From Appsec to prodsec: ASPM and the Future of Vulnerability Management with James Berthoty
?? Francesco ?? Cipollone
Reduce risk - focus on vulnerabilities that matter - Contextual ASPM - CEO & Founder - Phoenix security - ??♂? Runner - ?? Application Security Cloud Security | 40 under 40 | CSA UK Board | CSCP Podcast Host
Had the long overdue pleasure of talking with James Berthoty on a sticky subject we tend to see eye to eye at different intervals; check out the conversation on the world of Cloud and ASPM.
We are recording the new season. If you want to be featured, reach out!!
Cybersecurity professionals, we've got an episode you don't want to miss! Join us on the latest Cyber Security and Cloud Podcast as we welcome James Berthoty, a cybersecurity veteran with a wealth of experience in sysadmin, DevOps, and security engineering. ???
?? Episode Highlights:
- Application Security (AppSec) Evolution: James shares his journey and insights on the rapid changes in the AppSec industry, emphasizing the growing need for infrastructure professionals to engage with application code in our API-driven cloud environment.
- Vulnerability Management Challenges: Learn about the intricacies of managing software vulnerabilities, the evolution of patch management, and the inefficiencies of the CVE system that often result in false positives.
- Effective Testing and Benchmarking: Discover the importance of tools like insecure testing repositories and OWASP projects in enhancing the reliability of security tools.
- FedRAMP and Security Tools: Understand the stringent requirements of FedRAMP and how to balance flexible and opinionated tools in the broader security landscape.
- Asset Management and Open Source Risks: Through real-world examples, we discuss the critical role of asset management in vulnerability management and the importance of managing open-source supply chain risks.
?? Special Focus on ASPM: We delve into the complex challenges of Application Security Posture Management (ASPM), highlighting how to manage visibility and actionability in cybersecurity effectively.
Sponsored by Phoenix Security: Leaders in vulnerability management from code to cloud. Prioritize and act on critical vulnerabilities with Phoenix Security. Request a free 14-day demo today!
?? Listen to the full episode here: https://phoenix.security/podcast/cscp-s4ep18-james-berthoty-what-the-heck-is-aspm-and-the-evolution-of-product-security/
领英推荐
Don't miss this comprehensive exploration of the current state and future trends in the cybersecurity and software security industry. Whether you're a seasoned professional or new to the field, there's something in this episode for everyone.
Follow Cyber Security and Cloud Podcast
#Cybersecurity #AppSec #VulnerabilityManagement #ASPM #DevSecOps #CyberSecurityPodcast
---
About James Berthoty:
James Berthoty, a former Security Engineer at PagerDuty and founder of Lacio Tech, is dedicated to transforming security teams into integral contributors to product development. His extensive experience spans sysadmin, DevOps, and cloud security, making him a dynamic and influential figure in the cybersecurity community. When he's not leading DevSecOps initiatives at ReliaQuest, James pursues a PhD in Philosophy and enjoys video gaming with his family in Tampa, Florida.
Connect with James:
Security Engineer Turned Industry Analyst @ Latio Tech | AWS Community Builder
8 个月Loved this conversation as always!