Building an assessment program

I’ve heard this question now several times, “What do you mean build a security assessment program? Do you mean build a security program?” My answer is consistently “no”. Your assessment program should be part of your overall security program, but they are separate (albeit related) initiatives. So what is a security assessment program? Think of …

Building an assessment program Read More »

Tackling IAM and Appsec

Some of the biggest challenges that face security teams today are Identity and Access Management (including Privileged Access Management) and Application Security. Too often, these initiatives get mired in the details and complexity and never end up getting completed. Systems administrators and application teams cringe at the thought of touching their Service Accounts. And you …

Tackling IAM and Appsec Read More »