Java Runtime Protection Webinar Series

Join us in this mini-webinar series to learn more about how to drastically reduce the attack surface of your software supply chain with SCA Runtime Protection, which will be hosted by Jim Manico, appsec guru & OWASP leader.

We created this series to inform, show step-by-step, and demonstrate why  Runtime Protection is the best option to reduce supply chain risk and ensure a good night’s sleep before patching.

Each session features a 20-minute presentation & 10-minutes of Q+A.  Check what we have prepared for you:

#1 – Patching takes time, sometimes forever.  What can you do now?

• Most known exploits (CVEs) are patchable, but some aren’t 
• Patching can take time, easily weeks or even months
• Java Runtime Protection buys time and offers a solution without patching

Tuesday, January 17th at 10AM PST

#2- Reduce 3rd-party Risk Proactively:  Harden your applications from zero-day attacks

• Use Runtime Monitor to identify all unused software in your apps 
• Block all unneeded Java libraries and functions from rogue execution
• Don’t wait for a CVE tomorrow, break your attackers’ kill chains and reduce your exposure today with SCA Runtime Protection from Mergebase.

Tuesday, January 31st at 10AM PST

#3- WAF vs Runtime Protection (RP):  Do I need both?  What’s best?

• While different, there is some overlap; ideally, you would have both.
• RP is inside, while WAF is the perimeter.  RP is precise, while WAF is fuzzy
• WAF is more expensive to scale and time-consuming to maintain

Tuesday, February 14th at 10AM PST

#4- RASP vs Runtime Protection:  Do I need both?  What’s best?

• RP is inside, while RASP is outside.  RP is simple, while RASP is complex
• RASP is looking for attacks, while RP monitors or blocks libraries & functions
• RP blocks Java exploits, while a RASP may allow them if they look valid

Tuesday, February  28th at 10AM PST

#5- Runtime Protection Tutorial: From Risky to Safe in 15 minutes

• ID & Monitor:  New Java CVE released today by MITRE.  Am I at risk? 
• Block:  What do I have to do in Mergebase to be safe before patching?
• Unblock:  After patching, removing the block bit

Tuesday, March  14th at 10AM PST

#6- Break Attacks’ Kill Chain on Unknown Software Supply Chain Exploits

• Use Runtime monitoring to identify all unused software in your apps
• Proactively block all unneeded Java libraries and functions from execution
• You have now reduced the attack surface by hardening your applications

Tuesday, March  28th at 10AM PST

Join us to learn how to reduce supply chain risk and ensure a good night’s sleep before patching.

Can’t make it? Sign up anyway, we’ll send you a link to the webinar recording to your inbox once it’s ready.

Preparing for a webinar and want to know more about runtime protection?  Check our datasheet.

Speakers

                       

CTO & co-founder at MergeBase

                       

CEO at Manicode, former OWASP Global Board Member

                       

Strategic Advisor at MergeBase