Closing Critical Blind Spots in Your SDLC; A Guide to Securing Development Pipelines with ASPM

Software supply chain risks are fueling a data breach epidemic according to Verizon’s DBIR, which calls for higher standards for software security. Given the complexity of modern cloud native application stack and the reliance on CI/CD pipelines being the central mechanism used for software delivery, it’s a daunting task to gain visibility and risk context across the entire software factory.

Organizations are already struggling with unifying a set of disjointed capabilities across multiple tools to identify and mitigate code and deployment artifact risks across the SDLC. They also often overlook the importance of protecting the deployment pipeline itself.

How can you aggregate, contextualize, and prioritize risk of your application artifacts and ensure they are not tampered with as they flow through your deployment pipeline?

Join us as we bring two security leaders together to discuss the importance of securing your CI/CD Pipeline. You’ll learn about how they’re solving critical visibility gaps in software supply chain security by integrating secrets scanning and CI/CD Pipeline security into ASPM.

Hear from Rory McEntee, Product Security Lead at Cribl & Cycode Field CTO and DevSecOps expert Jimmy Xu on:

• Why securing your deployment pipelines are so important – scanning beyond code to find all secrets, even in build logs, kubernetes clusters, version histories, harden configurations to prevent compromise of the pipeline etc
• How to unify visibility and risk across the SDLC and prioritize the critical 1% – with risk scoring, proximity to PII, likelihood of exposure
• Empower Developers – How to empower developers to be security minded and take ownership in building quality into their applications, including security
  

When:

November 13 – 12pm ET | 9am PT

Presented by:

Jimmy Xu

Field CTO

Rory McEntee

Product Security Leader, Cribl