<img src="https://certify.alexametrics.com/atrk.gif?account=8w5fq1Fx9f207i" style="display:none" height="1" width="1" alt="">
6 AppSec Lessons from the SolarWinds and FireEye Breach


Think About Your Audience Before Choosing a Webinar Title

Sponsored by CYCODE

Monday, December 21, 2020
1 p.m. ET

While details of the SolarWinds exploit, and subsequent breaches of FireEye, that comprised The U.S. Treasury and Department of Commerce are still unfolding, several lessons are becoming clear.

Whatever we assume is secure becomes insecure. As the SDLC evolves our behaviors and processes change, which shifts the landscape and upends previous assumptions. This creates fissures in our security postures that, when exploited, can provide deep access to attackers precisely because security was previously assumed.

The SolarWinds exploit likely was the result of a breach of their development infrastructure that was so deep it allowed the attackers to compromise the integrity of SolarWinds’ production releases without detection. Hence, SolarWinds continue to sign their binaries with certificates for months and their customers unknowingly ingested the attacker's malicious code. Historically, development infrastructure was presumed secure because few people had access to it and the infrastructure itself was relatively low value. However, modern development models embrace agility and transparency, which means a culture of providing easy access to many.

This webinar will focus on the top six AppSec learnings from the SolarWinds incident and will provide concrete steps that every organization can take to ensure the integrity of releases and development infrastructure.

Ronen Slavin
Co-Founder and CTO - Cycode



On-Demand Viewing:

What You’ll Learn in This Webinar

You’ve probably written a hundred abstracts in your day, but have you come up with a template that really seems to resonate? Go back through your past webinar inventory and see what events produced the most registrants. Sure – this will vary by topic but what got their attention initially was the description you wrote.

Paint a mental image of the benefits of attending your webinar. Often times this can be summarized in the title of your event. Your prospects may not even make it to the body of the message, so get your point across immediately.  Capture their attention, pique their interest, and push them towards the desired action (i.e. signing up for your event). You have to make them focus and you have to do it fast. Using an active voice and bullet points is great way to do this.

Always add key takeaways. Something like this....In this session, you’ll learn about:

  • You know you’ve cringed at misspellings and improper grammar before, so don’t get caught making the same mistake.
  • Get a second or even third set of eyes to review your work.
  • It reflects on your professionalism even if it has nothing to do with your event.