Security Compass, a leading provider of cybersecurity solutions and advisory services, enables organizations to adopt balanced development automation for rapid and secure application development. With their flagship product, SD Elements, the company helps automate significant portions of proactive manual processes for security and compliance that improves time to market for new technology. In addition, they offer advisory services on how organizations can embrace emerging technologies like cloud to strengthen their security posture. Security Compass is the trusted solution provider to leading financial organizations, technology enablers, and renowned global brands.
Today we are joined by Glen Notman, Associate Partner at Citihub. In this podcast, we will talk about the gap that exists between the security and business teams. To communicate the value of security, it’s important for security teams to make their findings and recommendations relevant to the business. This involves empathizing with the real needs of a business stakeholder.
Today we are joined by Gopi Reddy who is an experienced Enterprise Architect. We will talk about digital transformation and how DevOps enables the business imperative. Security is often not considered a key part of this transformation because of the perception that it is a low-level technical activity. With the shift to digital product enablement in a high velocity environment, this is now changing as security becomes everyone’s responsibility.
Today we are joined by Ruth G. Lennon, Lecturer, Department of Computing at the Letterkenny Institute of Technology, to talk about initiating the journey of injecting security into development. Many teams feel enormous pressure from the start to quickly understand security. In this podcast, we delve into taking a more thoughtful and deliberate approach that focuses on building a strong foundation to align your cross functional teams.
Today we are joined by Altaz Valani from Security Compass and Nikhil Kumar, President, and Founder of ApTSi, to discuss the feasibility of Zero Trust. In this podcast, we will talk about the value of Zero Trust from a business enablement perspective. We will also dive into the feasibility of Zero Trust for technical leaders. While Zero Trust is not a silver bullet, for today’s rapidly evolving business and security scenarios, it offers a compelling evolution away from our network-centric approach towards a focus on the data.
Today we are joined by Altaz Valani from Security Compass and Stephen Whitlock, one of the first members of the Jericho Forum and a security expert with 16 years of experience at Boeing. In this podcast, we will discuss the evolution of Zero Trust and its roots in the Jericho Forum work. We will also talk about the business value of Zero Trust and the pitfalls of rolling out a Zero Trust program. Implementing Zero Trust is more effective if we understand the history and why today’s business needs are driving this evolutionary approach to security.
Today we are joined by Altaz Valani from Security Compass and Tony Carrato, an independent consultant with expertise in delivering enterprise architecture across varied industries. In this podcast, we will discuss the evolution of the Zero Trust security model and how it is different from existing models. We will also delve into the business value that Zero Trust can offer organizations in the midst of changing operating models. The agility of organizations depends, in large part, on the security assurance of data safety at all times.
Today we are joined by Ehsan Foroughi, Head of Products at Security Compass, to talk about the importance of a security culture in an organization. In this episode, he will explain how the effectiveness of any application security program is impacted by the security culture across teams. Citing examples from his personal experiences, he delves into the human factor in security and how strong organizational policies can fail if not implemented properly.
Today we are joined by Altaz Valani from Security Compass and Hasan Yasar, Technical Director of Continuous Deployment at the Software Engineering Institute, CMU. We will discuss shifting security to the left and being more proactive. Using Top 10 lists is a good starting point. In the long term, however, value is achieved when we use security scenarios to drive out important value propositions.
Today we are joined by Altaz Valani from Security Compass and Andy Woyzbun, Management Consultant at Woyzbun Advisory, to discuss how a CIO drives a cybersecurity strategy. In this podcast, we will talk about clearly defining and communicating security policies; guiding employees to execute these policies; and using guardrails to assess whether security policies are being enforced effectively. Ultimately, it’s about balancing a cybersecurity strategy against the needs of business enablement.
Today we are joined by Altaz Valani from Security Compass and Spencer Koch, Security Wizard at Reddit, to discuss the importance of a proactive security mindset across the software security life cycle. Proactive often means using tools, but these tools are useful only if they help reduce process overhead. Blindly shifting security responsibilities to tool results in more overhead through false positives. In this podcast, we will talk about a lean process mindset that shifts the discussion “to the left” (before SAST, DAST, and Pentesting) and helps to identify where waste can be eliminated — and that is what enables proactive security.
Spencer is an offensive security professional with extensive experience in both consulting and industry. He has also served as the North American CISO at a large energy company.
