Java Runtime Protection Webinar Series

calendar icon Tue – Jan 17th – Mar 28th time icon 10 AM PST

book a meeting icon

Join us in this mini-webinar series to learn more about how to drastically reduce the attack surface of your software supply chain with SCA Runtime Protection, which will be hosted by Jim Manico, appsec guru & OWASP leader.

We created this series to inform, show step-by-step, and demonstrate why  Runtime Protection is the best option to reduce supply chain risk and ensure a good night’s sleep before patching.

Each session features a 20-minute presentation & 10-minutes of Q+A.  Check what we have prepared for you:

#1 – Patching takes time, sometimes forever.  What can you do now?
  • Most known exploits (CVEs) are patchable, but some aren’t 
  • Patching can take time, easily weeks or even months
  • Java Runtime Protection buys time and offers a solution without patching

Tuesday, January 17th at 10AM PST

#2- Reduce 3rd-party Risk Proactively:  Harden your applications from zero-day attacks
  • Use Runtime Monitor to identify all unused software in your apps 
  • Block all unneeded Java libraries and functions from rogue execution
  • Don’t wait for a CVE tomorrow, break your attackers’ kill chains and reduce your exposure today with SCA Runtime Protection from Mergebase.

Tuesday, January 31st at 10AM PST

#3- WAF vs Runtime Protection (RP):  Do I need both?  What’s best?
  • While different, there is some overlap; ideally, you would have both.
  • RP is inside, while WAF is the perimeter.  RP is precise, while WAF is fuzzy
  • WAF is more expensive to scale and time-consuming to maintain

Tuesday, February 14th at 10AM PST

#4- RASP vs Runtime Protection:  Do I need both?  What’s best?
  • RP is inside, while RASP is outside.  RP is simple, while RASP is complex
  • RASP is looking for attacks, while RP monitors or blocks libraries & functions
  • RP blocks Java exploits, while a RASP may allow them if they look valid

Tuesday, February  28th at 10AM PST

#5- Runtime Protection Tutorial: From Risky to Safe in 15 minutes
  • ID & Monitor:  New Java CVE released today by MITRE.  Am I at risk? 
  • Block:  What do I have to do in Mergebase to be safe before patching?
  • Unblock:  After patching, removing the block bit

Tuesday, March  14th at 10AM PST

#6- Break Attacks’ Kill Chain on Unknown Software Supply Chain Exploits
  • Use Runtime monitoring to identify all unused software in your apps
  • Proactively block all unneeded Java libraries and functions from execution
  • You have now reduced the attack surface by hardening your applications

Tuesday, March  28th at 10AM PST

Join us to learn how to reduce supply chain risk and ensure a good night’s sleep before patching.

Can’t make it? Sign up anyway, we’ll send you a link to the webinar recording to your inbox once it’s ready.

Preparing for a webinar and want to know more about runtime protection?  Check our datasheet.


CTO & co-founder at MergeBase                        
Julius Musseau

CTO & co-founder at MergeBase

CEO at Manicode, former OWASP Global Board Member                        
Jim Manicode

CEO at Manicode, former OWASP Global Board Member

Strategic Advisor at MergeBase                        
Shannon James Smith

Strategic Advisor at MergeBase


Fill out the form below and register for the webinars.

Date: Tuesday – Every two weeks.
Time: 10 A.M PST


Discover More from MergeBase

Open Source Protection

Stay on top of the real risk of open source at any time.

Avoid false positives and get sophisticated upgrade guidance based on risk, compatibility and popularity.

More on Continuous Protection

Add RunTime Protection

Detect and defend against known-vulnerabilities at runtime. The only SCA to do so.

The quickest way to respond to an imminent threat like log4j with CVE-2021-44228.

More on Run-time Protection

Shift Left Now

CodeGreen is an early-warning defence for your in-house development and integrates directly into GitHub and BitBucket

More on BitBucket and Github apps