Join host Robert Blumen and Luis Rodríguez, CTO of Xygeni.io for a discussion of the recently thwarted attempt to insert a backdoor in the SSH (Secure Shell) daemon. OpenSSH is a popular implementation of the protocol used in major Linux distributions for authentication over a network. The conversation explores the mechanism of the attack through modifying a function table in the runtime; how the attack was inserted during the build and much more!
This must-watch episode will dive deep into: the urgent need for secure applications in light of the growing number of data breaches and vulnerabilities; the current challenges of building secure, scalable software, including siloed workstreams, communication gaps between remote teams, and the risks associated with integrating open-source software (OSS); effective strategies for orchestration and automation to streamline your security processes and the importance of threat modeling and alert systems in a world of "alert fatigue" – learn how to cut through the noise and focus on the most critical threats. Don't miss out!
Despite the critical role of OSS, its integration is fraught with security challenges. Recent reports highlight a surge in malware attacks targeting OSS, with incidents rising by 633% in 2022 and continuing to grow by 245% in 2023. Traditional security measures, which rely heavily on identifying known vulnerabilities through Common Vulnerabilities and Exposures (CVEs), are proving insufficient. These measures often involve delays in vulnerability reporting, limited coverage, and an inability to detect sophisticated and zero- day threats...
DORA Digital Operational Resilience Act sets rigorous standards to improve the operational resilience of the financial sector across the European Union. As your organization prepares for DORA compliance by January 2025, understanding its requirements and implementing the right solutions is critical and Xygeni can help you out. Xygeni offers a set of cutting-edge solutions tailored to ensure comprehensive compliance with the DORA framework. Our platform will enhance your institution’s capabilities in risk management ...
The fourth edition of SafeDevTalks features leading cybersecurity experts Derek Fisher, Abhilasha Sinha, and Luis Rodriguez. This episode will delve into the critical topic of reliance on third-party and open-source components in software development, revealing the hidden vulnerabilities and emerging threats. Join us to learn more about hidden vulnerabilities, expanding threats, real world breaches and much more!
Join Luis Rodríguez, CTO of Xygeni, and Luis Manuel García, Sales Support Manager, in this Webinar about Secure CI/CD. Learn from our experts how to adopt OWASP best practices to strengthen the security of your CI/CD and protect your software supply chain. Protect your CI/CD and software supply chain with OWASP. They will talk about Inventory and Analysis, CI/CD Risks, Detection and Prevention among many other things!
Join James Berthoty on an insightful journey into the heart of Xygeni's pioneering Advanced Software Protection Management. In his latest video, James transitions from exploring upstream malware detection to revealing our cutting-edge strategies. With his extensive experience in pen-testing, he offers a unique perspective on maintaining repository health and navigating real-world supply chain threats. Don't miss out on his expert insights—your guide to understanding the complexities of ASPM like never before.
Application Security Posture Management (ASPM) is gaining traction day by day. However, its specific functionalities might not be entirely clear for everybodySecure your spot now! Join our SafeDev Talk “Do you need ASPM in your life?” with cybersecurity experts James Berthoty, William Palm and Jesus Cuadrado to explore the potential of ASPM as a holistic application security solution and keep empowering your organization!
Software supply chain attacks are becoming increasingly prevalent and devastating, with Gartner predicting that 45% of all businesses will experience a breach by 2025. Cybersecurity Ventures further underscores the gravity of this threat, projecting a staggering $138 billion in annual damages caused by software supply chain attacks by 2031.These alarming forecasts highlight the urgent need for organizations to prioritize their SSCS. Learn how!
Join us for "Demystifying SBOM Security," where cybersecurity experts Jennifer Cox, Santosh Kamane and Jesus Cuadrado will reveal the importance of SBOM in enhancing software quality, and security, and ensuring compliance. This webinar is essential for gaining knowledge on how to secure your software supply chain effectively. Learn how easily you can empower Your Software Security Posture!
Unlock key insights into the evolving landscape of Software Supply Chain Security. Dive into the challenges, threats, and anticipated trends of 2024 – your guide to navigating the complex web of cybersecurity. Outstanding Facts in Numbers: Discover the numerical landscape of software supply chain security – facts that illustrate the gravity of the situation. Evolution of Bad Actors...
Listen to Neuco's The Cyber Security Matters Podcast episode on "The new challenge in software security: how to keep devops running while not falling under supply chain attacks" with Luis Rodriguez, CTO at Xygeni, and explore the changing challenges of securing the software supply chain.
Thoughtworks, Codurance and Xygeni experts will share their insights on Software Supply Chain Security in 2024. Elevate your security posture and safeguard your business’s reputation and continuity. Are you ready for the evolution of Software Supply Chain Security in 2024?
Securing your Infrastructure as Code (IaC) is essential in software development because misconfigurations and vulnerabilities can seriously harm your systems and give hackers opportunities to attack. Xygeni’s IaC security tools help prevent these issues before they become problems, reducing the risk of data exposure and cutting down on expensive fixes...
Xygeni’s unique capabilities provide complete visibility in the software supply chain, enabling a systematic process for assessing the risks associated with their software supply chain, identifying and prioritizing the most critical components, and evaluating and improving their global and detailed security posture at an effective and efficient effort ...
Our comprehensive whitepaper delves into the intricacies of NIST SP 800-204D for Comprehensive SSCS Practices and their significance in today’s software development environment. Through this insightful guide, you will gain valuable knowledge on how to leverage NIST guidelines to: Strengthen Software Supply Chain Security,...
Xygeni Secrets Security acts as your reliable protector, designed to prevent the leakage of critical secrets like passwords, API keys, and tokens. As cyber threats constantly evolve, it’s vital to have a solution that not only detects but actively prevents leakages before they lead to a breach. Xygeni enables your teams to work with confidence, ensuring that your development secrets are kept secure...
The frequency and impact of software supply chain attacks have surged, emphasizing the need for stringent CI/CD security. Recent statistics reveal a staggering 742% increase in such attacks from 2019 to 2022, with forecasts suggesting that 45% of organizations will be affected by 2025. ..
Xygeni’s Application Security Posture Management (ASPM) helps address these challenges by integrating accurate proprietary scanning with advanced prioritization capabilities. By considering context information such as asset relationships, severity, exploitability, exposure, business impact, and other customer-defined criteria, Xygeni reduces unnecessary noise...
You were not able to make it to the RSA Conference 2024 in San Francisco? No problem! Watch our exclusive webinar and get ahead of some of the most critical trends in cybersecurity, from changes in CISO roles to leading cyber-defense state-of-the-art developments—all at your desk. In this webinar, you will deep dive into the most updated insights and strategies that the cybersecurity world has to offer!
Xygeni’s Open Source Security solution is essential. It scans and blocks harmful packages upon publication, dramatically reducing the risk of malware and vulnerabilities infiltrating your systems. Our comprehensive monitoring spans multiple public registries, ensuring all dependencies are scrutinized for safety and integrity. Xygeni also enhances your team’s ability...
Xygeni’s Anomaly Detection platform provides an additional layer of security by continuously monitoring and analyzing activities within your SCM and CI/CD infrastructure to identify and respond to unusual behavior quickly. Xygeni detects anomalies that indicate unauthorized modifications, access, or exploitations in real time. This proactive approach ensures ...
Join this second episode of the CI/CD webinars featuring Luis Rodríguez, CTO, and co-founder of Xygeni, and Luis Manuel García, Sales Support Manager. In this session, we will explore the “blue team” perspective of CI/CD security, diving deep into actionable steps organizations can take to enhance their security posture ...
In this rapidly evolving digital landscape, the security of your software supply chain is more critical than ever. As new attack tactics emerge, it’s crucial to stay ahead of the curve and arm yourself with the latest protection strategies In this webinar, Luis Rodriguez will guide you ...
In the rapidly evolving world of software development, securing the software supply chain has become a critical concern. This eBook provides a comprehensive guide to understanding and mitigating the threats to the software supply chain, with a particular focus on Continuous Integration/Continuous Deployment (CI/CD) systems...