To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Artwork

Tech Allan Alford
Content provided by Allan Alford. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Allan Alford or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Similar to The Cyber Ranch Podcast

Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

The Cyber Ranch Podcast »
Managing Threats Throughout the SDLC with Tomer Schwartz

28:33
 
Play
Playing
Share
 

MP3Episode home
Manage episode 428157437 series 2932664
Content provided by Allan Alford. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Allan Alford or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest toda is Tomer Schwartz, co-founder and CTO over at Dazz Yup! He’s a vendor! And OMG he’s a sponsoring vendor too! Whatever will we do? But wait, y’all know Allan's rule: Vendors are allowed on the show if and when they can add more value on a given subject vs. any practitioners in The Cyber Ranch network. Tomer fits that bill perfectly! Tomer has worked in the Microsoft Security Response Center, he’s the former Armis co-founder & CTO, current co-founder & CTO at Dazz, who is a leader in the Application Security Posture Management space. Tomer is also a coffee aficionado. Now what does Dazz do and why did we ask Tomer to be on the show? Dazz is in the Application Security Posture Management space, which is relatively new around here, but they also collate and track threat exposure realtime, and also secure the SDLC in a DevOps’y way...

Questions

  • The elephant in the room is Gartner’s newest category in this space. Some say ASPM fits into: CTEM, which is Continuous Threat Exposure Management for those behind on eating their alphabet soup. Tomer, what’s your perspective on that?
  • Let’s talk about the problem in the ASPM/CTEM space: noise / too much data, no context, limited visibility from code to cloud and everything in between. For real, most solutions suck, as their single pane of glass is a very, very dirty pane of glass, and no amount of Windex is going to help. And our listeners know we believe in 3-4 “single” panes anyway. Is there such a thing as a single pane of glass in the ASPM space? Do we want a single pane? How does it play nicely with my “single” panes from other spaces?
  • Here comes the can of worms: Can AI help with this?
  • Gartner says by 2026 40% of enterprises will have an ASPM solution - do you agree?
  • And then there’s good ol’ UVM - Unified Vulnerability Management. Feels like a past promise that didn’t deliver. And it hasn’t addressed DevOps or even Dev very well at all IMHO. What’s your take?
  • How should CISOs be thinking about all of these technologies and practices? It can get very complicated very fast and if it’s not done right the devs will run screaming.
  • Where is this all headed? What’s the ideal future state in this space?
  • Here’s your chance to tell thousands of CISOs and other high-level practitioners what you want them to know. What do you want them to know?

Check out Dazz at https://dazz.io

  continue reading

181 episodes

#Tech #Allan Alford
Artwork

Managing Threats Throughout the SDLC with Tomer Schwartz

The Cyber Ranch Podcast

published

Play Playing
iconShare
 
MP3Episode home
Manage episode 428157437 series 2932664
Content provided by Allan Alford. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Allan Alford or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Howdy, y’all, and welcome to The Cyber Ranch Podcast! Our guest toda is Tomer Schwartz, co-founder and CTO over at Dazz Yup! He’s a vendor! And OMG he’s a sponsoring vendor too! Whatever will we do? But wait, y’all know Allan's rule: Vendors are allowed on the show if and when they can add more value on a given subject vs. any practitioners in The Cyber Ranch network. Tomer fits that bill perfectly! Tomer has worked in the Microsoft Security Response Center, he’s the former Armis co-founder & CTO, current co-founder & CTO at Dazz, who is a leader in the Application Security Posture Management space. Tomer is also a coffee aficionado. Now what does Dazz do and why did we ask Tomer to be on the show? Dazz is in the Application Security Posture Management space, which is relatively new around here, but they also collate and track threat exposure realtime, and also secure the SDLC in a DevOps’y way...

Questions

  • The elephant in the room is Gartner’s newest category in this space. Some say ASPM fits into: CTEM, which is Continuous Threat Exposure Management for those behind on eating their alphabet soup. Tomer, what’s your perspective on that?
  • Let’s talk about the problem in the ASPM/CTEM space: noise / too much data, no context, limited visibility from code to cloud and everything in between. For real, most solutions suck, as their single pane of glass is a very, very dirty pane of glass, and no amount of Windex is going to help. And our listeners know we believe in 3-4 “single” panes anyway. Is there such a thing as a single pane of glass in the ASPM space? Do we want a single pane? How does it play nicely with my “single” panes from other spaces?
  • Here comes the can of worms: Can AI help with this?
  • Gartner says by 2026 40% of enterprises will have an ASPM solution - do you agree?
  • And then there’s good ol’ UVM - Unified Vulnerability Management. Feels like a past promise that didn’t deliver. And it hasn’t addressed DevOps or even Dev very well at all IMHO. What’s your take?
  • How should CISOs be thinking about all of these technologies and practices? It can get very complicated very fast and if it’s not done right the devs will run screaming.
  • Where is this all headed? What’s the ideal future state in this space?
  • Here’s your chance to tell thousands of CISOs and other high-level practitioners what you want them to know. What do you want them to know?

Check out Dazz at https://dazz.io

  continue reading

181 episodes

#Tech #Allan Alford

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Similar to The Cyber Ranch Podcast

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Quick Reference Guide

Top Podcasts
The Bill Simmons Podcast
PTI
First Take
Marketplace
Comedy of the Week
The Bugle
How Did This Get Made?
Doug Loves Movies
Planet Money
TED Talks Daily
NBC Nightly News with Lester Holt
The World This Hour
Daily Boost Motivation and Coaching
Radiolab
Science Friday
This American Life
Criminal
Sword and Scale
In The Dark
Player FM logo
Help/FAQ | Upgrade | Advertise
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2024 | Sitemap | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox