Featuring our trusted partner
There is no AppSec silver bullet. Each analysis type – static analysis, dynamic analysis, software composition analysis, interactive analysis, and penetration testing – has a role to play, and they all work together to fully secure your application layer. The different analysis types have different strengths in finding security issues, and they lend themselves to different stages of the SDLC.
For instance, we recommend that you shift left to catch issues as early as possible because they are cheaper to fix. However, when scanning only parts of the application, you don’t have the full scope of the application. It’s like providing feedback on a book having read a single chapter. You can provide feedback if it makes sense, but you can’t assess it in the context of all of the other chapters. The same is true for application security. That’s why you need to scan parts early but also scan when the application is fully assembled.
Join Aaron Schneider, Senior Mobile Solution Architect (Qualitest) and Tom Smith, Solution Architect (Veracode), who will discuss:
Aaron specializes in mobile automation solutions and is responsible for developing innovative solutions to customer requirements. He has worked with companies from small start-ups to large enterprises, uncovering complex requirements and then building and executing successful custom solutions.
Tom Smith is a Solution Architect and keen technologist with over 12 year’s of industry experience delivering security consultancy across a wide range of industry verticals. Tom saw the DevOps movement as an unmistakable sign that the industry was evolving with traditional security technologies and methods being left behind. He turned to application and cloud security to further his goal of spreading the benefits of DevSecOps.
Hardik helps clients’ drive Agile-DevOps transformation, and build high-performing globally distributed teams. He is a SAFe® Program Consultant (SPC) who leads all levels of an organization through a Lean-Agile transformation at scale by training, coaching, facilitating, and mentoring.In his current role as Associate Vice President, Hardik oversees Professional Services Delivery Management in US, UK, Romania and India. He is currently leading a team of about 130+ people, spread across five different time zones.
Qualitest is the world's largest independent, pure-play quality assurance company. We enable every client and every brand to navigate an ever-changing world by delivering smarter quality assurance and testing solutions to meet their precise technology needs -- mitigated of risk, exceptional to use and ready to perform. Quality assurance is at the core of our business and everything that we do. Our team of focused specialists provides a broad service offering that goes beyond functional testing to encompass automation, reliability, usability, AI, and other innovations.
Veracode delivers the application security solutions and services today’s software-driven world requires. Veracode’s unified platform assesses and improves the security of applications from inception through production so that businesses can confidently innovate with the web and mobile applications they build, buy and assemble as well as the components they integrate into their environments. Learn more at www.veracode.com