We’re not just rethinking what’s possible with web application security—we’re revolutionizing it. At Signal Sciences, we engineer big ideas with an eye on the future, building sustainable and wide-reaching solutions that not only serve teams’ immediate needs but also instinctively evolve along with them. We believe in simple, effective actions. We value teamwork. And our web protection platform proves it.
Podcasts on ITSP Radio
Enabling DevOps: A Security Imperative | Zane Lackey, CISO of Signal Sciences
In this episode, Chenxi - host of The New Factor - chats with Zane Lackey, CISO of Signal Sciences. Zane was the CISO of Etsy.com, and his team pioneered some of the first DevOps security deployments, many years ahead of the industry at large. Zane and Chenxi discussed how security must enable and support DevOps and how that should come about in a company. Zane talked at length about his experiences at Etsy to pioneer DevOps security when there was no prior success case to follow and how he forged his own path, and why it is a security imperative today to consider security engineering in a mindset that is API-first, code second.
Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter. The solutions are anchored on patented innovations in Deception and Data Science. This enables a DevOps approach to ATD, enabling ease of deployment, monitoring and management.
Acalvio enriches its threat intelligence by data obtained from internal and partner ecosystems, enabling customers to benefit from defense in depth, reduce false positives, and derive actionable intelligence for remediation.
Webinars and Videos on ITSP TV
Podcasts on ITSP Radio
Power To The People - Knowledge Is Power - A podcast with Chris Roberts and Dr. Christopher Pierson
This podcast is a post live panel conversation, following “Power To The People - Knowledge Is Power,” during Black Hat 2017 in Las Vegas.
Sean Martin and Marco Ciappelli invited Chris Roberts - Chief Security Architect at Acalvio Technologies - and Dr. Christopher Pierson - Chief Security Officer and General Counsel at Viewpost - to hang out with us and have a chat.
It is an interesting conversation. We invite you to listen to it.
Chris Roberts chats with us about cyber security VS. safety, AI, privacy and other "fun" stuff.
Chris Roberts chats with ITSPmagazine's Marco Ciappelli and Sean Martin about raising awareness and helping people use their technology more securely. We discuss perceptions and responsibility and how machine learning and artificial intelligence can help us be more secure if we surrender ourselves to it. The question is, are we already surrendering too much? We also ponder two other ideas... is the word "security" lost on society - would the word "safety" suit us better? And, last but not least, is there a big marketing value in having a certified "CyberSafe" product?
Real-time visibility and protection for critical applications and data via Runtime Application Self Protection (RASP)
Prevoty is dedicated to solving the challenges of application security. Applications are the heart of business, accessing and processing sensitive data. Network security has limited purview into what happens inside an application, and sophisticated hackers bypass perimeter defenses far too easily.
After keeping hackers at bay for years, our founders realized that true application security requires radical thinking: applications must self-defend at runtime.
Using LANGSEC, Prevoty developed a solution that monitors and protects applications at runtime, neutralizing actual attacks and providing unprecedented visibility into your production environment. Organizations rely on Prevoty’s high-performing RASP products to reduce runtime risk and eliminate vulnerability backlogs.
Their Story Articles and Podcasts
Experts Corner Webinar
Application Security In An Open Source World
Securing applications that rely on third-party
and open source software
Aside from the data they collect, create, and store, applications can oftentimes be an organization's greatest digital asset. Building custom applications to match the customer and market demands mapped to revenue objectives and available resources can be tremendously rewarding, but also a potentially-huge undertaking.
Ultimately, time to market is always a factor ... a requirement that almost always wins out over security. One way to tackle the time and effort to deliver more quickly is to leverage third party and open source components. But, do these elements save you in the long run - or do they introduce more risk in the form of potential vulnerabilities that are either not easily uncovered (at best) or not easily patched (if patchable at all)?
To answer these questions and more, we've pulled together a group of experts that deal with these challenges on a daily basis.
Podcasts on ITSP Radio
Now is not the time to point fingers, says Prevoty's Kunal Anand in response to the Equifax breach
On the heals of the announcement alerting roughly half of the American population to the fact that their personal information was exposed in a breach at Equifax, Kunal Anand, CTO and co-founder of application security solution provider, Prevoty, chats with ITSPmagazine's Sean Martin to explore how this might have happened and what the scope and scale of the situation looks like.
While we know very little at this point, given the source of the breach being attributed to an application vulnerability, what can we glean from the Equifax breach? First, there are a couple significant questions that need to be answered. Such as, how can so much data be exposed in plain text? What was the trigger behind the detection? We may not know the answers to these questions for quite some time, but we should all be asking ourselves, how come application security doesn’t get the attention it deserves within an organization, especially when applications are likely the most critical asset a company has (second to the data the apps connect to)?
Regardless of the answers to these questions (and more), Kunal’s advice for both the industry and the organizations that are facing this threat themselves is to not point fingers at Equifax and to recognize that this could happen to any of us. This is not the time to dog pile on another breach story; rather it is a time to reflect and learn.