Posts under Defense
Here at Stratus Medicine, we have the challenge of figuring out how to secure code that we didn’t write. Think of us as the middleman between healthcare providers wanting to test innovative applications and healthcare application creators looking to get their new software running with real users and real data sets. Our Stratus Platform brings these groups together, which leaves us with the task of securing sensitive patient data along with code we didn’t write.
Earlier today, the CyberEdge Group published its 6th annual Cyberthreat Defense Report. The report includes a variety of interesting findings, which we’ll detail below. But the section of the report I found most interesting comes after all the survey results. “The Road Ahead” chapter offers advice on areas of security that need “proactive attention and investment.” The authors took great time and care to lay out the advanced capabilities needed to secure containers, citing:
At StackRox, we’re thrilled to have the support of Ron Gula, an industry luminary and invaluable mentor to me for the past decade. Ron is a longtime leader in the security community, having started his career at the National Security Agency (NSA) conducting penetration tests of government networks and performing advanced vulnerability research. Ron is also an experienced entrepreneur, CTO, and CEO, as the original author of the Dragon Intrusion Detection System, CTO of Network Security Wizards (acquired by Enterasys Networks), and cofounder of Tenable Network Security, where he served as CEO from 2002-2016.
Why everyone from investors to the C-suite should consider container security Over the past few years, virtually all of the most innovative enterprise firms — from multinational banks like Goldman Sachs, to cutting-edge technology companies like Google — have set out to modernize the way they deliver software applications through containers and microservices architectures. By breaking down large applications into smaller, composable pieces, software developers and those in charge of managing applications have discovered that containers — and the microservices approach they enable — allow for software development that is far more agile, resilient, and efficient than traditional monolithic approaches.
Shortly following our launch, I was a guest on Paul Asadoorian’s Startup Security Weekly show. In this episode, hear about how Sameer and I conceived the idea for the company, how we talked to investors about our ideas, and why our platform uniquely addresses the challenges of enterprises who are embracing containerization and microservices. We also discuss how enterprises are using StackRox to build security into the fabric of their infrastructures as they operationalize their use of containers and microservices.
I’ve worked to align government and commercial cybersecurity initiatives throughout my career, from the White House to Silicon Valley. It’s crystal clear to me that we’re stronger when we work together. I’ve been speaking frequently on this topic recently, as co-chair of the CSIS Cyber Policy Task Force for the 45th President, ally of the Hewlett Foundation, advisor to the UC Berkeley Center for Long-Term Cybersecurity, and affiliate of the Stanford University Center for Security and International Cooperation.