Team Wabbi
April 10, 2024
Click below to listen to TestGuild DevOps Toolchain’s interview with Wabbi’s Founder & CEO, Brittany Greenfield. She talks with host, Joe, about the integration of security and development in the DevOps process.
This interview originally appeared on TestGuild DevOps Toolchain Podcast on April 10, 2024
AI-Powered Security Orchestration in DevOps
About the session
This transcript is from an episode of the Test Skill DevOps Tool Chain podcast. The host, Joe, is speaking with Britney Greenfield, CEO and founder of Wabbi, about the integration of security and development in the DevOps process. They discuss the concept of application security posture management, the future of DevOps, and the role of Wabbi in bridging the gap between security and development.
Key speakers
– Joe, Host
– Britney Greenfield, CEO and Founder of Wabbi
Agenda
– Introduction of Britney Greenfield and her work in DevOps and application security.
– Discussion on the future of DevOps and the integration of security into the process.
– Explanation of Wabbi’s role in application security posture management.
– Discussion on the challenges in integrating security into the DevOps process.
– Explanation of how Wabbi addresses these challenges and facilitates the process.
– Discussion on the current state of application security and the role of government and tech companies in it.
– Advice for those working in DevOps and security.
Takeaways
Takeaway: DevSecOps should be absorbed into DevOps, streamlining development
Brittany Greenfield believes that the term “DevSecOps” should be obsolete as security should be inherently integrated into DevOps, which itself should be part of standard development. The concept of DevSecOps was born out of the recognition of the need to integrate security into the efficiency-maximizing, silo-breaking practices of DevOps, but this integration has not been fully realized.
“DevSecOps should exist as a term is it should just be DevOps which should just be development,” said Greenfield. She argued that the initial shift to DevOps was about maximizing efficiency through breaking down silos, but security was left behind due to its complexity and its different methodology.
Greenfield’s mission with Wabbi is to make DevSecOps obsolete by seamlessly integrating security into the development process, noting that “everybody recognizes that DevSecOps is the norm,” but most enterprises have only implemented DevSecOps without truly integrating it into their existing software development lifecycle process.
Takeaway: Application Security Posture Management can streamline security integration
Application Security Posture Management (ASPM) holds the potential to streamline the integration of security into the development process. ASPM leverages automation and orchestration to manage the end-to-end application security lifecycle as part of the software development lifecycle, allowing developers to focus primarily on developing code.
One feature of Wabbi, as explained by Greenfield, is that it “orchestrates the end-to-end application security lifecycle as part of the software development lifecycle.” This allows developers to just focus on developing code, while the security tasks are fed into the process at the right time.
Greenfield gave an example of how Wabbi works: when developers submit a pull request, Wabbi will automatically kick off a security scan, bring back the results, prioritize them, and if needed, block the pull request from being completed until the critical vulnerabilities are fixed.
Takeaway: Security should be more than just compliance
Greenfield emphasized that while compliance is important, security should not be merely viewed as a checkbox to tick off. She argued that security should also consider business risk and customer risk, and that each company has different security standards depending on its risk profile.
Greenfield criticized the idea of security being just about compliance, saying “if you’re only doing security to do compliance then you’re just doing check the box security.” She pointed out that each company, especially in large enterprises, treats their applications with different security risks.
She concluded by highlighting the importance of collaboration in achieving effective security, saying “at the end of the day all of this is just good development because it’s about good collaboration and breaking down silos.”
Insights surfaced
– Application security posture management is a growing field that bridges the gap between security and development in the DevOps process.
– The integration of security into the DevOps process is a challenging but necessary step to ensure the safety and efficiency of software development.
– Wabbi is a platform that facilitates this integration by managing the end-to-end application security lifecycle as part of the software development lifecycle.
– The role of developers in the security process should not be to become security experts, but to work in collaboration with security professionals to ensure secure development practices.
– The future of application security will likely involve more government involvement and regulations, as well as the continued development of transformative technologies like application security posture management.
Key quotes
– “The reason I don’t believe DevSecOps should exist as a term is it should just be DevOps which should just be development right and if we think about where DevOps came from it was really about breaking down silos and DevSecOps is no different.”
– “Part of my mission with Wabbi is to make that term DevSecOps obsolete because it should just be the norm.”
– “We’ve created all of this data but it’s not enough to have data you have to have actionable information.”
– “We’re not expecting nor should we developers to suddenly start doing different things right they’ve got good workflows those will evolve as development evolves same with security they’ve got their own workflows.”
– “One actionable piece of information I think I can give that’s going to move the ball forward a lot faster is pick up a phone and call an application security manager.”
Related Articles
Mistakes To Avoid Before And After A Ransomware Attack – Forbes –
This article originally appeared on Forbes on August 9, 2024 Expert Panel® Forbes Councils Member Forbes Technology Council COUNCIL POST| Membership (Fee-Based) getty With recent high-profile attacks targeting organizations ranging from healthcare systems to retailers...
Understanding the Application Security Posture Management Landscape
As the importance of Application Security has grown, so has the confusion around how to successfully maintain the complete application security lifecycle– not to mention stay up to date with the alphabet soup of acronyms we must contend with. Consequently, as...
Shifting with Confidence: How Wabbi Makes Security an Integral Part of DevOps
In today's digital landscape, secure applications are no longer a luxury, they're a necessity. Breaches are on the rise, and development teams are struggling to keep pace with the ever-evolving threat landscape. But what if there was a way to seamlessly integrate...
16 DevSecOps Trends Shaping The Future Of Software And Cybersecurity – Forbes –
This article originally appeared on Forbes on June 10, 2024 Expert Panel® Forbes Councils Member Forbes Technology Council COUNCIL POST| Membership (Fee-Based) GETTY The ever-evolving field of DevSecOps, which seamlessly integrates security practices into the software...
Total Security Management
Managing Your Application Security Lifecyle in the SDLC The journey to DevOps and CI/CD has been long and arduous for many companies. I know, I’ve been there. And others of you who have been through this understand, it takes a lot to pull all the moving parts...
The Wabbi Wire: Announcing the 2024 State of Continuous Security
In case you didn't hear, Wabbi's Annual State of Continuous Security results are in and we're ready to share the our findings. In this edition of the Wabbi Wire we'll highlight key trends in the industry, discuss insights we discovered on integrating security into...
Navigating the Evolution of Continuous Security: Insights from the Annual State of Continuous Security Survey
As the digital landscape continues to evolve at breakneck speed, the importance of integrating security into the Software Development Life Cycle (SDLC) has never been more critical. Today, I'm excited to share with you insights from our latest Annual Continuous...
Wabbi Announces Findings of Annual Continuous Security Report
BOSTON / Press Release / May 6, 2024 Progress in Integrating Security into Software Development, Progress in Adoption, but Bottlenecks Persist Wabbi, the leading application security posture management platform, today announced the findings of its annual report on...
20 Underrated Tech Tools And Strategies With Oversized Benefits – Forbes –
This article originally appeared on Forbes on April 17, 2024 Expert Panel® Forbes Councils Member Forbes Technology Council COUNCIL POST| Membership (Fee-Based) GETTY When it comes to technology, it can be easy for organizations to get lost in “big picture” questions,...
The Wabbi Wire: Perspectives on Application Security Posture Management
The Wabbi Wire: Perspectives on Application Security Posture Management ________________________ Tackling the DevSecOps hairball requires help from a variety of stakeholders, however with with Application Security Posture Management (ASPM), the stakeholders can reap...
Wabbi Announces Phil Lawrence as New CTO to Spearhead Next Generation Application Security Posture Management Platform
BOSTON, MA, USA / November 20, 2023 /Originally Published at EINPresswire.com Industry leading ASPM provider, Wabbi, has appointed Phil Lawrence as CTO to lead product vision and growth in this high-demand cybersecurity space. Today, Wabbi (www.wabbisoft.com), the...
Wabbi Founder & CEO, Brittany Greenfield, Named 40 under 40
BOSTON, MA, USA / August 16, 2023 Brittany Greenfield, CEO & Founder of Wabbi, the leading ASPM platform, has been named to Boston Business Journal's prestigious 40 Under 40 list for 2024. This annual award honors 40 outstanding professionals under the age of 40...
Wabbi Named in Three Gartner® Reports as ASPM Sample Vendor
BOSTON, MA, USA / August 1, 2023 For more information on Wabbi's Application Security Posture Management platform, visit https://wabbisoft.com. Wabbi, a leading provider of Application Security Posture Management (ASPM) solutions, is pleased to announce that it has...
WABBI NAMED IN 2023 GARTNER® HYPE CYCLE FOR APPLICATION SECURITY REPORT AS AN ASPM SAMPLE VENDOR
BOSTON, MA, USA / July 25, 2023 / Originally Published at EINPresswire.com/ Wabbi, the leading Application Security Posture Management (ASPM) platform, today announced that it has been recognized as a Sample Vendor for Application Security Posture Management (ASPM) in...
Wabbi Named in 2023 Gartner® How to Select DevSecOps Tools for Secure Software Delivery Report as an ASPM Sample Vendor
BOSTON, MA, USA / June 14, 2023 /Originally Published at EINPresswire.com Wabbi announces its inclusion in the 2023 Gartner® How to Select DevSecOps Tools for Secure Software Delivery report as an Application Security Posture Management (ASPM) sample vendor. Gartner®...
Wabbi Unlocks the Secret to Enterprise Secrets Management
Wabbi unveils new Secrets Mangement solution as part of their leading application security posture management and orchestration platform. BOSTON, MA, USA / May 17, 2023 /Originally Published at EINPresswire.com Today, Wabbi, a leader in Application Security Posture...
Wabbi Named to CyberTech 100 for Leadership in Application Security Posture Management & Orchestration for Financial Institutions
BOSTON, MA / May 11, 2023 / EINPresswire.com Wabbi, the leading application security posture management & orchestration company, announced today that it has been named in the CyberTech100 list for 2023. Sponsored by FinTech Global and now in its fourth year, the...
Wabbi Named Winner of the Coveted Global InfoSec Awards during RSA Conference 2023
Wabbi Wins Editor’s Choice for DevSecOps in 11th Annual Global InfoSec Awards at #RSAC 2023 SAN FRANCISCO/ Press Release / April 24, 2023 Wabbi is proud to announce we have won the following award(s) from Cyber Defense Magazine (CDM), the industry’s leading electronic...
Wabbi enables Risk Management by Design with Release of Next-Gen Vulnerability Management in Release 23.1
BOSTON / Press Release / March 27, 2023 Wabbi, the leading provider of Application Security Orchestration & Correlation, announced today the launch of their next-generation vulnerability management solution. With this new offering, Wabbi is now the only tool that...
Wabbi Recognized as Gold Winner in 2023 Cybersecurity Excellence Awards
BOSTON / Press Release / 6 March 2023 Wabbi, the leading Application Security Orchestration & Correlation platform, has been awarded multiple accolades in the 2023 Cybersecurity Excellence Awards. The awards recognize Wabbi's innovative approach to DevSecOps and...
Total Security Management
Managing Your Application Security Lifecyle in the SDLC The journey to DevOps and CI/CD has been long and arduous for many companies. I know, I’ve been there. And others of you who have been through this understand, it takes a lot to pull all the moving parts...
Navigating the Evolution of Continuous Security: Insights from the Annual State of Continuous Security Survey
As the digital landscape continues to evolve at breakneck speed, the importance of integrating security into the Software Development Life Cycle (SDLC) has never been more critical. Today, I'm excited to share with you insights from our latest Annual Continuous...
Application Security Posture Management for Developers
Why Application Security Matters to Me: Evaluating Application Security Posture Management (ASPM) for Developers In today’s digital landscape, where cyber threats are constantly evolving, organizations must prioritize their cybersecurity measures to protect their...
Application Security Posture Management for AppSec Managers
Why Application Security Matters to Me: Evaluating Application Security Posture Management (ASPM) for AppSec Managers In today’s digital landscape, where cyber threats are constantly evolving, organizations must prioritize their cybersecurity measures to protect...
Unlocking the Power of Risk Management: A Comparison to Your Trusted Fitness Tracker
Unlocking the Power of Risk Management: A Comparison to Your Trusted Fitness Tracker In the realm of cybersecurity and application security (AppSec), the importance of risk management cannot be overstated. It serves as a crucial framework for identifying, assessing,...
Application Security Posture Management for VP of Engineering
Why Application Security Matters to Me:Evaluating Application Security Posture Management (ASPM) for VPs of Engineering In today’s digital landscape, where cyber threats are constantly evolving, organizations must prioritize their cybersecurity measures to protect...
Application Security Posture Management for CISOs
Why Application Security Matters to Me: Evaluating Application Security Posture Management (ASPM) for CISOs In today's digital landscape, where cyber threats are constantly evolving, organizations must prioritize their cybersecurity measures to protect their...
What is Continuous Security and Why is it Important?
What is Continuous Security And Why Is It Important? Executives across every industry and company size have made cyber-security a top priority. This has not just driven the adoption of new technologies, but created an overall mindset shift to proactive cybersecurity -...
From ASOC to ASPM: Evolving from AppSec Monitoring to Observability
Application Security Posture Management (ASPM) ASPM is the practice of monitoring and managing an organization’s application security program in response to internal and external signals as an integrated part of the software development lifecycle (SDLC). Application...
2024: The Year of the ASPM Revolution
2023 solidified Wabbi’s position as not just a trailblazer, but a leader in the ASPM domain, as we continued to deliver on our mission to simplify the integration of security into the software development lifecycle so organizations can realize the promise of...
0 Comments