Let's Talk AppSecOps

By: ArmorCode
  • Summary

  • Agile DevOps, Cloud Deployment, Microservices, and Open Source have all dramatically accelerated application delivery and complexity. Today’s AppSec teams, outnumbered by as much as 100:1 by developers, depend on a collection of point security products and siloed manual processes. This leaves them struggling to gain the visibility, insight, and process scale they need to identify and protect the always changing and growing application risk surface.  


    This resulting AppSec Chaos means applications ship fast without the assurance of shipping securely, leaving the organization at risk of breaches and losses.

    Welcome to the Let's Talk AppSecOps show, where we bring discussions with security thought leaders and practitioners and software development minds from leading enterprises to talk about their concerns, case studies, and best practices in operationalizing application security. 


    This show is hosted by ArmorCode experts. It talks about how security and development teams can work together and implement practical security measures.


    Mark Lambert is a AppSecOps Evangelist and VP of Products at ArmorCode, breaking down the communication barrier between Developers and Security experts to help organizations adopt and scale security practices within their development teams.

    Mark is passionate about applying technology innovations to solving real world business problems. For the last 20 years, he has been working with the world's leading brands to streamline the delivery of secure, reliable and compliant software applications across Enterprise IT and Embedded/IoT markets.Mark has been invited to speak at numerous industry events, and been published in industry media.


    Luis is a Senior Solutions Engineer at ArmorCode and he comes from a background that includes names big and small. His technical skills have been forged in the fires of prospects and clients alike. Luis's diverse skill set includes the ability to explain technology to non-technical audiences, set up a “pizza box” in a freezer, cook a perfect elk steak over a mesquite-fueled grill, and spend late nights in a war-room!  

    His plethora of application security skills and ability to social engineer the feathers off an owl, serves him well as our Senior Solutions Engineer!


    Nikhil Gupta is co-founder and CEO of ArmorCode. He is a successful serial entrepreneur with more than 25 years of experience. Prior to founding ArmorCode, Nikhil was CEO and Co-founder of Avid Secure which was acquired by Sophos. Avid Secure built a marketing-led AI-powered multi-cloud security and compliance platform. Nikhil has held several leadership positions in VMWare, Cisco, ForeScout, Ericsson (joined through the acquisition of Entrisphere), Alcatel, And Bell Labs. Nikhil holds an MBA from Columbia Business School and BS and MS in Computer Science. 


    LingRaj Patil is the Head of Marketing at ArmorCode and a renowned speaker and business growth leader with 20+ years of experience spanning engineering and marketing in Seed, Series A/B/C/D, Unicorn, and Fortune 500 companies. He is a guest speaker on Marketing and Entrepreneurial Strategy at Stanford University. He has a passion for building communities that bring thought leaders and practitioners together to rally around the challenges and opportunities they present. He is also the Executive Chair of the Purple Book Community, a community of software security leaders who are on a mission to build more secure software. 

     Let this show be your guide to hearing inspiring stories of leaders building secure software against odds, hearing insightful case studies, and getting to know more about the leaders who make it all happen. With the software demand increasing nonstop, now is the right time to tune in.

     

    Find show episodes at www.armorcode.com/lets-talk-appsecops.

    Copyright © 2023 ArmorCode Inc. | All Rights Reserved | armorcode.com
    Show more Show less
activate_Holiday_promo_in_buybox_DT_T2
Episodes
  • Gates to Guardrails
    Nov 3 2022

    Developers don't want to be slowed down, but security teams don't want development speed driving AppSec posture off a cliff. The compromise: security guardrails instead of release gates. With a basis of mutual trust that only critical findings will be sent for remediation and all critical findings will be remediated, friction between teams can be mitigated. Avoiding alert fatigue is one thing both security and developer talent can agree on.


    About ArmorCode


    We develop, sell, and deliver the world’s first and leading AppSecOps platform to our customers, along with the expertise, support and community they need to ship secure software and ship it fast. The ArmorCode platform brings together powerful AppSec Posture, Vulnerability, and Compliance Management with DevSecOps workflow automation.

    _____________________________________________________


    Follow us


    www.armorcode.com

    LinkedIn: https://www.linkedin.com/armorcode

    Twitter: https://twitter.com/code_armor

    _____________________________________________________


    About AppSecOps


    What is AppSecOps? https://www.armorcode.com/what-is-appsecops


    The State of AppSecOps Report: https://www.armorcode.com/state-of-appsecops-2022


    AppSecOps Research from Enterprise Strategy Group: https://www.armorcode.com/esg-appsecops-showcase

    Show more Show less
    7 mins
  • Factors in Prioritization
    Oct 27 2022

    Prioritizing threat/vulnerability findings takes thought, a satellite cam, and a microscope if you don't have an AppSecOps platform at work. There's a lot to consider: criticality variance across tools (they don't come normalized out of the box), threat intelligence on CVEs, and tool/technique weight factors, for starters.


    A major concept is the context around the app/sub-app/module associated with a finding. The software's dependencies, environment, provenance, and the sensitivity of its data are just a few values that affect priority. That context dictates resource alignment, while risk scoring influences specific tactical activities thereafter.


    About ArmorCode


    We develop, sell, and deliver the world’s first and leading AppSecOps platform to our customers, along with the expertise, support and community they need to ship secure software and ship it fast. The ArmorCode platform brings together powerful AppSec Posture, Vulnerability, and Compliance Management with DevSecOps workflow automation.

    _____________________________________________________


    Follow us


    www.armorcode.com

    LinkedIn: https://www.linkedin.com/armorcode

    Twitter: https://twitter.com/code_armor

    _____________________________________________________


    About AppSecOps


    What is AppSecOps? https://www.armorcode.com/what-is-appsecops


    The State of AppSecOps Report: https://www.armorcode.com/state-of-appsecops-2022


    AppSecOps Research from Enterprise Strategy Group: https://www.armorcode.com/esg-appsecops-showcase

    Show more Show less
    6 mins
  • Vulnerability Management – What? When? How?
    Oct 20 2022

    Vulnerability Management looks different from business to business. What qualifies a risk as acceptable or not? When should confirmed vulns be fixed by? Perhaps most distressingly, how do we know when vulnerability has actually been remediated? Luis Guzmán talks about the different aspects of vulnerability and its most common musts:


    • a workflow framework that security & dev agree on
    • live critical finding notifications
    • active remediation monitoring
    • visibility throughout ticket lifecycles "from soup to nuts"


    About ArmorCode


    We develop, sell, and deliver the world’s first and leading AppSecOps platform to our customers, along with the expertise, support and community they need to ship secure software and ship it fast. The ArmorCode platform brings together powerful AppSec Posture, Vulnerability, and Compliance Management with DevSecOps workflow automation.

    _____________________________________________________


    Follow us


    www.armorcode.com

    LinkedIn: https://www.linkedin.com/armorcode

    Twitter: https://twitter.com/code_armor

    _____________________________________________________


    About AppSecOps


    What is AppSecOps? https://www.armorcode.com/what-is-appsecops


    The State of AppSecOps Report: https://www.armorcode.com/state-of-appsecops-2022


    AppSecOps Research from Enterprise Strategy Group: https://www.armorcode.com/esg-appsecops-showcase

    Show more Show less
    7 mins

What listeners say about Let's Talk AppSecOps

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.