Upcoming events

Switch to Calendar View

• The Transparent Code Revolution: Ensuring Safety in Software Supply Chains

  • When
    6 May 2025
  •  
    6:45 PM - 8:45 PM
  • Location
    Seminar Room B1.2 (Basement 1), School of Economics/School of Computing & Information Systems 2, 90 Stamford Road, Singapore 178903
  • Spaces left
    27

  Register

  
  

  
  

  
  

  
  

  Synopsis

  
  

  As software supply chains grow increasingly complex, ensuring transparency and security has never been more critical. The Transparent Code Revolution: Ensuring Safety in Software Supply Chains dives into the global push for software transparency and explores how initiatives like the Software Bill of Materials (SBOM) are shaping compliance and visibility across the development lifecycle.

  
  

  This session will examine the real-world challenges organizations face in gaining visibility into their software components and why this lack of insight poses serious risks. It will also highlight best practices for vetting open source packages and the pivotal role of SBOMs in building secure foundations for risk management.

  
  

  Attendees will gain practical knowledge on conducting vulnerability reachability analysis to identify potential attack paths and how artificial intelligence is accelerating the remediation of threats through automation and intelligent insights.

  
  

  Whether you're a developer, security professional, or technology leader, this seminar will equip you with actionable strategies to enhance transparency, mitigate risks, and future-proof your software supply chain.

  
  

  
  

  Topic Overview

  
  

  1. Global Initiatives for Transparency: Transparency in software development is essential for meeting global regulatory requirements, such as those mandating the disclosure of software components. Notably, initiatives like the Software Bill of Materials (SBOM) are central to ensuring compliance and fostering visibility within the supply chain.

     
     

  2. Challenges in Achieving Visibility: Organizations often face significant hurdles in achieving comprehensive visibility into the components of their software. These challenges can undermine effective risk management, making it difficult to mitigate potential vulnerabilities within the supply chain.

     
     

  3. Vetting Open Source Packages: The adoption of best practices for vetting open source packages is critical to ensuring the security and reliability of third-party components. Employing robust tools and methodologies allows organizations to assess the safety of these components more effectively.

     
     

  4. From SBOM Creation to Risk Mitigation: The creation of a Software Bill of Materials (SBOM) is a crucial step in enhancing visibility and enabling more accurate risk assessments. By documenting all software components, an SBOM provides a foundational tool for effective risk mitigation.

     
     

  5. Vulnerability Reachability Analysis: Vulnerability reachability analysis is an essential technique for identifying potential attack vectors. This analysis helps to pinpoint and address supply chain risks before they can be exploited.

     
     

  6. Leveraging AI for Vulnerability Remediation: Artificial intelligence is playing an increasingly important role in automating the detection and remediation of vulnerabilities. Successful use cases illustrate how AI-driven solutions can significantly reduce supply chain risks by swiftly identifying and addressing security threats.

     
     

  This presentation will explore these key areas in detail, providing practical insights into how transparency and technology can transform the safety of software supply chains.

  
  

  Register now to secure your spot!

  
  

  
  

  
  

  Agenda

  
  

  6:45PM - 7.20PM - Registration, light dinner & networking

  
  

  7:20PM - 7.30PM – Welcome & Introduction of Agenda and Speaker

  
  

  7.30PM - 8:30PM - The Transparent Code Revolution: Ensuring Safety in Software Supply Chains

  
  

  8:30PM - 8:45PM - Q&A & Wrap-Up by ISC2 President

  
  

  
  

  
  

  About the Speaker

  
  

  
  

  Daniel Chernov , CEO of DerScanner

  
  

  Daniel Chernov has wealth of expertise in cybersecurity. With a degree in cybersecurity, Daniel began his career as a cybersecurity consultant, earning prestigious global certifications such as Certified Information Systems Auditor (CISA) from ISACA and Certified Information Systems Security Professional (CISSP) from ISC2. His extensive experience includes conducting cybersecurity audits, including ISO 27001 evaluations, and assessing technical security for companies across the United States, Europe, the Middle East, and the APAC region. For the past decade, Daniel has been dedicated to evolving DerScanner's application security testing platform, leveraging best-of-breed technology to enhance the security of customer applications.

  
  

  https://www.linkedin.com/in/daniel-chernov-cisa-cissp-00a8101b/
  

  
  

  
  

  
  

  ************************************************************************************

  
  

  This is a DerScanner-sponsored chapter professional development event,  thus 1.5 CPE hours will be available for your CPE submission. To facilitate submission of CPE points on your behalf by the local chapter - please identify yourself clearly with <ISC2 membership number> + your full name when you sign up or during registration onsite.

  
  

  
  

  Notes:

  1) As spaces are limited, if you cannot attend after registering, please cancel your registration or email info@isc2chapter.sg at least 2 business days before the event.

  
  

  2) For ISC2 members residing in Singapore who are not yet members of our local Singapore Chapter, please sign up with us through our ISC2 Singapore Chapter website under "Membership-Join us"

   - https://www.isc2chapter.sg/join-us

  
  

  Membership Rates:
  Professional Member: $50/year
  Associate Member (Non-credential holders): $30/year
  Student Member: $10/year

  
  

  Show details
• Building a Modern SOC

  • When
    9 May 2025
  •  
    10:00 AM - 2:00 PM
  • Location
    15A Changi Business Park Central 1, #03-01/02 Eightrium, Singapore 486035
  • Spaces left
    0

  
  

  
  

  
  

  This event has been rescheduled to 09 May 2025

  
  

  SYNOPSIS

  
  

  Struggling with your Security Operations Center (SOC) strategy?

  
  

  Are you a CISO, SOC Manager, SOC Leader, or Head of Security Operations who is:
  ✅ Running an in-house SOC but considering outsourcing?
  ✅ Exploring options to build your own SOC?
  ✅ Already subscribed to a Managed SOC or Managed Detection & Response (MDR) but wondering if there’s a better approach?

  
  

  If any of these apply to you, this session is for you!

  
  

  Join us for an exclusive short talk on Building a Modern SOC, followed by a SOC tour where you'll see firsthand how a modern SOC operates. Get insights on optimizing your security operations, reducing complexity, and strengthening your cyber defense.

  
  

  In an era where cyber threats are increasingly sophisticated, organizations must rethink how they design and operate their SOC to stay ahead of evolving risks. A modern SOC must go beyond traditional security monitoring, integrating advanced threat intelligence, AI-driven analytics, and automated response capabilities to improve detection and mitigation. However, many organizations face challenges such as talent shortages, growing regulatory demands, and the high cost of maintaining a 24/7 security operation. To address these challenges, businesses are exploring new approaches to SOC operations, including centralized security management, cloud-native technologies, and the use of AI and automation to enhance efficiency.

  
  

  This session is co-hosted by Proficio and the ISC2 Singapore Chapter, will provide insights into key considerations for building a modern and next-generation SOC, with a focus on practical strategies for improving threat detection and response. Attendees will also have the opportunity to visit a fully operational SOC to see modern security operations in action. As organizations evaluate different SOC models, many are turning to Managed Detection and Response (MDR) provider to reduce operational burdens while maintaining enterprise-grade security.
  

  
  

  Seats are VERY limited—only 20 members, 1 per organization!

  
  

  Secure your spot now before it's gone! Register today.
  

  
  

  
  

  AGENDA

  
  

  10:00AM - 10:30AM Registration

  10:30AM - 11:30AM Build a modern SOC presentation

  11:30AM - 12:00PM SOC Tour

  12:00PM - 2:00PM Lunch and networking

  
  

  
  

  ************************************************************************************

  
  

  
  

  
  

  This is a Proficio-sponsored chapter professional development event,  thus 2.0 CPE hours will be available for your CPE submission. To facilitate submission of CPE points on your behalf by the local chapter - please identify yourself clearly with <ISC2 membership number> + your full name when you sign up or during registration onsite.

  
  

  Notes:

  1) As spaces are limited, if you cannot attend after registering, please cancel your registration or email info@isc2chapter.sg at least 2 business days before the event.

  
  

  2) For ISC2 members residing in Singapore who are not yet members of our local Singapore Chapter, please sign up with us through our ISC2 Singapore Chapter website under "Membership-Join us"

   - https://www.isc2chapter.sg/join-us

  
  

  Membership Rates:
  Professional Member: $50/year
  Associate Member (Non-credential holders): $30/year
  Student Member: $10/year

  
  

  Show details