ESG Blogs

My colleague Rob Stretchay completed research on the challenges organizations face as their applications become more distributed across clouds. In this video, we discuss some of his findings, including how developers are spending their time – including their time remediating security issues. This is interesting to me because we've been talking about developer workflows and whether developers can take on some security processes. Developers want to focus on building software, but they care about quality, reliability, and they don’t want to waste time doing rework. Check out the video to hear us discuss the opportunity for security solutions to help.

This week I'm pleased to share my interview with Sharon Goldberg, the cofounder and CEO of BastionZero. She is also a computer science professor at Boston University. Check out our video below, and listen to the full audio interview.

In our very first interview, we’re proud to spotlight Vandana Verma Sehgal. Vandana is the Chair of the Board of Directors for the OWASP (Open Web Application Security Project) Foundation. The non-profit foundation works to improve application security, organizing projects, tools, documents, forums, and chapters all over the world. Vandana is also passionate about initiatives to bring more diversity to cybersecurity.

This month as we observe Women’s History Month to celebrate the vital role of women in history, I’m excited to kick off our new series on Women in Cybersecurity. I’m excited about this program to connect women in the industry, and to spotlight their stories, with the hope to increase representation and encourage women in the field.

With the move to modern software development, we’ve been talking about shifting security responsibilities left to developers so that security is not a bottleneck. But do developers care about security? Watch this video with me and my colleague Rob Strechay to learn about how developers think about security, what kinds of tools are available from cloud security providers, and how security vendors are working with the cloud providers to secure cloud-native applications.

Developers are increasingly using infrastructure as code (IaC), such as Terraform and CloudFormation, to provision their own cloud infrastructure for faster development cycles. As IaC brings unprecedented ease and speed for self-service infrastructure provisioning, there is a high chance for mistakes and misconfigurations as development teams grow. 

Nearly two-thirds of respondents to the 2022 Technology Spending Intentions Survey from Enterprise Strategy Group (ESG), a division of TechTarget, plan to increase spending on cloud application security in the next year. Startups are scoring record-setting funding rounds and valuations, while established vendors are announcing acquisitions and integrations to secure cloud applications throughout the software development lifecycle.

I’ve always made it a priority to choose roles where I can make the biggest impact, and where I can learn and grow. It hasn’t been a clear path (as Sheryl Sandberg would say, it’s not a ladder, it’s a jungle gym), but I can confidently say it’s led me to fulfilling roles.

In this blog post, I’ll share a bit about my background, and then describe why I’m thrilled to join ESG to cover cloud-native and application security – a rapidly evolving and dynamic space.