Security Debt in the Software Supply Chain

Welcome to the DevSecOps London Gathering – May Edition! Join us as Amanda Lee from Veracode unpacks key insights from their latest State of Software Security report, revealing how leading organisations are tackling third-party vulnerabilities, accelerating remediation, and using AI to stay ahead.

🕕 6-8pm
📍Veracode, 36 Queen Street

Security Debt in the Software Supply Chain

Synopsis:
In an era where software development is accelerating rapidly, Veracode's latest research reveals a concerning trend: 50% of organisations are burdened by critical security debt, with 70% of these vulnerabilities originating from third-party code and the software supply chain. The average time to fix security flaws has increased to 8.5 months, marking a 47% rise over the past five years.This session will delve into the key findings of the State of Software Security report, offering a comprehensive understanding of the current landscape. Amanda will explore the five critical metrics identified by Veracode that benchmark security maturity and what defines a ‘leading’ or ‘lagging’ organisations.Attendees will gain insights into:

• The impact of third-party code on security debt and strategies to mitigate associated risks.
• The importance of remediation speed, with fast-acting teams reducing critical security debt by up to 75% .
• The role of AI in enhancing remediation efforts and addressing the backlog of security debt.
• Practical recommendations for improving security posture, including enhancing visibility across the software development lifecycle and prioritising vulnerabilities effectively.

Join to learn how to assess your organization's security maturity, benchmark against industry leaders, and implement strategies to reduce security debt and enhance resilience in the face of evolving cybersecurity challenges.

RSVP to join us!

Join the community:
Can't make it to the event? Keep up to date with our activities on LinkedIn & Twitter