Francesco Cipollone -- Application Security Posture Management and the Power of Working with the Business

Update: 2024-04-09

Description

Francesco Cipollone, CEO of Phoenix Security, joins Chris and Robert to discuss security and explain Application Security Posture Management (ASPM). Francesco shares his journey from developer to cybersecurity leader, revealing the origins and importance of ASPM. The discussion covers the distinction between application security and product security, the evolution of ASPM from SIEM solutions, and ASPM's role in managing asset vulnerabilities and software security holistically. Francesco emphasizes the necessity of involving the business side in security decisions and explains how ASPM enables actionable, risk-based decision-making. The episode also touches on the impact of AI on ASPM. It concludes with Francesco advocating for a stronger integration between security, development, and business teams to effectively manage software security risks.

Recommended Reading:
Cyber for Builders: The Essential Guide to Building a Cybersecurity Startup by Ross Haleliuk — https://ventureinsecurity.net/p/cyber-for-builders

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast

Thanks for Listening!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

Matin Mavaddat - Understanding Security as a Systemic Concern: The Role of Anti-Requirements

2024-11-1250:20

Kayra Otaner -- DevSecOps

2024-10-2932:46

François Proulx - Arbitrary Code Execution 0-day in Build Pipeline of Popular Open Source Packages

2024-10-2245:31

Steve Wilson -- The Developer's Playbook for Large Language Model Security: Building Secure AI Applications

2024-10-0136:32

Jeff Williams -- Application Detection & Response (ADR)

2024-09-2451:28

Phillip Wylie -- Pen Testing from Somebody who Knows about Pen Testing

2024-09-1752:08

Steve Springett -- Software and System Transparency

2024-08-2948:13

Irfaan Santoe -- The Power of Strategy in AppSec

2024-07-3140:14

Andrew Van Der Stock -- The New OWASP Top Ten

2024-07-2351:51

Derek Fisher -- Hiring in Cyber/AppSec

2024-07-1601:01:45

Tanya Janca -- Secure Guardrails

2024-07-0901:04:50

Jahanzeb Farooq -- Launching and executing an AppSec program

2024-07-0249:44

David Quisenberry -- Building Security, People, and Programs

2024-06-1856:54

Matt Rose -- Software Supply Chain Security Means Many Different Things to Different People

2024-06-1146:14

James Berthoty -- Is DAST Dead? And the future of API security

2024-05-3144:56

Mark Curphey and Simon Bennetts -- Riding the Coat Tails of ZAP, without Open Source Funding

2024-05-2142:32

Devin Rudnicki -- Expanding AppSec

2024-05-1435:57

Dustin Lehr -- Culture Change through Champions and Gamification

2024-04-1645:10

Francesco Cipollone -- Application Security Posture Management and the Power of Working with the Business

2024-04-0938:11

Mukund Sarma -- Developer Tools that Solve Security Problems

2024-04-0246:32

00:00

Francesco Cipollone -- Application Security Posture Management and the Power of Working with the Business

#box-pro-ellipsis-173234715280450{-webkit-line-clamp:2;}Francesco Cipollone -- Application Security Posture Management and the Power of Working with the Business

Francesco Cipollone -- Application Security Posture Management and the Power of Working with the Business

Chris Romeo

Francesco Cipollone -- Application Security Posture Management and the Power of Working with the Business