Melinda Marks

Melinda Marks

Senior Analyst Melinda Marks covers application and cloud security at ESG, helping organizations scale safely while adopting faster cloud-native development cycles. Her coverage area includes cloud-native application protection platforms, cloud workload protection, cloud security posture management, DevSecOps, and application security, including web application security testing (SAST, DAST, IAST, SCA) and API security. With more than 20 years of experience in tech marketing and strategy, Melinda is passionate about conveying product value and differentiation and driving revenue. Most recently, she was chief marketing and strategy officer for Soluble, a startup focused on automating application security testing for developers. She was also VP of Marketing at Armorblox, VP of Marketing at Styra, and head of marketing for StackRox (acquired by Red Hat). Her experience includes running competitive/market intelligence and product marketing teams at Tenable and running global communications for four years at Qualys. She also spent many years at VMware, where she built its original customer reference program, led product PR, and was on the core VMworld planning team since the first VMworld. Melinda is a Synopsys Outreach Foundation board member. She has a bachelor’s degree in English from U.C. Berkeley.

Recent Posts by Melinda Marks:

Infographic: Walking the Line: GitOps and Shift Left Security

Abstract:

Security teams are challenged by the speed of modern software development processes. See data behind the movement to shift security left in an effort to increase security (without slowing down development) with this infographic, Walking the Line: GitOps and Shift Left Security.

Topics: Cybersecurity

Research Report: Walking the Line: GitOps and Shift Left Security

Research Objectives

As organizations adopt modern software development processes, developers are empowered to quickly develop and release their applications by deploying them to the cloud. Security teams are challenged keeping up with the growth and speed of continuous integration/continuous deployment (CI/CD) cycles and their dynamic components.

While the industry has been talking about shifting security left to help security scale with rapid development, organizations have faced challenges putting that into practice. Most cloud-native security incidents are caused by misconfigurations, putting pressure on security teams to find ways to incorporate security into development so coding issues are caught and fixed before deployment. Organizations also need to focus on better ways to work with developers for rapid remediation of any detected security issues.

In order to gain insights into these trends, ESG surveyed 350 IT (30%) and cybersecurity (40%) decision makers, as well as application developers (30%), responsible for evaluating, purchasing, and utilizing developer-focused security products at midmarket (100 to 999 employees) and enterprise (1,000 or more employees) organizations in North America (US and Canada).



Topics: Cybersecurity