Security Compass, a leading provider of cybersecurity solutions and advisory services, enables organizations to adopt balanced development automation for rapid and secure application development. With their flagship product, SD Elements, the company helps automate significant portions of proactive manual processes for security and compliance that improves time to market for new technology. In addition, they offer advisory services on how organizations can embrace emerging technologies like cloud to strengthen their security posture. Security Compass is the trusted solution provider to leading financial organizations, technology enablers, and renowned global brands.
Episodes
Monday Oct 05, 2020
Monday Oct 05, 2020
Today we are joined by Hasan Yasar, Technical Director of Continuous Deployment at the Software Engineering Institute, CMU, to talk about Continuous ATO. We will start with the need to automate architectural assurance across the application build and deployment pipeline. Further, we will discuss how risk management is embedded into the process through security controls. Finally, we will conclude with how DevOps unlocks the ability to achieve continuous ATO.
Friday Oct 02, 2020
Friday Oct 02, 2020
In this podcast, we are joined by Brian Pitts, Director, Product Security Governance at Johnson Controls (JCI) to discuss some of the unique security challenges faced by IOT device manufacturers and how advanced tooling has helped JCI bolster their product security practices.
Friday Sep 25, 2020
Friday Sep 25, 2020
Today we are joined by Glen Notman, Associate Partner at Citihub. In this podcast, we will talk about the gap that exists between the security and business teams. To communicate the value of security, it’s important for security teams to make their findings and recommendations relevant to the business. This involves empathizing with the real needs of a business stakeholder.
Monday Sep 21, 2020
Monday Sep 21, 2020
Today we are joined by Gopi Reddy who is an experienced Enterprise Architect. We will talk about digital transformation and how DevOps enables the business imperative. Security is often not considered a key part of this transformation because of the perception that it is a low-level technical activity. With the shift to digital product enablement in a high velocity environment, this is now changing as security becomes everyone’s responsibility.
Friday Sep 18, 2020
Friday Sep 18, 2020
Today we are joined by Ruth G. Lennon, Lecturer, Department of Computing at the Letterkenny Institute of Technology, to talk about initiating the journey of injecting security into development. Many teams feel enormous pressure from the start to quickly understand security. In this podcast, we delve into taking a more thoughtful and deliberate approach that focuses on building a strong foundation to align your cross functional teams.
Monday Sep 14, 2020
Monday Sep 14, 2020
Today we are joined by Altaz Valani from Security Compass and Nikhil Kumar, President, and Founder of ApTSi, to discuss the feasibility of Zero Trust. In this podcast, we will talk about the value of Zero Trust from a business enablement perspective. We will also dive into the feasibility of Zero Trust for technical leaders. While Zero Trust is not a silver bullet, for today’s rapidly evolving business and security scenarios, it offers a compelling evolution away from our network-centric approach towards a focus on the data.
Friday Sep 11, 2020
Friday Sep 11, 2020
Today we are joined by Altaz Valani from Security Compass and Stephen Whitlock, one of the first members of the Jericho Forum and a security expert with 16 years of experience at Boeing. In this podcast, we will discuss the evolution of Zero Trust and its roots in the Jericho Forum work. We will also talk about the business value of Zero Trust and the pitfalls of rolling out a Zero Trust program. Implementing Zero Trust is more effective if we understand the history and why today’s business needs are driving this evolutionary approach to security.
Tuesday Sep 08, 2020
Tuesday Sep 08, 2020
Today we are joined by Altaz Valani from Security Compass and Tony Carrato, an independent consultant with expertise in delivering enterprise architecture across varied industries. In this podcast, we will discuss the evolution of the Zero Trust security model and how it is different from existing models. We will also delve into the business value that Zero Trust can offer organizations in the midst of changing operating models. The agility of organizations depends, in large part, on the security assurance of data safety at all times.
Friday Sep 04, 2020
Friday Sep 04, 2020
Today we are joined by Ehsan Foroughi, Head of Products at Security Compass, to talk about the importance of a security culture in an organization. In this episode, he will explain how the effectiveness of any application security program is impacted by the security culture across teams. Citing examples from his personal experiences, he delves into the human factor in security and how strong organizational policies can fail if not implemented properly.
Monday Aug 31, 2020
Monday Aug 31, 2020
Today we are joined by Altaz Valani from Security Compass and Hasan Yasar, Technical Director of Continuous Deployment at the Software Engineering Institute, CMU. We will discuss shifting security to the left and being more proactive. Using Top 10 lists is a good starting point. In the long term, however, value is achieved when we use security scenarios to drive out important value propositions.