Are you curious how CISOs with major data platforms handle their application security testing programs? So are we, which is why ZeroNorth asked Robert Wood, CISO from Simon Data to join us for a webinar discussing how he and his teams have leveraged automation, open source scanning tools and orchestration to build a world-class (and fully scalable) application security testing program.
As an enterprise Customer Data Platform (CDP) provider empowering brands to deliver data-driven, personalized customer experiences, Simon Data aggregates information from different technology systems and uses it to segment customers into profiles. This ability allows them to leverage enterprise-scale big data and machine learning to power customer communications across all marketing channels.
Personalization is great for marketers looking to understand how customers’ brains work. But all that data also means increased security risks, as well as privacy and storage issues. Customers want what they want, but they also want (and expect) you to keep their data secure. And they demand a secure, manageable application security program. For an organization like Simon Data, who’s currently building an enterprise customer data platform pulling from various digital sources, security is far more than a concern—it’s an organizational imperative. When you’re in the business of delivering this level of secure data, enabling comprehensive application security for fast engineering teams is a must. Best practices for CISOs demand nothing less.
Proof of Success
In a recent ZeroNorth webinar with Simon Data, CISO Robert Wood outlined how he and his team have used a combination of AppSec automation, open source security scanning tools and vulnerability correlation to build a world-class security testing program. As Simon Data grows along with the amount of data it collects, Wood’s security testing program remains repeatable, scalable and poised for advancement.
Because Simon Data engages in aggressive, continuous deployment and iterative development, Wood felt it was critical to weave in security functions wherever possible without introducing additional friction. This meant he had to work closely with his engineers and developers to ensure their processes continued to improve along with the technology.
Finding the Right Fit
Where there are problems, there are often solutions. The ZeroNorth application security automation and orchestration platform provides a holistic view of risk across its entire application portfolio and the ability to orchestrate and manage all of its preferred commercial and open source scanning tools in one central location. The ZeroNorth capability platform effectively solves problems like those experienced by Simon Data and can help CISOs and their teams make sense of the flood of data flowing in from their various tools.
As an example of an organization bolstered by their own robust application security program, Simon Data continues to grow and can now onboard the newest, best-in-class scanning tools while seamlessly integrating their vulnerability data. And as Simon Data collects more customer data, it can continually ensure the security program they rely on keeps up with the pace of business.
To learn more about the Simon Data journey and how they built out and scaled a robust application security management program, view the webinar. For more information on how to stand up and/or your own robust program, please contact us at ZeroNorth.
*** This is a Security Bloggers Network syndicated blog from Blog | ZeroNorth authored by ZeroNorth. Read the original post at: https://www.zeronorth.io/blog/under-the-hood-of-simon-datas-world-class-application-security-program/