Lean Thinking Enables Proactive Security

December 18, 2020

Security Compass

Today we are joined by Altaz Valani from Security Compass and Spencer Koch, Security Wizard at Reddit, to discuss the importance of a proactive security mindset across the software security life cycle. Proactive often means using tools, but these tools are useful only if they help reduce process overhead. Blindly shifting security responsibilities to tools results in more overhead through false positives. In this podcast, we will talk about a lean process mindset that shifts the discussion “to the left” (before SAST, DAST, and Pentesting) and helps to identify where waste can be eliminated — and that is what enables proactive security.

Spencer is an offensive security professional with extensive experience in both consulting and industry. He has also served as the North American CISO at a large energy company.

Lean Thinking Enables Proactive Security

Threat Modeling: Finding the Best Approach for Your Organization

The Total Economic Impact Of Security Compass SD Elements

Report: The Total Economic Impact™ Of Security Compass SD Elements

Threat Modeling Solutions Evaluation Checklist

How to Automate Threat Modeling to Save Time and Money, and Mitigate Risk

What is Threat Modeling?

How To Breathe New Life into Your Security Training Program with Games

Publish-Subscribe Threat Modeling

Survey: The 2021 State of DevSecOps

Cloud Computing Trends: The State of Cloud Adoption in 2021

Secure Development for Developers

Data Flow Diagrams and Threat Modeling

Navigating the PCI Software Security Framework (SSF)

Complete Guide to Using SD Elements for Cloud Migration

Challenges With Diagrammatic Threat Modeling

How to Transition from PA-DSS to PCI Software Security Framework

Firmware Security: How to Identify and Prevent Vulnerabilities

Best Practices to Ensure Firmware Security

Ensuring Cybersecurity in an Open Banking World

Evolving Threat Modeling for Agility and Business Value