October 26, 2020
Today we are joined by Rohit Sethi from Security Compass and Nicolas Chaillan, Chief Software Officer, U.S. Air Force, to gain insights into building a DevSecOps program for a large government organization. In this podcast, we will talk about the challenges, key considerations, and the need to balance security with fast delivery cycles in the defense world. We will also cover the program structures being established across the Department of Defense and understand more about the ATO process.
October 23, 2020
Today we are joined by Altaz Valani from Security Compass and Bob Aiello, DevOps architect and trainer with decades of experience leading enterprise software process improvement initiatives. We will start by asking the question, “Why do so many organizations struggle with integrating security into DevOps?” Since automation is a key part of DevOps, we will discuss security practices that are easily automatable in DevOps, and conclude with a discussion on where DevOps is headed.
October 19, 2020
Today we are joined by Altaz Valani from Security Compass and Spencer Koch, Security Wizard at Reddit, to discuss the role of security in Application Modernization. In today’s digital world, businesses have to modernize their applications routinely. In this podcast, we will discuss current trends and security challenges around application modernization; and how security can help minimize the risk. This is important as many organizations are currently transforming their applications against a backdrop of going digital.
October 16, 2020
Today we are joined by Altaz Valani from Security Compass and Jeff Sorrell, a Data Privacy and Information Security Consultant. We will discuss, at a high level, the importance of Cybersecurity Maturity Model Certification (CMMC) and its operational impact on companies that have contracts with the U.S. Department of Defense. We dive into some of the nuances of CMMC as it advocates moving away from self-attestation to third-party audit and certification. To conclude this discussion, Jeff will share thoughts on any trends based on his own experience.
October 9, 2020
Today we are joined by Ehsan Foroughi from Security Compass, and Andrew Wertkin, Chief Strategy Officer at BlueCat. In this podcast, we will discuss the intersection of network infrastructure and security, and how to bake security requirements from that perspective. Drawing from his experience in enterprise architecture and distributed computing networks, Andrew will also share valuable security and network health insights.
October 5, 2020
Today we are joined by Hasan Yasar, Technical Director of Continuous Deployment at the Software Engineering Institute, CMU, to talk about Continuous ATO. We will start with the need to automate architectural assurance across the application build and deployment pipeline. Further, we will discuss how risk management is embedded into the process through security controls. Finally, we will conclude with how DevOps unlocks the ability to achieve continuous ATO.
October 2, 2020
In this podcast, we are joined by Brian Pitts, Director, Product Security Governance at Johnson Controls (JCI) to discuss some of the unique security challenges faced by IOT device manufacturers and how advanced tooling has helped JCI bolster their product security practices.
September 25, 2020
Today we are joined by Glen Notman, Associate Partner at Citihub. In this podcast, we will talk about the gap that exists between the security and business teams. To communicate the value of security, it’s important for security teams to make their findings and recommendations relevant to the business. This involves empathizing with the real needs of a business stakeholder.
September 21, 2020
Today we are joined by Gopi Reddy who is an experienced Enterprise Architect. We will talk about digital transformation and how DevOps enables the business imperative. Security is often not considered a key part of this transformation because of the perception that it is a low-level technical activity. With the shift to digital product enablement in a high velocity environment, this is now changing as security becomes everyone’s responsibility.
September 18, 2020
Today we are joined by Ruth G. Lennon, Lecturer, Department of Computing at the Letterkenny Institute of Technology, to talk about initiating the journey of injecting security into development. Many teams feel enormous pressure from the start to quickly understand security. In this podcast, we delve into taking a more thoughtful and deliberate approach that focuses on building a strong foundation to align your cross functional teams.