Maintaining strong security practices requires staying in front of changes and accepting challenges that can impact every phase of the software development lifecycle – from design to disposal and everything in between.

Join us for ISC2 Spotlight: Secure Software Development , a virtual deep dive into securing applications from start to finish. Whether you are involved in software design and implementation, or testing and development, this event will provide timely take-aways and best practices that you can implement in your organization.

The virtual two-day event, which includes Q&A with presenters moderated by Brandon Dunlap, takes place November 8-9. ISC2 members, associates and candidates can attendee for free and earn 5.5 CPE (Continuing Professional Education) credits. The fee for non-members is $129; however, anyone can become an ISC2 Candidate for free to have their registration fee waived. This is the last of highly-rated Spotlight events this year, so don’t miss out!

All previous ISC2 Spotlight events have received excellent feedback from attendees, including one who said “I thought the timing, sessions, and duration was perfect. The topics were in line with current issues and presented well.”

This event will kick-off with a panel of experts in the field speaking on open source software (OSS). You won’t want to miss this lively discussion to learn what you and your organization needs to know from Shannon Lietz, CEO, ThirdScore; Chris Romeo, CISSP, CSSLP, CEO, Devici; and Ryan Skinner, CISSP, Security+, Senior Manager, Application Security, McDonald's.

Later, you’ll be able to take a deep dive into SBOM (software bill of materials), with Ed Adams, Uma Chandrashekhar and Josh Corman. This panel of industry experts will unpack SBOM and debate its benefits, risks, costs, formats, components and implementation.

Jack Cable, Senior Technical Advisor at CISA says that given the never-ending cybersecurity attacks, something has to give. On day two of the event, he’ll dive into CISA’s Secure by Design which is aiming to shift the responsibility of cybersecurity onto technology manufacturers.

Timothy Serewicz, Director, Training Program at The Linux Foundation will discuss some of the challenges of keeping computer programs safe as they go from software developers to users. He’ll explain Sigstore and how to secure the code supply chain, its main tools and how to set up Sigstore in your software process.

The event’s full agenda includes:

  • Open Source Software: The Good, The Bad, The Ugly
  • Secure Updates for Software
  • Deep Dive into SBOM
  • Secure by Design
  • SigStore to Secure the Code Supply Chain
  • What You Need to Know About the EU Cyber Resilience Act

Everyone is encouraged to register as only registered attendees will be able to view the recordings to earn CPE credits after the live event is complete. Live attendees will earn the CPE credits automatically which will post to their ISC2 member accounts within two weeks.

Register now to secure your spot and earn 5.5 CPE credits!