationSecurity Training-as-a-Service (STr-aaS) Service Details & Features
Security Training-as-a-Service (STr-aaS) Service Details & Features Importance of Information Security Training There is only one way to keep your product plans safe and that is by having a trained, aware
More informationSITUATIONAL AWARENESS MITIGATE CYBERTHREATS
Gaining the SITUATIONAL AWARENESS needed to MITIGATE CYBERTHREATS Industry Perspective EXECUTIVE SUMMARY To become more resilient against cyberthreats, agencies must improve visibility and understand events
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationAdobe Systems Incorporated
Adobe Connect 9.2 Page 1 of 8 Adobe Systems Incorporated Adobe Connect 9.2 Hosted Solution June 20 th 2014 Adobe Connect 9.2 Page 2 of 8 Table of Contents Engagement Overview... 3 About Connect 9.2...
More informationImproving Network Security Change Management Using RedSeal
SOLUTION BRIEF Mapping the Impact of Change on Today s Network Security Infrastructure Improving Network Security Change Management Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965 Freedom
More informationTotal Protection for Compliance: Unified IT Policy Auditing
Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.
More informationVision Solutions Migration Assurance Program
Vision Solutions Migration Assurance Program Migrations are Mission-Critical Whether you re starting a new migration services practice or upgrading your practice to Vision s industry-leading migration
More informationBraindumps.C2150-810.50 questions
Braindumps.C2150-810.50 questions Number: C2150-810 Passing Score: 800 Time Limit: 120 min File Version: 5.3 http://www.gratisexam.com/ -810 IBM Security AppScan Source Edition Implementation This is the
More informationThe Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency
logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011
More informationThe Value of Vulnerability Management*
The Value of Vulnerability Management* *ISACA/IIA Dallas Presented by: Robert Buchheit, Director Advisory Practice, Dallas Ricky Allen, Manager Advisory Practice, Houston *connectedthinking PwC Agenda
More informationIBM Rational AppScan Source Edition
IBM Software November 2011 IBM Rational AppScan Source Edition Secure applications and build secure software with static application security testing Highlights Identify vulnerabilities in your source
More informationLINUX / INFORMATION SECURITY
LINUX / INFORMATION SECURITY CERTIFICATE IN LINUX SYSTEM ADMINISTRATION The Linux open source operating system offers a wide range of graphical and command line tools that can be used to implement a high-performance,
More informationCOMMVAULT EDUCATION SERVICES
COMMVAULT EDUCATION SERVICES JANUARY - MARCH 2016 GLOBAL COURSE CATALOG NEW AND UPDATED OFFERINGS: DESIGNING A COMMCELL ENVIRONMENT; COMMCELL DEPLOYMENT AND CONFIGURATION; DATA SECURITY AND NETWORK CONTROL;
More informationAccelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
More informationRSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief
RSA Solution Brief RSA envision Platform Real-time Actionable Information, Streamlined Incident Handling, Effective Measures RSA Solution Brief The job of Operations, whether a large organization with
More informationHow Technology Supports Project, Program and Portfolio Management
WHITE PAPER: HOW TECHNOLOGY SUPPORTS PROJECT, PROGRAM AND PORTFOLIO MANAGEMENT SERIES 4 OF 4 How Technology Supports Project, Program and Portfolio Management SEPTEMBER 2007 Enrico Boverino CA CLARITY
More informationNETWORK SECURITY SOLUTIONS
NETWORK SECURITY SOLUTIONS Protecting Your Environment While Maintaining Connectivity OVERVIEW Network security and design is significantly more complex than it was even just a few years ago, and the pace
More informationWHITEPAPER Executive Summary Fortify Software WWW.FORTIFY.COM
Optimizing the Microsoft SDL for Secure Development Fortify Solutions to Strengthen and Streamline a Microsoft Security Development Lifecycle Implementation Executive Summary Developing secure software
More informationTHE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS
THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Collaboration and communication between technical
More informationStarting your Software Security Assurance Program. May 21, 2015 ITARC, Stockholm, Sweden
Starting your Software Security Assurance Program May 21, 2015 ITARC, Stockholm, Sweden Presenter Max Poliashenko Chief Enterprise Architect Wolters Kluwer, Tax & Accounting Max leads the Enterprise Architecture
More informationMeister Going Beyond Maven
Meister Going Beyond Maven A technical whitepaper comparing OpenMake Meister and Apache Maven OpenMake Software 312.440.9545 800.359.8049 Winners of the 2009 Jolt Award Introduction There are many similarities
More informationLeveraging a Maturity Model to Achieve Proactive Compliance
Leveraging a Maturity Model to Achieve Proactive Compliance White Paper: Proactive Compliance Leveraging a Maturity Model to Achieve Proactive Compliance Contents Introduction............................................................................................
More informationContinuous???? Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
???? 1 Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Application Delivery is Accelerating Surge in # of releases per app
More informationHow Virtual Compilation Transforms Code Analysis
How Virtual Compilation Transforms Code Analysis 2009 Checkmarx. All intellectual property rights in this publication are owned by Checkmarx Ltd. and are protected by United States copyright laws, other
More informationThe Operating System Lock Down Solution for Linux
The Operating System Lock Down Solution for Linux The Challenge: Meeting Organizational Security Requirements Linux Operating System Security Operating system (OS) security is a priority for System Administrators
More informationTable of contents. 1. Introduction. 1.1 Training Products. 1.2 Training Enrollment. 2. Advanced Architect Course. 3.
Table of contents 1. Introduction 1.1 Training Products 1.1.1 Certification Courses 1.1.2 Tailored Training Sessions 1.1.3 Self-paced Online Training 1.2 Training Enrollment 1.2.1 How to enroll? 1.2.2
More informationLearning Course Curriculum
Learning Course Curriculum Security Compass Training Learning Curriculum. Copyright 2012. Security Compass. 1 It has long been discussed that identifying and resolving software vulnerabilities at an early
More informationAutomatic vs. Manual Code Analysis
Automatic vs. Manual Code Analysis 2009-11-17 Ari Kesäniemi Senior Security Architect Nixu Oy ari.kesaniemi@nixu.com Copyright The Foundation Permission is granted to copy, distribute and/or modify this
More informationHEALTHCARE SECURITY AND PRIVACY CATALOG OF SERVICES
HEALTHCARE SECURITY AND PRIVACY CATALOG OF SERVICES OCTOBER 2014 3300 North Fairfax Drive, Suite 308 Arlington, Virginia 22201 USA +1.571.481.9300 www.lunarline.com OUR CLIENTS INCLUDE Contents Healthcare
More informationClickSoftware Training Offering For Customers
ClickSoftware Training Offering For Customers pg. 1 2015 ClickSoftware Technologies Ltd. All rights reserved About ClickSoftware Customer Training Services ClickSoftware Customer Training Services provides
More informationIntegrated Threat & Security Management.
Integrated Threat & Security Management. SOLUTION OVERVIEW Vulnerability Assessment for Web Applications Fully Automated Web Crawling and Reporting Minimal Website Training or Learning Required Most Accurate
More informationSymantec Consulting Services
GET MORE FROM YOUR SECURITY SOLUTIONS Symantec Consulting 2015 Symantec Corporation. All rights reserved. Access outstanding talent and expertise with Symantec Consulting Symantec s Security Consultants
More informationImplementing a Data Warehouse with Microsoft SQL Server 2012
Course 10777A: Implementing a Data Warehouse with Microsoft SQL Server 2012 Length: Audience(s): 5 Days Level: 200 IT Professionals Technology: Microsoft SQL Server 2012 Type: Delivery Method: Course Instructor-led
More informationFeature. Log Management: A Pragmatic Approach to PCI DSS
Feature Prakhar Srivastava is a senior consultant with Infosys Technologies Ltd. and is part of the Infrastructure Transformation Services Group. Srivastava is a solutions-oriented IT professional who
More information5 Reasons Why Your Security Education Program isn t Working (and how to fix it)
5 Reasons Why Your Security Education Program isn t Working (and how to fix it) February 2015 Presentation Agenda 5 Reasons Your Program isn t Working 10 Learning Science Principles Continuous Training
More informationDevelopment Testing for Agile Environments
Development Testing for Agile Environments November 2011 The Pressure Is On More than ever before, companies are being asked to do things faster. They need to get products to market faster to remain competitive
More informationBusiness resilience: The best defense is a good offense
IBM Business Continuity and Resiliency Services January 2009 Business resilience: The best defense is a good offense Develop a best practices strategy using a tiered approach Page 2 Contents 2 Introduction
More informationUpdating Your Skills from Microsoft Exchange Server 2003 or Exchange Server 2007 to Exchange Server 2010 Course 10165; 5 Days, Instructor-led
Updating Your Skills from Microsoft Exchange Server 2003 or Exchange Server 2007 to Exchange Server 2010 Course 10165; 5 Days, Instructor-led Course Description There are two main reasons for the course.
More informationTenable Enterprise Product Training
Tenable Enterprise Product Training Tenable Unified Security Monitoring for Analysts (5MD) This hands-on instructor led course provides security analysts with the skills and knowledge necessary to discover
More informationEssentials of Training. Your resource for Education Services
Essentials of Training Your resource for Education Services Introduction As the educational arm of Enterprise Software, our mission is to empower Customers through premier, customer-centric educational
More informationMastering Continuous Integration with Jenkins
1. Course Objectives Students will walk away with a solid understanding of how to implement a Continuous Integration (CI) environment with Jenkins, including: Setting up a production-grade instance of
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationRequirements When Considering a Next- Generation Firewall
White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration
More information