Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Victor Marginean from Argus Cyber Security will speak about the importance of end-to-end security verification, including fuzzing on SW and real interfaces. He will present how this can be used as a pillar integrated as part of the CI/CD and how it can also be monitored from the Vehicle Security Operating Centers used by OEMs. Victor presented this talk at FuzzCon Europe - Automotive Edition 2022. Learn more about this and more talks at fuzzcon.eu.

In their talk, René Palige and Rosemary Joshy from Continental will share some insights on how they utilized fuzzing to improve overall software quality and how this can be integrated into existing verification and validation processes. They will further describe some of their experiences while applying coverage-guided fuzzing in ongoing automotive projects, what challenges they faced and how they overcame them.

In this talk, Andreas Weichslgartner from CARIAD will show how contemporary software engineering can help to write more secure code and detect vulnerabilities already during development. He will revisit historical vulnerabilities in the automotive space and take a look at common classes of bugs present in embedded software. Using these examples, he will show how modern programming language evolution and tooling can tackle and prevent these issues.

All organizations should have access to the skills needed to detect and contain threats. But typically, only the very largest enterprises can afford the millions in annual staff and infrastructure investments required to maintain a 24x7 Security Operations Center.

How do you secure your Docker containers against the latest vulnerabilities? What tools help your containers stay secure from the #Dockerfile through the runtime? Where is scanning most effective in the container lifecycle? We compiled a short list of security best practices to keep your #containers safe and answer these questions.

In this video, you will learn how to generate Veracode API credentials in the Veracode Platform and configure an API credentials file for storing your API credentials on Windows. Veracode API credentials consist of an ID and secret key. You use these credentials to access the Veracode APIs and Veracode integrations. API ID and key authentication provides improved security and session management for accessing the APIs.

Datadog Application Security Management allows you to quickly detect and remediate meaningful attacks targeting your application. This demo shows you how Application Security Management can help you identify at-risk services, block authenticated bad actors, and view code-level vulnerabilities to take action fast.

Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.

Li Yuekang from NTU Singapore, & Dr. Sheikh Mahbub Habib from Continental present this talk. Software testing typically requires these three steps: Researchers have been focusing on improving the test case generation and execution feedback analysis while the topic of target program execution is under-studied, because executing the target program seems to be an easy task. However, through industry practice, they find that target program execution can be challenging for libraries or IoT software.

Collecting information on cyber threats and analysing data on a regular basis is essential to ensure your defenses are tight and to allow you to pre-empt potential attacks. Richard Cassidy and Josh Davies, experts in the cyber threat intelligence field, join us today to discuss how collaboration between cyber professionals when it comes to data and intelligence is essential for keeping your environment secure in a world where threats evolve on a daily basis.