• Watch
  • Listen
  • Live Stream
Security Weekly
Security Market Validation
  • Listeners
    • Subscribe
    • Insider List
    • Suggest a Guest
  • Shows
    • Paul’s Security Weekly
    • Enterprise Security Weekly
    • Business Security Weekly
    • Application Security Weekly
    • Security & Compliance Weekly
    • Security Weekly News
    • Tradecraft Security Weekly
    • Secure Digital Life
  • Series
    • CISO Stories
    • Getting the Real Work Done in Cybersecurity
  • Webcasts/Trainings
    • Registration
    • On-demand
  • Articles
  • Partners
    • Become a Partner
    • Landing Pages
  • Hosts
  • Company
    • About
    • Careers
    • Contact

DevSecOps, Compliance GRC, and the Future of Application Security – Francesco Cipollone – ASW #177

Security Weekly Productions API security, Cloud Security Tech, Container Security, DAST, dockerized, exploits, Francesco Cipollone, Incident Response and Forensics, Integrating Security into DevOps, intrusion detections, John Kinsella, log analysis, Microsegmentation, Mike Shema, Mobile Application Assessment, Next Wave of Digital Transformation, OpenShift In Action, ransomware, Raspberry PI Model B, SAST, Secure Coding Practices, Siemens, SOAR Software, sql injection, sw composition analysis, Sysmon DNS logging, The 3 Ways of DevSecOps, the current state of privacy and software development, The Human Element of Application Security, Threat Hunting & AI Hunter, threat intelligence, ThreatStack, vulnerabilities, WAFs, XSS Vulnerability, Zscalers December 13, 2021



DevSecOps has been traditionally very people centric. It is hard to measure software security and the landscape is becoming increasingly more complex with container, cloud, and infrastructure. Driving an appsec program at scale is often an art that only few can master and the majority of organizations remain uncovered from an appsec perspective. Measuring DevSecOps and evolving risk-based vulnerability management is a must. Bringing along risk people and GRC has traditionally been challenging.

Segment Resources:
– AppSec Cali 19 Talk: https://www.youtube.com/watch?v=cegMUjo25Zc
– ADDO19: https://www.youtube.com/watch?v=x1p3exzkTIY
– Open Security Summit 20 – https://www.youtube.com/watch?v=8myMG36gq4o, https://www.youtube.com/watch?v=mh_P1C1a-CM Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

DevSecOps, Compliance GRC, and the Future of Application Security

Guests

Francesco Cipollone

Francesco Cipollone – CEO & Founder at AppSec Phoenix Ltd

@FrankSec42

Francesco Cipollone a multi start-upper and cybersecurity professional, Francesco was the ex AppSec and Cloud Security lead for HSBC, Lead Cloud Security for AWS Professional Service, and previously consulted with the United Nations. Francesco is also Chair of the Cloud security alliance, published author, podcaster and public speaker.

Hosts

John Kinsella

John Kinsella – Co-founder & CTO at Cysense

@johnlkinsella

John Kinsella is the Chief Architect for Accurics

Mike Shema

Mike Shema – Security Partner at Square

@Codexatron

Mike Shema is a Security Partner at Square.

Announcements

  • Throughout 2022, CRA’s Business Intelligence Unit will be releasing research reports on the top topics across the security industry. Our first report will be on Third-Party Risk and the Supply Chain. To participate in the survey, please visit https://securityweekly.com/thirdpartyrisk. The results will be shared at our Third-Party Risk eSummit in January.

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Related Posts

Docker Blog_700x400

Container Security /

An Easier Way For Security To Keep Pace

About Security Weekly

Security Weekly is the security podcast network for the security community, distributing free podcasts and media since 2005. We connect the security industry and the security community through our security market validation programs.

More Than Just A Sponsor

We view our relationships with the security industry as partnerships, not sponsorships. Security Weekly works closely with each partner to help you achieve your marketing goals and gain traction in the security market. Interested in becoming a partner? Please visit our partnerships page.

Back to Top

Subscribe To The Blog:

RSS feed RSS - Posts

Search

Latest Tweets

Tweets by @secweekly
© Security Weekly 2022
Powered by WordPress • Themify WordPress Themes