SlideShare a Scribd company logo

Outpost24 webinar - Protecting Cezanne HR’s cloud web application with continuous assessment

Download as PPTX, PDF
Outpost24
Outpost24

We discuss the importance of data protection in HR, and how a hybrid continuous assessment approach has helped secure their business critical apps and maintain ISO certification standards at scale.

Software
1 of 15
Outpost24 Template 2019 Protecting Cezanne HR’s cloud web application with continuous assessment Simon Roe, Outpost24 & John Hixon, Cezanne HR 30th September 2020
Full stack cybersecurity assessment Helping customers improve security posture since 2001 Over 2,000 customers in all regions of the world Really good at breaking technology 2
3Application Security in the news…..
4 HR & Security go hand-in-hand • Security automation to protect fast growing Saas business • Protecting customer data is #1 priority • ISO certification and prevent data leakage • Reduce security stress on resources & budget • Release with speed and confidence with secure SDLC
5
6
7
8
9
10
11
12 SWAT for Business-Critical Applications • Delivery through portal • Findings published once reviewed • Zero false positives • Generate reports on demand • Liaise with testers • Integrate into SDLC through RestAPI • Crest approved methodology • Managed by O24 • Daily assessment • DAST scanning • Change detection • Regular manual assessment • Web application assessment • Quarterly • Findings • Manual review of ALL findings
Brief service description SWAT offers a combination of a state- of-art web application scanning technology and Security Consultants to provide an accurate and continuous web application assessments for a 12- month period. 13 What it is not • A network and host layer penetration test. Instead it focuses on up to four manual tests of the web application. • ‘A scanner’. We provide zero false- positives, something that is not feasible with just a scanner. SWAT at a glance Day <1 Scoping Day 1-30 Onboarding, review & manual test Day 30-365 Daily monitoring Scoping Submit a SWAT scoping request via either the Appsec UI or through the Sales representative. On receipt the request is reviewed by the AppSec team. Once approved the team returns a final scoping document including the number of applications/instances within two days. Daily monitoring After discovery, findings are verified by the AppSec team and published within 5-7 days of initial discovery. With a further 3 manual tests per year. Questions asked, and verification tests requested through the portal are answered within 5 business days. Onboarding, review & manual testing On license start date, each application is setup in the portal, initial scanning is setup, and the first manual test is scheduled to commence within the first 30 days. After 30 days, continuous assessments are performed including: Daily scanning and manual review of changes for any new risks. Service lifecycle What it is • Continuous security monitoring of web applications. • Guaranteed zero false positives. • A fully managed service perfect for applications that undergo many development changes/releases or applications that are business critical.
Takeaways • Application security hygiene – shift left for continuous assessment & secure SDLC • Education – understand your attack surface to protect customer data & prove compliance • Risk assessment – do your homework when stepping into new growth areas • Stay current – strive to understand latest attacker and industry trends 14
Outpost24 Template 2019 Simon Roe Application Security Product Manager sro@outpost24.com Q & A

Recommended

An update to software testing trends
An update to software testing trendsAn update to software testing trends
An update to software testing trendsBugRaptors
 
Software supply chain management: Gaining velocity without losing control
Software supply chain management: Gaining velocity without losing controlSoftware supply chain management: Gaining velocity without losing control
Software supply chain management: Gaining velocity without losing controlmatthewabq
 
Accelerating innovation with software supply chain management
Accelerating innovation with software supply chain management Accelerating innovation with software supply chain management
Accelerating innovation with software supply chain management matthewabq
 
How automation can help boost security
How automation can help boost securityHow automation can help boost security
How automation can help boost securityTestingXperts
 
Msp saner 2.0
Msp saner 2.0Msp saner 2.0
Msp saner 2.0SecPod Technologies
 
The Hidden Risk of Component Based Software Development
The Hidden Risk of Component Based Software DevelopmentThe Hidden Risk of Component Based Software Development
The Hidden Risk of Component Based Software DevelopmentSonatype
 
Saner 2.0
Saner 2.0Saner 2.0
Saner 2.0SecPod Technologies
 
What is Software Testing?
What is Software Testing?What is Software Testing?
What is Software Testing?QAI Global
 

Recommended

An update to software testing trends
An update to software testing trendsAn update to software testing trends
An update to software testing trendsBugRaptors
 
Software supply chain management: Gaining velocity without losing control
Software supply chain management: Gaining velocity without losing controlSoftware supply chain management: Gaining velocity without losing control
Software supply chain management: Gaining velocity without losing controlmatthewabq
 
Accelerating innovation with software supply chain management
Accelerating innovation with software supply chain management Accelerating innovation with software supply chain management
Accelerating innovation with software supply chain management matthewabq
 
How automation can help boost security
How automation can help boost securityHow automation can help boost security
How automation can help boost securityTestingXperts
 
Msp saner 2.0
Msp saner 2.0Msp saner 2.0
Msp saner 2.0SecPod Technologies
 
The Hidden Risk of Component Based Software Development
The Hidden Risk of Component Based Software DevelopmentThe Hidden Risk of Component Based Software Development
The Hidden Risk of Component Based Software DevelopmentSonatype
 
Saner 2.0
Saner 2.0Saner 2.0
Saner 2.0SecPod Technologies
 
What is Software Testing?
What is Software Testing?What is Software Testing?
What is Software Testing?QAI Global
 
[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development TestingPerforce
 
Benefits of regression testing
Benefits of regression testingBenefits of regression testing
Benefits of regression testingMindfire LLC
 
Why software testing is very important for banking applications?
Why software testing is very important for banking applications?Why software testing is very important for banking applications?
Why software testing is very important for banking applications?BugRaptors
 
Automation
AutomationAutomation
AutomationMphasis
 
Alliance session 4373 risk management from on premise to the cloud – a foc...
Alliance session 4373 risk management from on premise to the cloud – a foc...Alliance session 4373 risk management from on premise to the cloud – a foc...
Alliance session 4373 risk management from on premise to the cloud – a foc...Smart ERP Solutions, Inc.
 
Testing Practice: Lera Technologies
Testing Practice: Lera TechnologiesTesting Practice: Lera Technologies
Testing Practice: Lera TechnologiesLera Technologies
 
Accelerate technology
Accelerate technologyAccelerate technology
Accelerate technologyDaniel Villani
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedkonchada
 
Why the Future of Analytics Is Embedded
Why the Future of Analytics Is EmbeddedWhy the Future of Analytics Is Embedded
Why the Future of Analytics Is EmbeddedLogi Analytics
 
Automated testing of software applications using machine learning edited
Automated testing of software applications using machine learning editedAutomated testing of software applications using machine learning edited
Automated testing of software applications using machine learning editedMilind Kelkar
 
Mobile Test Automation with Big Data Analytics
Mobile Test Automation with Big Data AnalyticsMobile Test Automation with Big Data Analytics
Mobile Test Automation with Big Data AnalyticsTechWell
 
Find Out What's New With WhiteSource September 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource September 2018- A WhiteSource WebinarFind Out What's New With WhiteSource September 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource September 2018- A WhiteSource WebinarWhiteSource
 
How to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded SystemsHow to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded Systemsevatjohnson
 
Predictive Analytics in Software Testing
Predictive Analytics in Software TestingPredictive Analytics in Software Testing
Predictive Analytics in Software TestingPavan Kumar Kodedela
 
42396_HP Risk Report App Highlights infographic_042715_D1
42396_HP Risk Report App Highlights infographic_042715_D142396_HP Risk Report App Highlights infographic_042715_D1
42396_HP Risk Report App Highlights infographic_042715_D1D Larson
 
API Security Webinar : Security Guidelines for Providing and Consuming APIs
API Security Webinar : Security Guidelines for Providing and Consuming APIsAPI Security Webinar : Security Guidelines for Providing and Consuming APIs
API Security Webinar : Security Guidelines for Providing and Consuming APIsDevOps Indonesia
 
Outpost24 webinar - Reinventing application security with Omnicom
Outpost24 webinar - Reinventing application security with OmnicomOutpost24 webinar - Reinventing application security with Omnicom
Outpost24 webinar - Reinventing application security with OmnicomOutpost24
 
Artificial intelligence in qa
Artificial intelligence in qaArtificial intelligence in qa
Artificial intelligence in qaTaras Lytvyn
 
Software testing companies to monitor programs
Software testing companies to monitor programsSoftware testing companies to monitor programs
Software testing companies to monitor programsMaveric Systems
 
Qaanalytics customerstory-forpublishing-150412120638-conversion-gate01
Qaanalytics customerstory-forpublishing-150412120638-conversion-gate01Qaanalytics customerstory-forpublishing-150412120638-conversion-gate01
Qaanalytics customerstory-forpublishing-150412120638-conversion-gate01Nandini Narayanan
 
Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?London School of Cyber Security
 
Security Testing
Security TestingSecurity Testing
Security TestingPratham Software (PSI)
 

More Related Content

What's hot

[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development TestingPerforce
 
Benefits of regression testing
Benefits of regression testingBenefits of regression testing
Benefits of regression testingMindfire LLC
 
Why software testing is very important for banking applications?
Why software testing is very important for banking applications?Why software testing is very important for banking applications?
Why software testing is very important for banking applications?BugRaptors
 
Automation
AutomationAutomation
AutomationMphasis
 
Alliance session 4373 risk management from on premise to the cloud – a foc...
Alliance session 4373 risk management from on premise to the cloud – a foc...Alliance session 4373 risk management from on premise to the cloud – a foc...
Alliance session 4373 risk management from on premise to the cloud – a foc...Smart ERP Solutions, Inc.
 
Testing Practice: Lera Technologies
Testing Practice: Lera TechnologiesTesting Practice: Lera Technologies
Testing Practice: Lera TechnologiesLera Technologies
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedkonchada
 
Why the Future of Analytics Is Embedded
Why the Future of Analytics Is EmbeddedWhy the Future of Analytics Is Embedded
Why the Future of Analytics Is EmbeddedLogi Analytics
 
Automated testing of software applications using machine learning edited
Automated testing of software applications using machine learning editedAutomated testing of software applications using machine learning edited
Automated testing of software applications using machine learning editedMilind Kelkar
 
Mobile Test Automation with Big Data Analytics
Mobile Test Automation with Big Data AnalyticsMobile Test Automation with Big Data Analytics
Mobile Test Automation with Big Data AnalyticsTechWell
 
Find Out What's New With WhiteSource September 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource September 2018- A WhiteSource WebinarFind Out What's New With WhiteSource September 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource September 2018- A WhiteSource WebinarWhiteSource
 
How to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded SystemsHow to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded Systemsevatjohnson
 
Predictive Analytics in Software Testing
Predictive Analytics in Software TestingPredictive Analytics in Software Testing
Predictive Analytics in Software TestingPavan Kumar Kodedela
 
42396_HP Risk Report App Highlights infographic_042715_D1
42396_HP Risk Report App Highlights infographic_042715_D142396_HP Risk Report App Highlights infographic_042715_D1
42396_HP Risk Report App Highlights infographic_042715_D1D Larson
 
API Security Webinar : Security Guidelines for Providing and Consuming APIs
API Security Webinar : Security Guidelines for Providing and Consuming APIsAPI Security Webinar : Security Guidelines for Providing and Consuming APIs
API Security Webinar : Security Guidelines for Providing and Consuming APIsDevOps Indonesia
 
Outpost24 webinar - Reinventing application security with Omnicom
Outpost24 webinar - Reinventing application security with OmnicomOutpost24 webinar - Reinventing application security with Omnicom
Outpost24 webinar - Reinventing application security with OmnicomOutpost24
 
Artificial intelligence in qa
Artificial intelligence in qaArtificial intelligence in qa
Artificial intelligence in qaTaras Lytvyn
 
Software testing companies to monitor programs
Software testing companies to monitor programsSoftware testing companies to monitor programs
Software testing companies to monitor programsMaveric Systems
 
Qaanalytics customerstory-forpublishing-150412120638-conversion-gate01
Qaanalytics customerstory-forpublishing-150412120638-conversion-gate01Qaanalytics customerstory-forpublishing-150412120638-conversion-gate01
Qaanalytics customerstory-forpublishing-150412120638-conversion-gate01Nandini Narayanan
 

What's hot (20)

[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing
 
Benefits of regression testing
Benefits of regression testingBenefits of regression testing
Benefits of regression testing
 
Why software testing is very important for banking applications?
Why software testing is very important for banking applications?Why software testing is very important for banking applications?
Why software testing is very important for banking applications?
 
Automation
AutomationAutomation
Automation
 
Alliance session 4373 risk management from on premise to the cloud – a foc...
Alliance session 4373 risk management from on premise to the cloud – a foc...Alliance session 4373 risk management from on premise to the cloud – a foc...
Alliance session 4373 risk management from on premise to the cloud – a foc...
 
Testing Practice: Lera Technologies
Testing Practice: Lera TechnologiesTesting Practice: Lera Technologies
Testing Practice: Lera Technologies
 
Accelerate technology
Accelerate technologyAccelerate technology
Accelerate technology
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updated
 
Why the Future of Analytics Is Embedded
Why the Future of Analytics Is EmbeddedWhy the Future of Analytics Is Embedded
Why the Future of Analytics Is Embedded
 
Automated testing of software applications using machine learning edited
Automated testing of software applications using machine learning editedAutomated testing of software applications using machine learning edited
Automated testing of software applications using machine learning edited
 
Mobile Test Automation with Big Data Analytics
Mobile Test Automation with Big Data AnalyticsMobile Test Automation with Big Data Analytics
Mobile Test Automation with Big Data Analytics
 
Find Out What's New With WhiteSource September 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource September 2018- A WhiteSource WebinarFind Out What's New With WhiteSource September 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource September 2018- A WhiteSource Webinar
 
How to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded SystemsHow to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded Systems
 
Predictive Analytics in Software Testing
Predictive Analytics in Software TestingPredictive Analytics in Software Testing
Predictive Analytics in Software Testing
 
42396_HP Risk Report App Highlights infographic_042715_D1
42396_HP Risk Report App Highlights infographic_042715_D142396_HP Risk Report App Highlights infographic_042715_D1
42396_HP Risk Report App Highlights infographic_042715_D1
 
API Security Webinar : Security Guidelines for Providing and Consuming APIs
API Security Webinar : Security Guidelines for Providing and Consuming APIsAPI Security Webinar : Security Guidelines for Providing and Consuming APIs
API Security Webinar : Security Guidelines for Providing and Consuming APIs
 
Outpost24 webinar - Reinventing application security with Omnicom
Outpost24 webinar - Reinventing application security with OmnicomOutpost24 webinar - Reinventing application security with Omnicom
Outpost24 webinar - Reinventing application security with Omnicom
 
Artificial intelligence in qa
Artificial intelligence in qaArtificial intelligence in qa
Artificial intelligence in qa
 
Software testing companies to monitor programs
Software testing companies to monitor programsSoftware testing companies to monitor programs
Software testing companies to monitor programs
 
Qaanalytics customerstory-forpublishing-150412120638-conversion-gate01
Qaanalytics customerstory-forpublishing-150412120638-conversion-gate01Qaanalytics customerstory-forpublishing-150412120638-conversion-gate01
Qaanalytics customerstory-forpublishing-150412120638-conversion-gate01
 

Similar to Outpost24 webinar - Protecting Cezanne HR’s cloud web application with continuous assessment

Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyNandita Nityanandam
 
Sumi jain_Resume
Sumi jain_ResumeSumi jain_Resume
Sumi jain_Resumesumi jain
 
Maximizing Efficiency in Finance_ The Critical Role of Testing Financial Apps...
Maximizing Efficiency in Finance_ The Critical Role of Testing Financial Apps...Maximizing Efficiency in Finance_ The Critical Role of Testing Financial Apps...
Maximizing Efficiency in Finance_ The Critical Role of Testing Financial Apps...kalichargn70th171
 
Step by-step mobile testing approaches and strategies
Step by-step mobile testing approaches and strategiesStep by-step mobile testing approaches and strategies
Step by-step mobile testing approaches and strategiesAlisha Henderson
 
Best SaaS App Development Company In USA
Best SaaS App Development Company In USABest SaaS App Development Company In USA
Best SaaS App Development Company In USAEmilyCarter82
 
Selecting an App Security Testing Partner: An eGuide
Selecting an App Security Testing Partner: An eGuideSelecting an App Security Testing Partner: An eGuide
Selecting an App Security Testing Partner: An eGuideHCLSoftware
 
Procuring an Application Security Testing Partner
Procuring an Application Security Testing PartnerProcuring an Application Security Testing Partner
Procuring an Application Security Testing PartnerHCLSoftware
 
Why web application security is important in every step of web application de...
Why web application security is important in every step of web application de...Why web application security is important in every step of web application de...
Why web application security is important in every step of web application de...Alisha Henderson
 
Blankenship application insights overview
Blankenship application insights overviewBlankenship application insights overview
Blankenship application insights overviewJason Alinen
 
Digital Product Security
Digital Product SecurityDigital Product Security
Digital Product SecuritySoftServe
 
Guide to FinTech App Testing For Improved Functionality and Security.pdf
Guide to FinTech App Testing For Improved Functionality and Security.pdfGuide to FinTech App Testing For Improved Functionality and Security.pdf
Guide to FinTech App Testing For Improved Functionality and Security.pdfkalichargn70th171
 
Muthu_Senior Test Engineer_Resume
Muthu_Senior Test Engineer_ResumeMuthu_Senior Test Engineer_Resume
Muthu_Senior Test Engineer_ResumeMuthu Vel P
 
Alaman- Resume for Technical Support
Alaman- Resume for Technical SupportAlaman- Resume for Technical Support
Alaman- Resume for Technical SupportMohammed Alaman
 
Project Risk Management Report (Mobile App)
Project Risk Management Report (Mobile App)Project Risk Management Report (Mobile App)
Project Risk Management Report (Mobile App)Ziyad Zaidi
 

Similar to Outpost24 webinar - Protecting Cezanne HR’s cloud web application with continuous assessment (20)

Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?
 
Security Testing
Security TestingSecurity Testing
Security Testing
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
 
Cloud Application Security Service
Cloud Application Security ServiceCloud Application Security Service
Cloud Application Security Service
 
Sumi jain_Resume
Sumi jain_ResumeSumi jain_Resume
Sumi jain_Resume
 
Maximizing Efficiency in Finance_ The Critical Role of Testing Financial Apps...
Maximizing Efficiency in Finance_ The Critical Role of Testing Financial Apps...Maximizing Efficiency in Finance_ The Critical Role of Testing Financial Apps...
Maximizing Efficiency in Finance_ The Critical Role of Testing Financial Apps...
 
Step by-step mobile testing approaches and strategies
Step by-step mobile testing approaches and strategiesStep by-step mobile testing approaches and strategies
Step by-step mobile testing approaches and strategies
 
Best SaaS App Development Company In USA
Best SaaS App Development Company In USABest SaaS App Development Company In USA
Best SaaS App Development Company In USA
 
Selecting an App Security Testing Partner: An eGuide
Selecting an App Security Testing Partner: An eGuideSelecting an App Security Testing Partner: An eGuide
Selecting an App Security Testing Partner: An eGuide
 
Procuring an Application Security Testing Partner
Procuring an Application Security Testing PartnerProcuring an Application Security Testing Partner
Procuring an Application Security Testing Partner
 
Why web application security is important in every step of web application de...
Why web application security is important in every step of web application de...Why web application security is important in every step of web application de...
Why web application security is important in every step of web application de...
 
Blankenship application insights overview
Blankenship application insights overviewBlankenship application insights overview
Blankenship application insights overview
 
Digital Product Security
Digital Product SecurityDigital Product Security
Digital Product Security
 
Guide to FinTech App Testing For Improved Functionality and Security.pdf
Guide to FinTech App Testing For Improved Functionality and Security.pdfGuide to FinTech App Testing For Improved Functionality and Security.pdf
Guide to FinTech App Testing For Improved Functionality and Security.pdf
 
Experience Sharing on School Pentest Project (Updated)
Experience Sharing on School Pentest Project (Updated)Experience Sharing on School Pentest Project (Updated)
Experience Sharing on School Pentest Project (Updated)
 
Gangadhara_Resume
Gangadhara_ResumeGangadhara_Resume
Gangadhara_Resume
 
Muthu_Senior Test Engineer_Resume
Muthu_Senior Test Engineer_ResumeMuthu_Senior Test Engineer_Resume
Muthu_Senior Test Engineer_Resume
 
Resume
ResumeResume
Resume
 
Alaman- Resume for Technical Support
Alaman- Resume for Technical SupportAlaman- Resume for Technical Support
Alaman- Resume for Technical Support
 
Project Risk Management Report (Mobile App)
Project Risk Management Report (Mobile App)Project Risk Management Report (Mobile App)
Project Risk Management Report (Mobile App)
 

More from Outpost24

Outpost24 webinar - A fresh look into the underground card shop ecosystem
Outpost24 webinar - A fresh look into the underground card shop ecosystemOutpost24 webinar - A fresh look into the underground card shop ecosystem
Outpost24 webinar - A fresh look into the underground card shop ecosystemOutpost24
 
Outpost24 webinar Why API security matters and how to get it right.pdf
Outpost24 webinar Why API security matters and how to get it right.pdfOutpost24 webinar Why API security matters and how to get it right.pdf
Outpost24 webinar Why API security matters and how to get it right.pdfOutpost24
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24
 
Outpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24 Webinar - Five steps to build a killer Application Security ProgramOutpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24 Webinar - Five steps to build a killer Application Security ProgramOutpost24
 
Outpost24 webinar - How to protect your organization from credential theft
Outpost24 webinar - How to protect your organization from credential theftOutpost24 webinar - How to protect your organization from credential theft
Outpost24 webinar - How to protect your organization from credential theftOutpost24
 
Outpost24 webinar : Beating hackers at their own game 2022 predictions
Outpost24 webinar : Beating hackers at their own game 2022 predictionsOutpost24 webinar : Beating hackers at their own game 2022 predictions
Outpost24 webinar : Beating hackers at their own game 2022 predictionsOutpost24
 
Outpost24 webinar - Enhance user security to stop the cyber-attack cycle
Outpost24 webinar - Enhance user security to stop the cyber-attack cycleOutpost24 webinar - Enhance user security to stop the cyber-attack cycle
Outpost24 webinar - Enhance user security to stop the cyber-attack cycleOutpost24
 
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24
 
Outpost24 webinar: best practice for external attack surface management
Outpost24 webinar: best practice for external attack surface managementOutpost24 webinar: best practice for external attack surface management
Outpost24 webinar: best practice for external attack surface managementOutpost24
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24
 
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...Outpost24
 
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...Outpost24
 
Outpost24 webinar - Api security
Outpost24 webinar - Api securityOutpost24 webinar - Api security
Outpost24 webinar - Api securityOutpost24
 
Outpost24 Webinar - CISO conversation behind the cyber security technology
Outpost24 Webinar - CISO conversation behind the cyber security technologyOutpost24 Webinar - CISO conversation behind the cyber security technology
Outpost24 Webinar - CISO conversation behind the cyber security technologyOutpost24
 
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24
 
Outpost24 webinar - How to secure cloud services in the DevOps fast lane
Outpost24 webinar - How to secure cloud services in the DevOps fast laneOutpost24 webinar - How to secure cloud services in the DevOps fast lane
Outpost24 webinar - How to secure cloud services in the DevOps fast laneOutpost24
 
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...Outpost24
 
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...Outpost24
 
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...Outpost24
 
Outpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev opsOutpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev opsOutpost24
 

More from Outpost24 (20)

Outpost24 webinar - A fresh look into the underground card shop ecosystem
Outpost24 webinar - A fresh look into the underground card shop ecosystemOutpost24 webinar - A fresh look into the underground card shop ecosystem
Outpost24 webinar - A fresh look into the underground card shop ecosystem
 
Outpost24 webinar Why API security matters and how to get it right.pdf
Outpost24 webinar Why API security matters and how to get it right.pdfOutpost24 webinar Why API security matters and how to get it right.pdf
Outpost24 webinar Why API security matters and how to get it right.pdf
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
 
Outpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24 Webinar - Five steps to build a killer Application Security ProgramOutpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24 Webinar - Five steps to build a killer Application Security Program
 
Outpost24 webinar - How to protect your organization from credential theft
Outpost24 webinar - How to protect your organization from credential theftOutpost24 webinar - How to protect your organization from credential theft
Outpost24 webinar - How to protect your organization from credential theft
 
Outpost24 webinar : Beating hackers at their own game 2022 predictions
Outpost24 webinar : Beating hackers at their own game 2022 predictionsOutpost24 webinar : Beating hackers at their own game 2022 predictions
Outpost24 webinar : Beating hackers at their own game 2022 predictions
 
Outpost24 webinar - Enhance user security to stop the cyber-attack cycle
Outpost24 webinar - Enhance user security to stop the cyber-attack cycleOutpost24 webinar - Enhance user security to stop the cyber-attack cycle
Outpost24 webinar - Enhance user security to stop the cyber-attack cycle
 
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK FrameworkOutpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
 
Outpost24 webinar: best practice for external attack surface management
Outpost24 webinar: best practice for external attack surface managementOutpost24 webinar: best practice for external attack surface management
Outpost24 webinar: best practice for external attack surface management
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
 
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
 
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
 
Outpost24 webinar - Api security
Outpost24 webinar - Api securityOutpost24 webinar - Api security
Outpost24 webinar - Api security
 
Outpost24 Webinar - CISO conversation behind the cyber security technology
Outpost24 Webinar - CISO conversation behind the cyber security technologyOutpost24 Webinar - CISO conversation behind the cyber security technology
Outpost24 Webinar - CISO conversation behind the cyber security technology
 
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
 
Outpost24 webinar - How to secure cloud services in the DevOps fast lane
Outpost24 webinar - How to secure cloud services in the DevOps fast laneOutpost24 webinar - How to secure cloud services in the DevOps fast lane
Outpost24 webinar - How to secure cloud services in the DevOps fast lane
 
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
 
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
 
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
 
Outpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev opsOutpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev ops
 

Recently uploaded

React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
software engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptxsoftware engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptxnada99848
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 

Recently uploaded (20)

React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
software engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptxsoftware engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptx
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 

Outpost24 webinar - Protecting Cezanne HR’s cloud web application with continuous assessment

  • 1. Outpost24 Template 2019 Protecting Cezanne HR’s cloud web application with continuous assessment Simon Roe, Outpost24 & John Hixon, Cezanne HR 30th September 2020
  • 2. Full stack cybersecurity assessment Helping customers improve security posture since 2001 Over 2,000 customers in all regions of the world Really good at breaking technology 2
  • 3. 3Application Security in the news…..
  • 4. 4 HR & Security go hand-in-hand • Security automation to protect fast growing Saas business • Protecting customer data is #1 priority • ISO certification and prevent data leakage • Reduce security stress on resources & budget • Release with speed and confidence with secure SDLC
  • 5. 5
  • 6. 6
  • 7. 7
  • 8. 8
  • 9. 9
  • 10. 10
  • 11. 11
  • 12. 12 SWAT for Business-Critical Applications • Delivery through portal • Findings published once reviewed • Zero false positives • Generate reports on demand • Liaise with testers • Integrate into SDLC through RestAPI • Crest approved methodology • Managed by O24 • Daily assessment • DAST scanning • Change detection • Regular manual assessment • Web application assessment • Quarterly • Findings • Manual review of ALL findings
  • 13. Brief service description SWAT offers a combination of a state- of-art web application scanning technology and Security Consultants to provide an accurate and continuous web application assessments for a 12- month period. 13 What it is not • A network and host layer penetration test. Instead it focuses on up to four manual tests of the web application. • ‘A scanner’. We provide zero false- positives, something that is not feasible with just a scanner. SWAT at a glance Day <1 Scoping Day 1-30 Onboarding, review & manual test Day 30-365 Daily monitoring Scoping Submit a SWAT scoping request via either the Appsec UI or through the Sales representative. On receipt the request is reviewed by the AppSec team. Once approved the team returns a final scoping document including the number of applications/instances within two days. Daily monitoring After discovery, findings are verified by the AppSec team and published within 5-7 days of initial discovery. With a further 3 manual tests per year. Questions asked, and verification tests requested through the portal are answered within 5 business days. Onboarding, review & manual testing On license start date, each application is setup in the portal, initial scanning is setup, and the first manual test is scheduled to commence within the first 30 days. After 30 days, continuous assessments are performed including: Daily scanning and manual review of changes for any new risks. Service lifecycle What it is • Continuous security monitoring of web applications. • Guaranteed zero false positives. • A fully managed service perfect for applications that undergo many development changes/releases or applications that are business critical.
  • 14. Takeaways • Application security hygiene – shift left for continuous assessment & secure SDLC • Education – understand your attack surface to protect customer data & prove compliance • Risk assessment – do your homework when stepping into new growth areas • Stay current – strive to understand latest attacker and industry trends 14
  • 15. Outpost24 Template 2019 Simon Roe Application Security Product Manager sro@outpost24.com Q & A

Editor's Notes

  1. Application security trends pre/post covid discussion
  2. How the needs of HR personnel and HR management has evolved (from offline spreadsheets to secure online platform) Brief intro to Cezanne HR and John’s role How transformaion in HR management has facilited the growth of the Cezanne HR in the mid-tier market globally Key challenges with security within HR sector (Single sign on and authentication)
  3. How Cezanne HR customer demands have changed since introduction of GDPR and importance of data protection Creating a security lead culture and ensuring security is a top priority throughout Cezanne HR and across different functions How the increase in customer demands has meant the need to grow the product and roadmap to include new features i.e to support new business and retention rates for Cezanne HR (new training modules etc) without impacting security
  4. How Cezanne HR came to the decison to move away from manual testing to automated contiuous assessment and how our relationship has developed How John’s team are measured and how SWAT helps them achieve their goals as a team – continuous scanning means we can focus on the top priorities
  5. ISO271001 certification and what it means for the business and Cezanne clients (we can speak from our perspective here as a Cezanne customer)
  6. Improved speed to market as app is tested every time there is a new update Economics of pen testing from business and security sense (Simon) how it helps achieve/ prove compliance more easily More efficient development to production cycle – John knows the app is secure before its released Access to Swat team and reporting
  7. How application security slots into John’s strategy and workflow and how Outpost24 enables Cezanne to deliver new versions to market on time and in budget How security testing can boost sales process and RFP’s
  8. John’s view of being a security professional and how having awareness of commercial success is important for his role Using continuous assessment for quality assurance testing before product is ready to go to market (speed to market and supporting SDLC) AWS and Cloud and how everything fits together