SlideShare a Scribd company logo

Centralized Secure Vault with Dimensions CM

Serena Software
Serena Software

The document discusses security breaches that occur through third party systems and vendors. It describes how attackers were able to access Target's corporate network by compromising a refrigeration contractor called Fazio Mechanical through a phishing email. This allowed malware called Citadel to be installed on Fazio computers. The document also discusses the importance of implementing a secure software development lifecycle (SDLC) and using tools like Dimensions CM to integrate code reviews, continuous inspection, and maintain a centralized secure vault for source code repositories.

Technology
1 of 22
Download to read offline
1 FUG2016Copyright © Serena Software 2016 WE OWN IT! Centralized Secure Vault with Dimensions CM Rose M Wellman Sr Mgr, Solutions Architects
2 FUG2016 What do these number represent?
3 FUG2016 That We Know About
4 FUG2016 Security Breaches Change Over Time Open the safe! Amateur!
5 FUG2016 Not Just Banks
6 FUG2016 Breaches by 3rd Party Systems • The attackers backed their way into Target's corporate network by compromising a third-party vendor. The number of vendors targeted is unknown. However, it only took one. That happened to be Fazio Mechanical, a refrigeration contractor. • A phishing email duped at least one Fazio employee, allowing Citadel, a variant of the Zeus banking trojan, to be installed on Fazio computers. With Citadel in place, the attackers waited until the malware offered what they were looking for -- Fazio Mechanical's login credentials. • At the time of the breach, all major versions of enterprise anti- malware detected the Citadel malware. Unsubstantiated sources mentioned Fazio used the free version of Malwarebytes anti-malware, which offered no real-time protection being an on-demand scanner. (Note: Malwarebytes anti-malware is highly regarded by experts when used in the correct manner.)
7 FUG2016 Everyone is a Target
8 FUG2016 Ensuring Security in Today’s World
9 FUG2016 Secure SDLC + Centralized Secure Vault Dimensions CM
10 FUG2016 Secured SDLC
11 FUG2016 Secure SDLC Source: http://www.aspectsecurity.com/secure-development-programs
12 FUG2016 Requirements • Establish security requirements/stories • Define security tests Development • Peer code reviews • Static Analysis Testing • Vulnerability testing • Penetration testing Release • Software quality review • Release readiness review Secure SDLC
13 FUG2016 Serena Dimensions CM - Integrated Peer Code Review Develop with velocity - collaboratively, securely and efficiently Key Capabilities • Collaborative web based architecture • Integrates with Agile stories and requests • Linked to Continuous Inspection • Strengthens audit trail & governance • Configurable for Projects & Teams Value Benefits • Improved code quality • Find 70-90% of all defects earlier • Cost reduction • Save up to 30% of re-work hours • Developer productivity • Up to 25% improvement in coding Peer Reviews in Software - A Practical Guide by Karl E. Wiegers
14 FUG2016 Serena Dimensions CM – Continuous Inspection Toolchain Develop with velocity - collaboratively, securely and efficiently Key Capabilities • Extensible plug-in architecture • Schedule & inspect code changes • Report findings & vulnerabilities • Aggregated KPI Metrics • Supports DevOps “Shift-Left” Value Benefits • Display results in code review • Real-time developer feedback • Reduce coding risks & issues • Monitor code health & quality • Speed release readiness "Given enough eyeballs, all bugs are shallow." The Cathedral and the Bazar —Eric Raymond
15 FUG2016 • Code Hygiene • Refers to the “cleanliness” of an application – in particular, minimizing vulnerabilities and code complexity. • Good code hygiene requires visibility into all the components used to build the application. • Several activities in the software development lifecycle support good code hygiene, including threat modeling and automated testing (i.e., static and dynamic analysis). • The shortcoming of each of these activities is that they only provide a point-in-time snapshot of code hygiene, and can’t account for a changing threat space. • You have to continuously monitor or continuously apply good hygiene. • More than 4,000 new vulnerabilities were disclosed by the National Vulnerability Database in open- source components in 2014 alone. The fact that your open-source code bases are free from vulnerabilities today doesn’t mean you can ignore them for the next year. • OWASP Dependency-Check Open Source
16 FUG2016 Centralized Secure Vault
17 FUG2016 Problem – Repository Sprawl • DevOps driving option of Git • Repository Sprawl • Multiple Source Code Repos • Individually Managed/Maintained • Security? • Reliability? • Cross-team collaboration? • Audit trail?
18 FUG2016 No Built-in Security and Authorization • Read/Write security on all objects • Group role assignments • Full audit trail of all objects
19 FUG2016 Git/SVN Goes into the Dimensions CM Secure Vault Release Control Dev DevOps Ops Dimensions CM Deployment Automation CM Secure Vault ChangeMan ZMF Deployment pipeline Deployment pipeline Deployment pipeline Deployment pipeline
20 FUG2016 Better Solution – Git Connector Dimensions CM Vault Dimensions CM Deployment Pipeline Serena Deployment Automation Dimensions CM = Git Master Repository Dimensions CM Pulse DimensionsCM GitConnector
21 FUG2016 • The Developers don’t have to change the tools they are using • The Business gets the control it needs – Single source of truth – Enterprise Security – Robust and scalable • With the additional value of Dimensions CM – Continuous Inspection – Enterprise Change Management – Control over path to production – Full audit trail across all components Dimensions CM Git Connector Benefit
22 FUG2016 Customer Quotes “ We’re a bank not a startup, and we need to be using appropriate tools to ensure the integrity and security of change, not tools that add to a developers resume. We don’t want to be the next big headline! ” Richard landoli SVP QA Brown Brothers Harriman “ The visibility and insight that Dimensions CM 14 provides, allows us to see if we are converging to quality or diverging from quality in real time. ” Ken Vane IT Change & Configuration Manager, Navy Federal Credit Union

Recommended

SBM Orchestrations - Beginners Guide (FUG Presentation)
SBM Orchestrations - Beginners Guide (FUG Presentation)SBM Orchestrations - Beginners Guide (FUG Presentation)
SBM Orchestrations - Beginners Guide (FUG Presentation)Serena Software
 
Leveraging DevOps Principles for Release and Deploy
Leveraging DevOps Principles for Release and DeployLeveraging DevOps Principles for Release and Deploy
Leveraging DevOps Principles for Release and DeploySerena Software
 
Automation and Release in Federal
Automation and Release in FederalAutomation and Release in Federal
Automation and Release in FederalSerena Software
 
Shift Left with Continuous Inspection
Shift Left with Continuous InspectionShift Left with Continuous Inspection
Shift Left with Continuous InspectionSerena Software
 
Software Defect Prevention via Continuous Inspection
Software Defect Prevention via Continuous InspectionSoftware Defect Prevention via Continuous Inspection
Software Defect Prevention via Continuous InspectionJosh Gough
 
Serena Business Manager Visualizing 2016
Serena Business Manager Visualizing 2016Serena Business Manager Visualizing 2016
Serena Business Manager Visualizing 2016Serena Software
 
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)DevOps CD and Multispeed IT in regulated industries (FUG Presentation)
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)Serena Software
 
Serena DevOps Drive-in: Leading the Agile and DevOps transformation with Gary...
Serena DevOps Drive-in: Leading the Agile and DevOps transformation with Gary...Serena DevOps Drive-in: Leading the Agile and DevOps transformation with Gary...
Serena DevOps Drive-in: Leading the Agile and DevOps transformation with Gary...Serena Software
 

Recommended

SBM Orchestrations - Beginners Guide (FUG Presentation)
SBM Orchestrations - Beginners Guide (FUG Presentation)SBM Orchestrations - Beginners Guide (FUG Presentation)
SBM Orchestrations - Beginners Guide (FUG Presentation)Serena Software
 
Leveraging DevOps Principles for Release and Deploy
Leveraging DevOps Principles for Release and DeployLeveraging DevOps Principles for Release and Deploy
Leveraging DevOps Principles for Release and DeploySerena Software
 
Automation and Release in Federal
Automation and Release in FederalAutomation and Release in Federal
Automation and Release in FederalSerena Software
 
Shift Left with Continuous Inspection
Shift Left with Continuous InspectionShift Left with Continuous Inspection
Shift Left with Continuous InspectionSerena Software
 
Software Defect Prevention via Continuous Inspection
Software Defect Prevention via Continuous InspectionSoftware Defect Prevention via Continuous Inspection
Software Defect Prevention via Continuous InspectionJosh Gough
 
Serena Business Manager Visualizing 2016
Serena Business Manager Visualizing 2016Serena Business Manager Visualizing 2016
Serena Business Manager Visualizing 2016Serena Software
 
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)DevOps CD and Multispeed IT in regulated industries (FUG Presentation)
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)Serena Software
 
Serena DevOps Drive-in: Leading the Agile and DevOps transformation with Gary...
Serena DevOps Drive-in: Leading the Agile and DevOps transformation with Gary...Serena DevOps Drive-in: Leading the Agile and DevOps transformation with Gary...
Serena DevOps Drive-in: Leading the Agile and DevOps transformation with Gary...Serena Software
 
Dimensions RM: Agile Requirements Management
Dimensions RM: Agile Requirements ManagementDimensions RM: Agile Requirements Management
Dimensions RM: Agile Requirements ManagementSerena Software
 
Dimensions CM 14.3 launch webcast (slides)
Dimensions CM 14.3 launch webcast (slides)Dimensions CM 14.3 launch webcast (slides)
Dimensions CM 14.3 launch webcast (slides)Serena Software
 
Creating High Performance teams by using a DevOps culture (FUG presentation)
Creating High Performance teams by using a DevOps culture (FUG presentation)Creating High Performance teams by using a DevOps culture (FUG presentation)
Creating High Performance teams by using a DevOps culture (FUG presentation)Serena Software
 
FUG Agile software engineering practices
FUG Agile software engineering practicesFUG Agile software engineering practices
FUG Agile software engineering practicesSerena Software
 
DevOps Monitoring and Alerting
DevOps Monitoring and AlertingDevOps Monitoring and Alerting
DevOps Monitoring and AlertingKhairul Zebua
 
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...XebiaLabs
 
From Chaos to Compliance: The New Digital Governance for DevOps
From Chaos to Compliance: The New Digital Governance for DevOpsFrom Chaos to Compliance: The New Digital Governance for DevOps
From Chaos to Compliance: The New Digital Governance for DevOpsXebiaLabs
 
Build a Bridge Between CI/CD and ITSM w/ Quint Technology
Build a Bridge Between CI/CD and ITSM w/ Quint TechnologyBuild a Bridge Between CI/CD and ITSM w/ Quint Technology
Build a Bridge Between CI/CD and ITSM w/ Quint TechnologyXebiaLabs
 
Continuous Integration Testing for SAP
Continuous Integration Testing for SAPContinuous Integration Testing for SAP
Continuous Integration Testing for SAPWorksoft
 
Infrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsInfrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsXebiaLabs
 
Make Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the PastMake Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the PastXebiaLabs
 
Insurance for your Assurance Team
Insurance for your Assurance TeamInsurance for your Assurance Team
Insurance for your Assurance TeamWorksoft
 
Monitoring at the Speed of DevOps
Monitoring at the Speed of DevOpsMonitoring at the Speed of DevOps
Monitoring at the Speed of DevOpsDevOps.com
 
XebiaLabs: DevOps 2020 with Gene Kim
XebiaLabs: DevOps 2020 with Gene KimXebiaLabs: DevOps 2020 with Gene Kim
XebiaLabs: DevOps 2020 with Gene KimXebiaLabs
 
Salesforce – Proven Platform Development with DevOps & Agile
Salesforce – Proven Platform Development with DevOps & AgileSalesforce – Proven Platform Development with DevOps & Agile
Salesforce – Proven Platform Development with DevOps & AgileSai Jithesh ☁️
 
Deliver More Customer Value with Value Stream Management
Deliver More Customer Value with Value Stream ManagementDeliver More Customer Value with Value Stream Management
Deliver More Customer Value with Value Stream ManagementXebiaLabs
 
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!Susmitha Vakkalanka
 
Enterprise DevOps in the Age of Docker & Microservices
Enterprise DevOps in the Age of Docker & MicroservicesEnterprise DevOps in the Age of Docker & Microservices
Enterprise DevOps in the Age of Docker & MicroservicesXebiaLabs
 
Agile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged ApplicationsAgile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged ApplicationsWorksoft
 
Supercharge Your Digital Transformation by Establishing a DevOps Platform
Supercharge Your Digital Transformation by Establishing a DevOps PlatformSupercharge Your Digital Transformation by Establishing a DevOps Platform
Supercharge Your Digital Transformation by Establishing a DevOps PlatformXebiaLabs
 
Edit Privacy Settings Analytics FREE Collect Leads Micro Focus DevOps Drive-i...
Edit Privacy Settings Analytics FREE Collect Leads Micro Focus DevOps Drive-i...Edit Privacy Settings Analytics FREE Collect Leads Micro Focus DevOps Drive-i...
Edit Privacy Settings Analytics FREE Collect Leads Micro Focus DevOps Drive-i...Serena Software
 
Mainframe VUG Presentation April 2016
Mainframe VUG Presentation April 2016Mainframe VUG Presentation April 2016
Mainframe VUG Presentation April 2016Serena Software
 

More Related Content

What's hot

Dimensions RM: Agile Requirements Management
Dimensions RM: Agile Requirements ManagementDimensions RM: Agile Requirements Management
Dimensions RM: Agile Requirements ManagementSerena Software
 
Dimensions CM 14.3 launch webcast (slides)
Dimensions CM 14.3 launch webcast (slides)Dimensions CM 14.3 launch webcast (slides)
Dimensions CM 14.3 launch webcast (slides)Serena Software
 
Creating High Performance teams by using a DevOps culture (FUG presentation)
Creating High Performance teams by using a DevOps culture (FUG presentation)Creating High Performance teams by using a DevOps culture (FUG presentation)
Creating High Performance teams by using a DevOps culture (FUG presentation)Serena Software
 
FUG Agile software engineering practices
FUG Agile software engineering practicesFUG Agile software engineering practices
FUG Agile software engineering practicesSerena Software
 
DevOps Monitoring and Alerting
DevOps Monitoring and AlertingDevOps Monitoring and Alerting
DevOps Monitoring and AlertingKhairul Zebua
 
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...XebiaLabs
 
From Chaos to Compliance: The New Digital Governance for DevOps
From Chaos to Compliance: The New Digital Governance for DevOpsFrom Chaos to Compliance: The New Digital Governance for DevOps
From Chaos to Compliance: The New Digital Governance for DevOpsXebiaLabs
 
Build a Bridge Between CI/CD and ITSM w/ Quint Technology
Build a Bridge Between CI/CD and ITSM w/ Quint TechnologyBuild a Bridge Between CI/CD and ITSM w/ Quint Technology
Build a Bridge Between CI/CD and ITSM w/ Quint TechnologyXebiaLabs
 
Continuous Integration Testing for SAP
Continuous Integration Testing for SAPContinuous Integration Testing for SAP
Continuous Integration Testing for SAPWorksoft
 
Infrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsInfrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsXebiaLabs
 
Make Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the PastMake Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the PastXebiaLabs
 
Insurance for your Assurance Team
Insurance for your Assurance TeamInsurance for your Assurance Team
Insurance for your Assurance TeamWorksoft
 
Monitoring at the Speed of DevOps
Monitoring at the Speed of DevOpsMonitoring at the Speed of DevOps
Monitoring at the Speed of DevOpsDevOps.com
 
XebiaLabs: DevOps 2020 with Gene Kim
XebiaLabs: DevOps 2020 with Gene KimXebiaLabs: DevOps 2020 with Gene Kim
XebiaLabs: DevOps 2020 with Gene KimXebiaLabs
 
Salesforce – Proven Platform Development with DevOps & Agile
Salesforce – Proven Platform Development with DevOps & AgileSalesforce – Proven Platform Development with DevOps & Agile
Salesforce – Proven Platform Development with DevOps & AgileSai Jithesh ☁️
 
Deliver More Customer Value with Value Stream Management
Deliver More Customer Value with Value Stream ManagementDeliver More Customer Value with Value Stream Management
Deliver More Customer Value with Value Stream ManagementXebiaLabs
 
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!Susmitha Vakkalanka
 
Enterprise DevOps in the Age of Docker & Microservices
Enterprise DevOps in the Age of Docker & MicroservicesEnterprise DevOps in the Age of Docker & Microservices
Enterprise DevOps in the Age of Docker & MicroservicesXebiaLabs
 
Agile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged ApplicationsAgile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged ApplicationsWorksoft
 
Supercharge Your Digital Transformation by Establishing a DevOps Platform
Supercharge Your Digital Transformation by Establishing a DevOps PlatformSupercharge Your Digital Transformation by Establishing a DevOps Platform
Supercharge Your Digital Transformation by Establishing a DevOps PlatformXebiaLabs
 

What's hot (20)

Dimensions RM: Agile Requirements Management
Dimensions RM: Agile Requirements ManagementDimensions RM: Agile Requirements Management
Dimensions RM: Agile Requirements Management
 
Dimensions CM 14.3 launch webcast (slides)
Dimensions CM 14.3 launch webcast (slides)Dimensions CM 14.3 launch webcast (slides)
Dimensions CM 14.3 launch webcast (slides)
 
Creating High Performance teams by using a DevOps culture (FUG presentation)
Creating High Performance teams by using a DevOps culture (FUG presentation)Creating High Performance teams by using a DevOps culture (FUG presentation)
Creating High Performance teams by using a DevOps culture (FUG presentation)
 
FUG Agile software engineering practices
FUG Agile software engineering practicesFUG Agile software engineering practices
FUG Agile software engineering practices
 
DevOps Monitoring and Alerting
DevOps Monitoring and AlertingDevOps Monitoring and Alerting
DevOps Monitoring and Alerting
 
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...
Building a Software Chain of Custody: A Guide for CTOs, CIOs, and Enterprise ...
 
From Chaos to Compliance: The New Digital Governance for DevOps
From Chaos to Compliance: The New Digital Governance for DevOpsFrom Chaos to Compliance: The New Digital Governance for DevOps
From Chaos to Compliance: The New Digital Governance for DevOps
 
Build a Bridge Between CI/CD and ITSM w/ Quint Technology
Build a Bridge Between CI/CD and ITSM w/ Quint TechnologyBuild a Bridge Between CI/CD and ITSM w/ Quint Technology
Build a Bridge Between CI/CD and ITSM w/ Quint Technology
 
Continuous Integration Testing for SAP
Continuous Integration Testing for SAPContinuous Integration Testing for SAP
Continuous Integration Testing for SAP
 
Infrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsInfrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale Organizations
 
Make Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the PastMake Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the Past
 
Insurance for your Assurance Team
Insurance for your Assurance TeamInsurance for your Assurance Team
Insurance for your Assurance Team
 
Monitoring at the Speed of DevOps
Monitoring at the Speed of DevOpsMonitoring at the Speed of DevOps
Monitoring at the Speed of DevOps
 
XebiaLabs: DevOps 2020 with Gene Kim
XebiaLabs: DevOps 2020 with Gene KimXebiaLabs: DevOps 2020 with Gene Kim
XebiaLabs: DevOps 2020 with Gene Kim
 
Salesforce – Proven Platform Development with DevOps & Agile
Salesforce – Proven Platform Development with DevOps & AgileSalesforce – Proven Platform Development with DevOps & Agile
Salesforce – Proven Platform Development with DevOps & Agile
 
Deliver More Customer Value with Value Stream Management
Deliver More Customer Value with Value Stream ManagementDeliver More Customer Value with Value Stream Management
Deliver More Customer Value with Value Stream Management
 
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
 
Enterprise DevOps in the Age of Docker & Microservices
Enterprise DevOps in the Age of Docker & MicroservicesEnterprise DevOps in the Age of Docker & Microservices
Enterprise DevOps in the Age of Docker & Microservices
 
Agile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged ApplicationsAgile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged Applications
 
Supercharge Your Digital Transformation by Establishing a DevOps Platform
Supercharge Your Digital Transformation by Establishing a DevOps PlatformSupercharge Your Digital Transformation by Establishing a DevOps Platform
Supercharge Your Digital Transformation by Establishing a DevOps Platform
 

Viewers also liked

Edit Privacy Settings Analytics FREE Collect Leads Micro Focus DevOps Drive-i...
Edit Privacy Settings Analytics FREE Collect Leads Micro Focus DevOps Drive-i...Edit Privacy Settings Analytics FREE Collect Leads Micro Focus DevOps Drive-i...
Edit Privacy Settings Analytics FREE Collect Leads Micro Focus DevOps Drive-i...Serena Software
 
Mainframe VUG Presentation April 2016
Mainframe VUG Presentation April 2016Mainframe VUG Presentation April 2016
Mainframe VUG Presentation April 2016Serena Software
 
FUG Keynote presentation: Vision 2020
FUG Keynote presentation: Vision 2020FUG Keynote presentation: Vision 2020
FUG Keynote presentation: Vision 2020Serena Software
 
Overview and Demonstration of Dimensions CM 14.2 (FUG presentation track 2)
Overview and Demonstration of Dimensions CM 14.2 (FUG presentation track 2)Overview and Demonstration of Dimensions CM 14.2 (FUG presentation track 2)
Overview and Demonstration of Dimensions CM 14.2 (FUG presentation track 2)Serena Software
 
Micro Focus DevOps Drive-in with Gary Gruver - Starting and Scaling DevOps in...
Micro Focus DevOps Drive-in with Gary Gruver - Starting and Scaling DevOps in...Micro Focus DevOps Drive-in with Gary Gruver - Starting and Scaling DevOps in...
Micro Focus DevOps Drive-in with Gary Gruver - Starting and Scaling DevOps in...Serena Software
 
Integrated Requirements Management with Serena Dimensions RM 02-2016
Integrated Requirements Management with Serena Dimensions RM 02-2016Integrated Requirements Management with Serena Dimensions RM 02-2016
Integrated Requirements Management with Serena Dimensions RM 02-2016Serena Software
 
Sneak Peek into the New ChangeMan ZMF Release
Sneak Peek into the New ChangeMan ZMF ReleaseSneak Peek into the New ChangeMan ZMF Release
Sneak Peek into the New ChangeMan ZMF ReleaseSerena Software
 
Metrics-Driven DevOps: Delivering Software Like the Unicorn
Metrics-Driven DevOps: Delivering Software Like the UnicornMetrics-Driven DevOps: Delivering Software Like the Unicorn
Metrics-Driven DevOps: Delivering Software Like the UnicornBeyond20
 
Makar Sankranti Celebration – Mocomi Kids
Makar Sankranti Celebration – Mocomi KidsMakar Sankranti Celebration – Mocomi Kids
Makar Sankranti Celebration – Mocomi KidsMocomi Kids
 
1a. Resume_Bharti_Grover
1a. Resume_Bharti_Grover1a. Resume_Bharti_Grover
1a. Resume_Bharti_GroverBharti Grover
 
MLA/DLA 16 Non-Library Conferences Panel Presentaiton -Masie Learning Conference
MLA/DLA 16 Non-Library Conferences Panel Presentaiton -Masie Learning ConferenceMLA/DLA 16 Non-Library Conferences Panel Presentaiton -Masie Learning Conference
MLA/DLA 16 Non-Library Conferences Panel Presentaiton -Masie Learning ConferenceJennifer Hopwood
 

Viewers also liked (15)

Edit Privacy Settings Analytics FREE Collect Leads Micro Focus DevOps Drive-i...
Edit Privacy Settings Analytics FREE Collect Leads Micro Focus DevOps Drive-i...Edit Privacy Settings Analytics FREE Collect Leads Micro Focus DevOps Drive-i...
Edit Privacy Settings Analytics FREE Collect Leads Micro Focus DevOps Drive-i...
 
Mainframe VUG Presentation April 2016
Mainframe VUG Presentation April 2016Mainframe VUG Presentation April 2016
Mainframe VUG Presentation April 2016
 
FUG Keynote presentation: Vision 2020
FUG Keynote presentation: Vision 2020FUG Keynote presentation: Vision 2020
FUG Keynote presentation: Vision 2020
 
Overview and Demonstration of Dimensions CM 14.2 (FUG presentation track 2)
Overview and Demonstration of Dimensions CM 14.2 (FUG presentation track 2)Overview and Demonstration of Dimensions CM 14.2 (FUG presentation track 2)
Overview and Demonstration of Dimensions CM 14.2 (FUG presentation track 2)
 
Micro Focus DevOps Drive-in with Gary Gruver - Starting and Scaling DevOps in...
Micro Focus DevOps Drive-in with Gary Gruver - Starting and Scaling DevOps in...Micro Focus DevOps Drive-in with Gary Gruver - Starting and Scaling DevOps in...
Micro Focus DevOps Drive-in with Gary Gruver - Starting and Scaling DevOps in...
 
What's new in SBM 11.1
What's new in SBM 11.1What's new in SBM 11.1
What's new in SBM 11.1
 
Integrated Requirements Management with Serena Dimensions RM 02-2016
Integrated Requirements Management with Serena Dimensions RM 02-2016Integrated Requirements Management with Serena Dimensions RM 02-2016
Integrated Requirements Management with Serena Dimensions RM 02-2016
 
Sneak Peek into the New ChangeMan ZMF Release
Sneak Peek into the New ChangeMan ZMF ReleaseSneak Peek into the New ChangeMan ZMF Release
Sneak Peek into the New ChangeMan ZMF Release
 
Metrics-Driven DevOps: Delivering Software Like the Unicorn
Metrics-Driven DevOps: Delivering Software Like the UnicornMetrics-Driven DevOps: Delivering Software Like the Unicorn
Metrics-Driven DevOps: Delivering Software Like the Unicorn
 
Cathedral of Bloom 2011
Cathedral of Bloom 2011Cathedral of Bloom 2011
Cathedral of Bloom 2011
 
img004
img004img004
img004
 
Makar Sankranti Celebration – Mocomi Kids
Makar Sankranti Celebration – Mocomi KidsMakar Sankranti Celebration – Mocomi Kids
Makar Sankranti Celebration – Mocomi Kids
 
Four bulls and_the_lion
Four bulls and_the_lionFour bulls and_the_lion
Four bulls and_the_lion
 
1a. Resume_Bharti_Grover
1a. Resume_Bharti_Grover1a. Resume_Bharti_Grover
1a. Resume_Bharti_Grover
 
MLA/DLA 16 Non-Library Conferences Panel Presentaiton -Masie Learning Conference
MLA/DLA 16 Non-Library Conferences Panel Presentaiton -Masie Learning ConferenceMLA/DLA 16 Non-Library Conferences Panel Presentaiton -Masie Learning Conference
MLA/DLA 16 Non-Library Conferences Panel Presentaiton -Masie Learning Conference
 

Similar to Centralized Secure Vault with Dimensions CM

Open source iam value, benefits, and risks
Open source iam value, benefits, and risksOpen source iam value, benefits, and risks
Open source iam value, benefits, and risksWSO2
 
Verification at scale: Fitting static code analysis into continuous integration
Verification at scale: Fitting static code analysis into continuous integrationVerification at scale: Fitting static code analysis into continuous integration
Verification at scale: Fitting static code analysis into continuous integrationRogue Wave Software
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
 
Programming languages and techniques for today’s embedded andIoT world
Programming languages and techniques for today’s embedded andIoT worldProgramming languages and techniques for today’s embedded andIoT world
Programming languages and techniques for today’s embedded andIoT worldRogue Wave Software
 
Riyadh Meetup4- Sonarqube for Mule 4 Code review
Riyadh Meetup4- Sonarqube for Mule 4 Code reviewRiyadh Meetup4- Sonarqube for Mule 4 Code review
Riyadh Meetup4- Sonarqube for Mule 4 Code reviewsatyasekhar123
 
Building Blocks of Secure Development: How to Make Open Source Work for You
Building Blocks of Secure Development: How to Make Open Source Work for YouBuilding Blocks of Secure Development: How to Make Open Source Work for You
Building Blocks of Secure Development: How to Make Open Source Work for YouSBWebinars
 
Secure Code review - Veracode SaaS Platform - Saudi Green Method
Secure Code review - Veracode SaaS Platform - Saudi Green MethodSecure Code review - Veracode SaaS Platform - Saudi Green Method
Secure Code review - Veracode SaaS Platform - Saudi Green MethodSalil Kumar Subramony
 
BDD Mobile Security Testing (OWASP AppSec Bucharest 2017)
BDD Mobile Security Testing (OWASP AppSec Bucharest 2017)BDD Mobile Security Testing (OWASP AppSec Bucharest 2017)
BDD Mobile Security Testing (OWASP AppSec Bucharest 2017)Davide Cioccia
 
Code to Release using Artificial Intelligence and Machine Learning
Code to Release using Artificial Intelligence and Machine LearningCode to Release using Artificial Intelligence and Machine Learning
Code to Release using Artificial Intelligence and Machine LearningSTePINForum
 
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...Perforce
 
SAST in the SDLC: Building a plan for 'going left'
SAST in the SDLC: Building a plan for 'going left'SAST in the SDLC: Building a plan for 'going left'
SAST in the SDLC: Building a plan for 'going left'WHSZachJones
 
Optimize your CI/CD with GitLab and AWS
Optimize your CI/CD with GitLab and AWSOptimize your CI/CD with GitLab and AWS
Optimize your CI/CD with GitLab and AWSDevOps.com
 
Cyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemCyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemRogue Wave Software
 
Rapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRogue Wave Software
 
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)TelecomValley
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIsWSO2
 
Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareParasoft
 

Similar to Centralized Secure Vault with Dimensions CM (20)

Open source iam value, benefits, and risks
Open source iam value, benefits, and risksOpen source iam value, benefits, and risks
Open source iam value, benefits, and risks
 
Verification at scale: Fitting static code analysis into continuous integration
Verification at scale: Fitting static code analysis into continuous integrationVerification at scale: Fitting static code analysis into continuous integration
Verification at scale: Fitting static code analysis into continuous integration
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
 
Programming languages and techniques for today’s embedded andIoT world
Programming languages and techniques for today’s embedded andIoT worldProgramming languages and techniques for today’s embedded andIoT world
Programming languages and techniques for today’s embedded andIoT world
 
Riyadh Meetup4- Sonarqube for Mule 4 Code review
Riyadh Meetup4- Sonarqube for Mule 4 Code reviewRiyadh Meetup4- Sonarqube for Mule 4 Code review
Riyadh Meetup4- Sonarqube for Mule 4 Code review
 
Building Blocks of Secure Development: How to Make Open Source Work for You
Building Blocks of Secure Development: How to Make Open Source Work for YouBuilding Blocks of Secure Development: How to Make Open Source Work for You
Building Blocks of Secure Development: How to Make Open Source Work for You
 
Secure Code review - Veracode SaaS Platform - Saudi Green Method
Secure Code review - Veracode SaaS Platform - Saudi Green MethodSecure Code review - Veracode SaaS Platform - Saudi Green Method
Secure Code review - Veracode SaaS Platform - Saudi Green Method
 
BDD Mobile Security Testing (OWASP AppSec Bucharest 2017)
BDD Mobile Security Testing (OWASP AppSec Bucharest 2017)BDD Mobile Security Testing (OWASP AppSec Bucharest 2017)
BDD Mobile Security Testing (OWASP AppSec Bucharest 2017)
 
Code to Release using Artificial Intelligence and Machine Learning
Code to Release using Artificial Intelligence and Machine LearningCode to Release using Artificial Intelligence and Machine Learning
Code to Release using Artificial Intelligence and Machine Learning
 
Webinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or RealityWebinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or Reality
 
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
 
SAST in the SDLC: Building a plan for 'going left'
SAST in the SDLC: Building a plan for 'going left'SAST in the SDLC: Building a plan for 'going left'
SAST in the SDLC: Building a plan for 'going left'
 
Webinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at ScaleWebinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at Scale
 
Optimize your CI/CD with GitLab and AWS
Optimize your CI/CD with GitLab and AWSOptimize your CI/CD with GitLab and AWS
Optimize your CI/CD with GitLab and AWS
 
Cyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemCyber security - It starts with the embedded system
Cyber security - It starts with the embedded system
 
Rapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysis
 
Upmc tpdev1
Upmc tpdev1Upmc tpdev1
Upmc tpdev1
 
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs
 
Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive Software
 

More from Serena Software

The Top 5 Practices of a Highly Successful ChangeMan ZMF Administrator
The Top 5 Practices of a Highly Successful ChangeMan ZMF AdministratorThe Top 5 Practices of a Highly Successful ChangeMan ZMF Administrator
The Top 5 Practices of a Highly Successful ChangeMan ZMF AdministratorSerena Software
 
DevOps drivein - Mind the Gap
DevOps drivein - Mind the GapDevOps drivein - Mind the Gap
DevOps drivein - Mind the GapSerena Software
 
Take your code and quality to the next level by Serena Software
Take your code and quality to the next level by Serena SoftwareTake your code and quality to the next level by Serena Software
Take your code and quality to the next level by Serena SoftwareSerena Software
 
Dimensions CM Summer VUG Presentation
Dimensions CM Summer VUG PresentationDimensions CM Summer VUG Presentation
Dimensions CM Summer VUG PresentationSerena Software
 
Mainframe vug july 30 2015
Mainframe vug july 30 2015Mainframe vug july 30 2015
Mainframe vug july 30 2015Serena Software
 
Dimensions RM 12.3 webcast
Dimensions RM 12.3 webcast Dimensions RM 12.3 webcast
Dimensions RM 12.3 webcast Serena Software
 
Dimensions CM 14.2 Webcast: Running the Gauntlet
Dimensions CM 14.2 Webcast: Running the GauntletDimensions CM 14.2 Webcast: Running the Gauntlet
Dimensions CM 14.2 Webcast: Running the GauntletSerena Software
 
Continuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchainContinuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchainSerena Software
 
Deploy Fast Without Breaking Things Webinar Presentation June 25
Deploy Fast Without Breaking Things Webinar Presentation June 25Deploy Fast Without Breaking Things Webinar Presentation June 25
Deploy Fast Without Breaking Things Webinar Presentation June 25Serena Software
 
Spring Mainframe VUG 2015: How to google your way through your mainframe appl...
Spring Mainframe VUG 2015: How to google your way through your mainframe appl...Spring Mainframe VUG 2015: How to google your way through your mainframe appl...
Spring Mainframe VUG 2015: How to google your way through your mainframe appl...Serena Software
 

More from Serena Software (11)

The Top 5 Practices of a Highly Successful ChangeMan ZMF Administrator
The Top 5 Practices of a Highly Successful ChangeMan ZMF AdministratorThe Top 5 Practices of a Highly Successful ChangeMan ZMF Administrator
The Top 5 Practices of a Highly Successful ChangeMan ZMF Administrator
 
DevOps drivein - Mind the Gap
DevOps drivein - Mind the GapDevOps drivein - Mind the Gap
DevOps drivein - Mind the Gap
 
Take your code and quality to the next level by Serena Software
Take your code and quality to the next level by Serena SoftwareTake your code and quality to the next level by Serena Software
Take your code and quality to the next level by Serena Software
 
Dimensions CM Summer VUG Presentation
Dimensions CM Summer VUG PresentationDimensions CM Summer VUG Presentation
Dimensions CM Summer VUG Presentation
 
Mainframe vug july 30 2015
Mainframe vug july 30 2015Mainframe vug july 30 2015
Mainframe vug july 30 2015
 
Dimensions RM 12.3 webcast
Dimensions RM 12.3 webcast Dimensions RM 12.3 webcast
Dimensions RM 12.3 webcast
 
Dimensions CM 14.2 Webcast: Running the Gauntlet
Dimensions CM 14.2 Webcast: Running the GauntletDimensions CM 14.2 Webcast: Running the Gauntlet
Dimensions CM 14.2 Webcast: Running the Gauntlet
 
Continuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchainContinuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchain
 
GoToWebinar Vs Webex
GoToWebinar Vs WebexGoToWebinar Vs Webex
GoToWebinar Vs Webex
 
Deploy Fast Without Breaking Things Webinar Presentation June 25
Deploy Fast Without Breaking Things Webinar Presentation June 25Deploy Fast Without Breaking Things Webinar Presentation June 25
Deploy Fast Without Breaking Things Webinar Presentation June 25
 
Spring Mainframe VUG 2015: How to google your way through your mainframe appl...
Spring Mainframe VUG 2015: How to google your way through your mainframe appl...Spring Mainframe VUG 2015: How to google your way through your mainframe appl...
Spring Mainframe VUG 2015: How to google your way through your mainframe appl...
 

Recently uploaded

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

Centralized Secure Vault with Dimensions CM

  • 1. 1 FUG2016Copyright © Serena Software 2016 WE OWN IT! Centralized Secure Vault with Dimensions CM Rose M Wellman Sr Mgr, Solutions Architects
  • 2. 2 FUG2016 What do these number represent?
  • 4. 4 FUG2016 Security Breaches Change Over Time Open the safe! Amateur!
  • 6. 6 FUG2016 Breaches by 3rd Party Systems • The attackers backed their way into Target's corporate network by compromising a third-party vendor. The number of vendors targeted is unknown. However, it only took one. That happened to be Fazio Mechanical, a refrigeration contractor. • A phishing email duped at least one Fazio employee, allowing Citadel, a variant of the Zeus banking trojan, to be installed on Fazio computers. With Citadel in place, the attackers waited until the malware offered what they were looking for -- Fazio Mechanical's login credentials. • At the time of the breach, all major versions of enterprise anti- malware detected the Citadel malware. Unsubstantiated sources mentioned Fazio used the free version of Malwarebytes anti-malware, which offered no real-time protection being an on-demand scanner. (Note: Malwarebytes anti-malware is highly regarded by experts when used in the correct manner.)
  • 12. 12 FUG2016 Requirements • Establish security requirements/stories • Define security tests Development • Peer code reviews • Static Analysis Testing • Vulnerability testing • Penetration testing Release • Software quality review • Release readiness review Secure SDLC
  • 13. 13 FUG2016 Serena Dimensions CM - Integrated Peer Code Review Develop with velocity - collaboratively, securely and efficiently Key Capabilities • Collaborative web based architecture • Integrates with Agile stories and requests • Linked to Continuous Inspection • Strengthens audit trail & governance • Configurable for Projects & Teams Value Benefits • Improved code quality • Find 70-90% of all defects earlier • Cost reduction • Save up to 30% of re-work hours • Developer productivity • Up to 25% improvement in coding Peer Reviews in Software - A Practical Guide by Karl E. Wiegers
  • 14. 14 FUG2016 Serena Dimensions CM – Continuous Inspection Toolchain Develop with velocity - collaboratively, securely and efficiently Key Capabilities • Extensible plug-in architecture • Schedule & inspect code changes • Report findings & vulnerabilities • Aggregated KPI Metrics • Supports DevOps “Shift-Left” Value Benefits • Display results in code review • Real-time developer feedback • Reduce coding risks & issues • Monitor code health & quality • Speed release readiness "Given enough eyeballs, all bugs are shallow." The Cathedral and the Bazar —Eric Raymond
  • 15. 15 FUG2016 • Code Hygiene • Refers to the “cleanliness” of an application – in particular, minimizing vulnerabilities and code complexity. • Good code hygiene requires visibility into all the components used to build the application. • Several activities in the software development lifecycle support good code hygiene, including threat modeling and automated testing (i.e., static and dynamic analysis). • The shortcoming of each of these activities is that they only provide a point-in-time snapshot of code hygiene, and can’t account for a changing threat space. • You have to continuously monitor or continuously apply good hygiene. • More than 4,000 new vulnerabilities were disclosed by the National Vulnerability Database in open- source components in 2014 alone. The fact that your open-source code bases are free from vulnerabilities today doesn’t mean you can ignore them for the next year. • OWASP Dependency-Check Open Source
  • 17. 17 FUG2016 Problem – Repository Sprawl • DevOps driving option of Git • Repository Sprawl • Multiple Source Code Repos • Individually Managed/Maintained • Security? • Reliability? • Cross-team collaboration? • Audit trail?
  • 18. 18 FUG2016 No Built-in Security and Authorization • Read/Write security on all objects • Group role assignments • Full audit trail of all objects
  • 19. 19 FUG2016 Git/SVN Goes into the Dimensions CM Secure Vault Release Control Dev DevOps Ops Dimensions CM Deployment Automation CM Secure Vault ChangeMan ZMF Deployment pipeline Deployment pipeline Deployment pipeline Deployment pipeline
  • 20. 20 FUG2016 Better Solution – Git Connector Dimensions CM Vault Dimensions CM Deployment Pipeline Serena Deployment Automation Dimensions CM = Git Master Repository Dimensions CM Pulse DimensionsCM GitConnector
  • 21. 21 FUG2016 • The Developers don’t have to change the tools they are using • The Business gets the control it needs – Single source of truth – Enterprise Security – Robust and scalable • With the additional value of Dimensions CM – Continuous Inspection – Enterprise Change Management – Control over path to production – Full audit trail across all components Dimensions CM Git Connector Benefit
  • 22. 22 FUG2016 Customer Quotes “ We’re a bank not a startup, and we need to be using appropriate tools to ensure the integrity and security of change, not tools that add to a developers resume. We don’t want to be the next big headline! ” Richard landoli SVP QA Brown Brothers Harriman “ The visibility and insight that Dimensions CM 14 provides, allows us to see if we are converging to quality or diverging from quality in real time. ” Ken Vane IT Change & Configuration Manager, Navy Federal Credit Union