Application Security Testing

Video

Analyst Chat #107: From Log4j to Software Supply Chain Security

A new year, and 2022, like 2021, again begins with a look back at a far-reaching security incident. Cybersecurity Analyst Alexei Balaganski and Matthias take the topic of Log4j as an opportunity to look at code quality and cyber supply chain risk management. They also mention Mike Small's…

Blog

Log4j – How Well Did You Perform?

Over the past few weeks since this vulnerability was made public much has been written by many on what your organization should do about it.  This is not the end of the story; Apache has already released 3 patches for related vulnerabilities, and you need to be ready for the next one…

Video

Analyst Chat #103: Data-Centric Security

Lead analyst Alexei Balaganski joins Matthias for an episode on Data-Centric Security. Starting with a definition behind that term, they look at relevant technologies and market segments and discuss adequate ways of adding Data-Centric Security to an organization's cybersecurity strategy.

Video

Why Continuous API Security Is Key to Protecting Your Digital Business

In the era when data has replaced oil as the most valuable commodity, APIs have become an important logistical foundation of modern digital business. As a result, APIs have also become a popular target for cyber attackers, and therefore effective API security is essential. However, focusing…

Video

Analyst Chat #97: Low-Code/No-Code and the Citizen Developer

The idea of low-code/no-code (LC/NC) application development is for end users to create their own custom applications, perhaps using a graphical design tool, selecting from a library of existing building blocks, or perhaps even with the assistance of artificial intelligence. Alexei…

Blog

EIC Speaker Spotlight: Dave Mason on Future-Proofing Supply Chain Security

Dave Mason, Supply Chain Compliance and Serialization Lead at Novartis is to contribute to the panel entitled Futureproofing Pharmaceutical Supply Chain Security on Tuesday, September 14 starting at 6:00 pm at EIC 2021. To give you sneak preview of what to expect, we asked Dave some…

Blog

Low-Code Should Not Be Low-Effort for Vendors

The idea of low-code/no-code (LC/NC) application development seems to be extremely popular nowadays, to the point of it almost becoming a marketing buzzword similar, say, to “Zero Trust”. For decades, creating “proper” application software was a complex and tedious…

Virtual Event

Apr 20, 2021: IT-SIG 2.0: Wird uns das neue Sicherheitsgesetz vor einem Solarigate 2.0 schützen?

Nehmen Sie an der einstündigen virtuellen Sitzung von KCLive Vision teil, die Präsentation, Interview und offene Diskussion mit dem Teilnehmern kombiniert.

Video

Analyst Chat #64: Applying The Zero Trust Principle To The Software Supply Chain

Martin Kuppinger is one of the founders and the principal analyst of KuppingerCole and he is steering the overall development of the topics covered in KC's research, events and advisory. He joins Matthias to talk about the importance of extending Zero Trust to cover software security, for…

Blog

The Next Level of Zero Trust: Software Security and Cyber Supply Chain Risk Management

The recent SolarWinds incident has shed a light on an area of cybersecurity that is not frequently in focus. Better said, it is “again has shed a light”, if we remember the Heartbleed incident that happened back in 2014. Back then, my colleague Alexei Balaganski wrote in a blog…

Virtual Event

Mar 10, 2021: Rethinking the Risks in Your Software Supply Chain

Join KCLive Vision the 1-hour virtual session combining presentation, interview, and open mic discussion with the audience.

Video

Analyst Chat #61: Post-SolarWinds Software Security Strategies

More than a month into the post-SolarWinds-incident era Alexei joins Matthias to discuss further lessons learned and strategic approaches towards improving security in organizations depending on diverse cyber supply chains and their imminent threats. But they go beyond and look at the…

Video

Analyst Chat #60: The 2021 Trends in DevOps and Security

Although not really brand new, there are still a lot of interesting developments around DevOps when it comes to cybersecurity and more. Paul Fisher shares some trends and insights with Matthias and tells us what to expect in this rapidly evolving segment.

Video

Analyst Chat #59: Understanding the SolarWinds Incident and Recommended First Steps

The SolarWinds incident made the news in December 2020 and continues to impact many organizations. John Tolbert joins Matthias to give a short introduction of what decision makers need to know at this stage and which measures to look at first.

Blog

Putting Your First-Line Worker at the Center of Attention

Since the beginning of the Covid-19 crisis, the use of language in public life, in the press, and in everyday life has changed. Terms that were formerly confined to the circles directly affected by them are now much more common. For example, every informed and responsible citizen is now…

Blog

KuppingerCole Analyst Chat: The Dark Side of the API Economy

Matthias Reinwarth and Alexei Balaganski discuss the challenges of explosive API growth without proper security controls in place.

Video

Analyst Chat #9: The Dark Side of the API Economy

Matthias Reinwarth and Alexei Balaganski discuss the challenges of explosive API growth without proper security controls in place.

Hybrid Event

Sep 13 - 16, 2021: European Identity and Cloud Conference 2021

The European Identity and Cloud Conference returns fully digitalized, reacting to the global pandemic. We have collected a lot of experience in virtual conferencing throughout 2020 to be able to offer you a safe and hygienic event experience – on-site, virtual, and hybrid.

Video

Security in the Age of the Hybrid Multi Cloud Environment

The way is clear for the hybrid multi-cloud environment! With an increase in cloud services, the mitigation of cyber risks within such environments becomes paramount. The value of traditional security tools for cloud applications is very limited and the misconfiguration of cloud platforms…

Webinar

Jul 03, 2019: Security in the Age of the Hybrid Multi Cloud Environment

The way is clear for the hybrid multi-cloud environment! With an increase in cloud services, the mitigation of cyber risks within such environments becomes paramount. The value of traditional security tools for cloud applications is very limited and the misconfiguration of cloud platforms is…