Business Security Weekly Subscribe

Vulnerability Management, Cloud Security, Application security, Asset Management, DevSecOps

Optimize Buying Criteria to Ensure Success of Your New Security Tools – Travis Isaacson – BSW #219

June 7, 2021

CISOs know the power of security as a driver of business, but other stakeholders often equate security with compliance. Security shouldn’t be viewed as a controlling organ - then it will stall innovation and become a blocker for deploying new techniques. Implemented and evaluated correctly, new security tools should speed up the development processes and enable innovation.

So how do you measure success in app sec?

There are several methods that define the success of a new tool. New tools have to live up and in most instances exceed the existing solutions in place and should help developers to do their job more efficiently.

Here we can discuss the relevance of pre-planning and the definition of clear success criteria to get the most out of any solution decided upon. We draw parallels to real world examples of companies that have found success by optimising the time spent on evaluating and implementing new tools.

This segment is sponsored by Detectify.

Visit https://securityweekly.com/detectify to learn more about them!

Sponsored By

Detectify

Full episode and show notes

Announcements

Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!

Guest

Travis Isaacson

Technical Expertise Manager at Detectify

Travis Isaacson is Technical Expertise Manager at Detectify, where he helps customer security teams utilize the latest crowdsourced vulnerability research in their automated security practices and keep web apps secure. Travis has a background in supply chain logistics and digital AdTech. Outside of office hours, he enjoys dabbling in ethical hacking and bug bounties.

Hosts

Chief Product Officer at CyberSaint

Jason Albuquerque

Chief Operating Officer at Envision Technologies

Paul Asadoorian

Principal Security Evangelist at Eclypsium

https://securitypodcaster.com

Related

5G Hackathons – Casey Ellis – BTS #28

April 24, 2024

Casey recently was involved in an event that brought hackers and 5G technology together, tune-in to learn about the results and how we can use bug bounty programs to improve the security of "things". This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!

Vulnerability Management

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland… – SWN #380

April 23, 2024

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News.

Government Regulations

Unraveling the “Materiality” Mystery: A CISO’s Guide to SEC Compliance – Mike Lyborg – BSW #347

April 22, 2024

The new SEC Cyber Security Rules require organizations to be ready to report cyber incidents. But what do you actually need to do? Mike Lyborg, Chief Information Security Officer at Swimlane, joins Business Security Weekly to discuss how to prepare. In this interview he'll discuss the key element of your preparation, including: Quantification M...