Security Boulevard Chat

Does cloud, DevSecOps and network security all go together? They have to in the real world. We sit down with Harry Sverdlove, CTO founder of Edgewise Networks and discuss this very topic as well as top three tips from Harry. Have a listen

The environments that we deploy applications in have certainly changed over the last 10 years. This is true for the way we secure applications as well. Barracuda Networks has ridden this wave to cloud native and making solutions for developers, devops teams and security and risk teams. We speak to Tim Jefferson, VP of public cloud for Barracuda on how they are adapting and helping to shape this market

Application Security Requirements & Threat Management (ASRTM)is a great way to: • Lowering costs to build secure software • Making security measurable • Turning unplanned work into planned work • Freeing up time away from remediation, and into feature development • Having a single process that works with in-house, outsourced, and commercial software • Providing confidence that software is secure, when requirements are linked to verification In this chat with Rohit Sethi of Security Compass, we discuss ASRTM and how it helps DevOps teams, security teams and DevSecOps.

One of the hottest new trends in the cybersecurity world is what is being called "Deception". While honeypots and such have been around for a long time, the idea of purposely deceiving your attackers has really gained momentum, especially in the age of APT (advanced persistent threats). The team at Illusive Networks has pioneered this approach to safeguarding your infrastructure. In this Security Boulevard Chat we sit down with Illusive Networks Ofer Israeli to discuss the "art of deception."

They already number in the billions, but connected devices or IoT were not all built with security as top of mind. In this chat we speak with Mike Nelson, VP of IoT Security at DigiCert, a global leader in digital security for connected systems and devices. Mike tells what to do with your legacy devices and systems to help make them more secure and what to look for in systems going forward so that you can be as secure as possible. Great practical advice.

Chef has spent a lot of time bringing security and compliance into the software development lifecycle (SDLM). They have several solutions both open source and commercial which can help with your DevSecOps practice. I had a chance to sit down with Dan Hauenstein and Dominick Richter. Dominick is one of the founding members of dev-sec.io and co-creator of Chef Compliance.

Container adoption rates are skyrocketing. Securing these environments is both a tremendous opportunity and a daunting challenge. Aqua Security has taken on this challenge. With their most recent funding announcement and other momentum news, they are making their play to lock down the container security market and establish themselves as the market leader. I had a chance to catch up with Rani Osnat of Aqua to hear about their funding news, how they are going to use the money and what the challenges are in the container security space.

Zane Lackey, co-founder of Signal Sciences and formerly of Etsy give us the top lessons for DevSecOps. Great list from Zane. Great discussion

Dr. Chenxi Want has already had an amazing career that includes a PH.D, time as an analyst at a leading analyst firms and executive positions at both security vendors and large organizations as a security leader. All the while she is also a mother, wife, angel investor and leader of a growing diversity movement in technology. Chenxi has now started the Jane Bond Project where she is consulting for various start ups, as well as established companies in helping their go to market, as well as security strategies. That is certainly a lot on her plate, but Chenxi can handle it. After all she is Bond, Jane Bond!

DevSecOps, it's a thing. While some say absolutely, others say pleee-ase. I speak with Mike Kail, CTO founder of Cybric about how some of the biggest pushback on DevSecOps comes not from the Dev or Ops crowd, but from the security teams. Whats up with that? Are the security team too territorial? Do they relish their otherness? Mike who has a long history including executive stints at Netflix and Yahoo gives us his reasoning.