Seeking better operational efficiency and ROI, many enterprises have begun significant software automation and orchestration efforts without accounting for the inherent security risks they may bring, says Jeffery Kok of CyberArk.
Effective "SecOps" involves revamping security processes that are inconsistent and ad hoc to make them targeted and consistent, says Rapid7 CEO Corey Thomas, who describes the roles of automation and orchestration.
Artificial intelligence and machine learning will have a significant impact on lowering the cost of securing an organization because it will reduce the need for advanced skillsets, predicts Rapid7's Richard Moseley.
Although there's widespread agreement that addressing security early in the software development cycle is an essential component to any breach prevention strategy, implementing DevSecOps can prove challenging.
Open source software components may be free, but that doesn't automatically make them safe to use. "There can be risks involved," says Steve Giguere, of Synopsys, who says these risks are often compounded by the pressure to deliver goods to market quickly and with new features.
Incident response is a critical pillar of an effective endpoint security program, one that will gain importance as GDPR enforcement comes into play on May 25. Organizations must be ready to react if and when an incident occurs in order to meet the stringent requirements that apply during an incident.
Art Coviello, ex-CEO of RSA, is concerned about fraud trends and social media vulnerabilities. But he also is bullish on the opportunity for artificial intelligence and DevOps security to stop attacks before they cause harm.
The technologies and processes that businesses deploy today are so tightly linked to their customers and markets that the
boundary between the company's internal operations and external
ecosystem (i.e., customers, markets, competitors, partners,
regulators) is rapidly disappearing. Business leaders are
Applications are the #1 attack target of hackers. And according to the Verizon 2016 Data Breach Investigations Report, 82% of data breaches in the financial sector occurred through web apps.
For banks and credit unions, it's more difficult than ever before to pick an AppSec solution. It's easy to find yourself...
Open source and third-party components help developers build and deploy applications faster. But with increased speed comes greater risk that could lead to fraud. Vulnerabilities in components are a hidden cost of free software. And their widespread use creates opportunities for attackers looking to exploit the most...