Skip to main content
The SaaSTrana Show

The SaaSTrana Show

By Indusface

Application security podcast for SaaS leaders - powered by Indusface.
Available on
Amazon Music Logo
Apple Podcasts Logo
Spotify Logo
Currently playing episode

App Security & Compliance for SaaS Companies in Saudi Arabian Market | Sangmesh Hiremath (Founder, Marmin.ai)

The SaaSTrana ShowJan 11, 2023

00:00
31:04
Building Secure SaaS Products | Protecting B2B Business from AI Threats | Goutham (CEO, Kernel Labs)

Building Secure SaaS Products | Protecting B2B Business from AI Threats | Goutham (CEO, Kernel Labs)



Overview:


In this episode of the SaaSTrana podcast, Goutham Sukumar (CEO - Kernel Labs) talks to Venky about the best practices for building secure SaaS products from scratch.

 

He also shares reasons why B2B businesses are at threat due to the upcoming AI and LLM technologies and suggests steps organizations can take to protect themselves.


Key highlights:

 

00:00 - About Goutham Sukumar

04:16 - Pivoting on the product roadmap with an emphasis on security

17:14 - The evolution of the application security landscape

20:11 - Focusing on security right from scratch (MVP / V1 products)

21:50 - Potential threats in integrating new code bas / third-party libraries

24:40 - Protecting businesses from AI & LLM threats

30:16 - The concept of the Swiss cheese model w.r.t multi-layer security

34:05 - The role of web application firewalls to protect from cyber threats



About Indusface: 


Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine. 

 

Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards, such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, and Deloitte Asia Top 100. 

 

♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt 

 

📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg 

 

#aithreats #llmthreats #saasproduct #saas #saassecurity #b2bsaas  #cyberthreats #securityproducts #saassoftware #saassolutions #compliance #securitycompliance #apptrana #indusface

Dec 21, 202340:31
B2B Firms & Compliance with The Digital Data Protection Act 2023 | Srikanth (CEO - Perfios)

B2B Firms & Compliance with The Digital Data Protection Act 2023 | Srikanth (CEO - Perfios)

Overview: In this SaaSTrana podcast, Srikanth Rajagopalan (CEO - Perfios Account Aggregation Services (P) Ltd) talks to Venky about the importance of data security for B2B (SaaS) companies and the implications imposed by the Digital Data Protection Act 2023 in case of a data breach. Furthermore, Rajagopalan explains how focusing on data security can benefit organizations in the long run by giving them a competitive edge and building customer trust. Key highlights from the discussion: 00:00 - About Srikanth’s Journey and Perfios Account Aggregation Services 13:01 - Managing customer data securely as a data aggregator 22:44 - Highlights of The Digital Data Protection Act 2023 by MeitY 27:04 - Scope of the act (regulations) for fiduciaries and data processors 31:32 - Applicability of fines and penalties for B2B (SaaS) businesses and its impact on the long run 43:51 - Cybersecurity as a trust enabler for customers About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine. Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards, such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, and Deloitte Asia Top 100. ♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt 📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg Website: www.indusface.com #data #datasecurity #b2b #dataprivacy #dataprotection #dataprotectionbill #personalidentity #privacy #dataprivacy #datamanagement #securityregulations #miety #compliance #dataprotectionact #digitaldata #securitybreach #indusface #apptrana

Nov 07, 202349:49
Security Incident Management, Data Protection & Privacy Best Practices | Edgar P. (Group CISO @ YNV)

Security Incident Management, Data Protection & Privacy Best Practices | Edgar P. (Group CISO @ YNV)

In this SaaSTrana podcast, Edgar Pimenta (Group CISO @ YNV Group) talks to Venky about the security incident management and data protection/privacy management best practices in highly regulated organizations such as telcos and financial. 

 

He also shares the steps on how orgnizations can prepare themselves in case of an incident breach and ways to recover from it quickly.

  

Here are some key highlights from the discussion:

 

00:00 - About Edgar and YNV Group

03:40 - Data Protection and Privacy - uplifting the security initiatives of an organization

08:31 - Access management, security by default and pen-testing initiatives for data security

10:30 - Security and compliance as a differentiator

12:19 - Nuances in the Application Security across Telco, Financial and SaaS Industries

21:01 - Building secure products at a faster pace

23:54 - Preparing for an incident breach (An example of a real-life ransomware story)

29:17 - Importance of audit logging

31:21 - WAF/WAAP - a highly important tool for website security

34:23 - Virtual patching for protection from zero-day vulnerabilities

 

About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.


Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards, such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, and Deloitte Asia Top 100.


♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt


📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg


Website: www.indusface.com



#securityincident #incidentmanagement #dataprotection #privacy #dataprivacy #datamanagement #securityregulations #securitybreach #auditlogs #compliance #zeroday #ciso #waap #waf #apptrana

Oct 18, 202338:52
Breaking Silos in Platform Security, Trust & Safety, and Risk - Mona Salvi (Sr. Director, HubSpot)

Breaking Silos in Platform Security, Trust & Safety, and Risk - Mona Salvi (Sr. Director, HubSpot)

Overview: 


In this SaaSTrana podcast, Mona Salvi (Senior Director - Product Security, HubSpot) talks to Venky about building a unified org structure and North Star metrics to drive security-related initiatives in a cohesive working environment.

 

She also shares how to manage three pillars - platform security + trust & safety + payments fraud together under a single leadership umbrella.

 

Here are some key highlights from the discussion:

 

  • About Mona Salvi and HubSpot
  • Developing the mindset of intrinsic vs. extrinsic security
  • Driving secure product experiences along with focusing on core business
  • The pillars of platform security + trust and safety + payments fraud
  • Breaking the silos between the risk officer and the security officer
  • Developing applications at speed without impacting the security
  • Building security champions within the organizations
  • Building North Star metrics for security teams
  • Security - an enabler for customers to pick the right vendor of choice
  • Protecting from threats caused by OpenAI and LLM tools (The facts on utilizing security co-pilots)


About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.


Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards, such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, and Deloitte Asia Top 100.


♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt


📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg


Website: www.indusface.com

#productsecurity #platformsecurity #securepayments #cyberrisk #cyberrisks #trustandsafety #securityoperations #cybersecurity #applicationsecurity #securitymanagement #saas #saassecurity #apptrana #indusface

Sep 14, 202349:37
ISO 27001 Compliance for SaaS | SOC2 vs ISO | Girish Redekar (CEO & Co-Founder, Sprinto)

ISO 27001 Compliance for SaaS | SOC2 vs ISO | Girish Redekar (CEO & Co-Founder, Sprinto)

Overview:


In this podcast, Girish Redekar (CEO and Co-Founder, Sprinto), shares with Venky the most effective ways to implement the ISO 27001 framework for organizations to attain comprehensive security, rather than solely obtaining a certification.


He also discusses similarities & differences between SOC2 and ISO 27001, and suggests that organizations can streamline their security program to achieve multiple certifications more efficiently.


Key highlights from the discussion:

00:00 - About Girish and Sprinto

07:34 - What exactly is ISO 27001 compliance/certification?

12:36 - Who should consider getting an ISO 27001 certification?

15:10 - Similarities & differences between SOC2 and ISO 27001

18:30 - How long does it take to get the compliance/certificate?

20:32 - At what stage should companies start thinking of security compliance

22:38 - Practices to follow to reduce the time taken to achieve compliance

27:20 - Importance of VAPT in ISO 27001

31:20 - Which compliances/certifications do SaaS companies need to grow their business?


About Indusface:

Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine. Indusface has been funded by Tata Capital Growth Fund II.


It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards. such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.


♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt


📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg


Website: www.indusface.com


#iso #iso27001 #soc2 #soc #compliance #security #cybersecurity #compliances #compliance #saasstartups #applicationsecurity #appsec #apptrana #indusface #saas #saassecurity #saasstartups

Aug 10, 202335:28
Secure Features, Sales Soar | A CPO's Take on Application Security | Marcelino M. (CPO, Stream)

Secure Features, Sales Soar | A CPO's Take on Application Security | Marcelino M. (CPO, Stream)

In this episode, Marcelino Moreno (CPO, Stream) shares with Venkatesh (Venky) Sundar how product managers can contribute to an organization's growth by baking in security into the product roadmap.


He also shares how a product manager can influence engineering teams to prioritize vulnerability patching along with building features to ensure that the customers use a secure product.


Key highlights from the discussion:


00:00 - About Marcelino Moreno & Stream

11:18 - The focus on privacy and user data

17:00 - Why data protection = sales!

21:00 - Going beyond compliance for building truly secure products

28:19 - Invisible threats coming from new tools (GPT & LLM)

38:56 - Advice to PMs on measuring the impact of security on the business


About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine. Indusface has been funded by Tata Capital Growth Fund II.


It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards. such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.


♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt


📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg


Website: www.indusface.com


#applicationsecurity #saas #productmanager #cpo #compliance #cybersecurity #growthmindset #thoughtleadership #soc2 #appsec #saassecurity #startups #productroadmap #featuredevelopment

Jul 20, 202345:25
Secure Coding Best Practices & WAAP for Application Hardening (Sanjay - Executive Director, MSCI)

Secure Coding Best Practices & WAAP for Application Hardening (Sanjay - Executive Director, MSCI)

Overview:


In this podcast, Sanjay (Executive Director, MSCI) talks to Venky about secure coding best practices & methods to handle customer-sensitive data.

He also shares why securing software isn't an accident and requires cautious efforts at an organizational level to make it possible.


Key highlights from the discussion:


00:00 About Sanjay's experience & projects (Microsoft, Corel & Salesforce)

06:34 Data encryption at rest and in transit

10:39 The concept of - Dynamic Data Masking

14:18 Security problems, despite good coding practices

18:02 Security practices across each stage of the organizational processes

22:13 Methods/Steps while accessing customer-sensitive data

28:10 WAF & WAAP for Application Hardening

33:37 Utilizing generative AI for building improved security models

36:29 Three guiding principles to follow in cybersecurity


About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.


Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards. such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.


♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt


📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg


Website: www.indusface.com


#securecoding #security #cybersecurity #dataencryption #securitystandards #saas #paas #waap #waf #cybersecurity #applicationsecurity #devops #devsecops #apptrana #indusface

May 31, 202340:03
API Security for Fintech SaaS | Getting the Most Out of a WAF | Val Novikov (Co-Founder & CTO, FISPAN)

API Security for Fintech SaaS | Getting the Most Out of a WAF | Val Novikov (Co-Founder & CTO, FISPAN)

In this podcast, Val Novikov (Co-Founder & CTO, FISPAN) talks to Venky about the API security challenges while integrating with proprietary Banking applications and ERP systems.

He also discusses why Fintech SaaS start-ups require a deep investment of time, resources, and money in cyber Security right from day zero of the product development.

Here are some of the key highlights from the discussion :

00:00 - Introduction to Val and Fispan 04:21 - Compliance as a product-market-fit 07:06 - The dark side of security compliance 10:42 - Integrating APIs & best practices for API security 13:29 - Efforts required in documenting APIs 16:15 - Fixing critical vulnerabilities within SLAs 19:31 - Impact due to third-party components and Virtual Patching 23:05 - Evaluating a WAF and getting the most out of it 28:17 - Advice for the engineers taking up leadership roles

About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.

Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards. such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.

♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt 📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg Website: www.indusface.com #banking #bfsi #fintech #firewall #saas #saassecurity #cybersecurity #cyberattacks #hacking #saasbusiness #saasproducts #saas #pentesting #waf #firewall #apptrana #indusface #podcast #saastrana #thoughtleadership #security #applicationsecurity #apisecurity #apisecurity #apis

May 11, 202330:46
Merging WAF and IAM Capabilities for Next-gen Security | Scott Tomilson (Sr.Director, Ping Identity)

Merging WAF and IAM Capabilities for Next-gen Security | Scott Tomilson (Sr.Director, Ping Identity)

In this podcast, Scott Tomilson (Sr.Director, Ping Identity) talks with Venky about best practices for implementing Single Sign-On (SSO) in SaaS apps.


He also discusses how applications are at risk due to humans, devices, and apps. And having behavioral-based anomaly scoring and security is the need of the hour.


Key highlights from the discussion :

  • 00:00 Introduction to Scott and Ping Identity
  • 04:47 Identity access and Single Sign-On (SSO)
  • 08:23 Zero Trust Network Framework (ZTNA)
  • 11:01 Continuous Adaptive Risk Trust Assessment (CARTA)
  • 13:05 Performing Gray Box Testing as a best practice
  • 16:14 Integrating WAF and IAM tools for next-gen security
  • 19:25 Security practices during the development life-cycle and post-deployments
  • 22:59 Advice for SaaS Start-up Founders


About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.


Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards. such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.

♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt

📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg

Website: www.indusface.com

#waf #iam #appsecurity #firewall #sso #singlesignon #saas #saasindustry #saasfirm #applicationsecurity #saassecurity #appsec #cybersecurity #apptrana #indusface #identitymanagement #saastrana #podcast

Mar 21, 202325:49
A Sub-Domain Takeover Story, Two Questions for Every WAF Provider | Sunil Agrawal (CISO, Glean)

A Sub-Domain Takeover Story, Two Questions for Every WAF Provider | Sunil Agrawal (CISO, Glean)

Overview:  In this podcast, we have Sunil Agrawal (CISO, Glean), who has 22+ years of cybersecurity experience and 35+ patents in his name.

He has worked in organizations like Adobe, Netflix, Motorola, Qualcomm, etc., and has seen the evolution of cybersecurity attacks and changes in hacker behavior over the years.   

He shares his experience of a sub-domain takeover and how it led him to build foundationally secured SaaS products.   


Key highlights from the discussion:  

00:00 Introduction to Sunil and Glean 

04:13 The Virtual Browser patent 

07:57 The evolution of the security landscape (web 1.0 to web 4.0) 14:37 Tech stack of Glean 

17:10 Protecting sensitive customer data 21:20 Security in the product DNA and pen-test 

25:33 Sub-domain takeover & a good cyber citizen 29:38 The buyer behavior & security requirements today 

33:32 Why does it take 200 days to patch a vulnerability? 

35:39 Virtual Patching and how it benefits organizations 

36:05 Two questions to ask every WAF provider 

38:53 Compliance is a by-product of foundationally solid security 

42:21 Having a security partner can provide 10x returns  


About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.   

Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards. such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.   

♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt   

📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg   

Website: www.indusface.com   


#cybersecurity #cyberattacks #hacking #saasbusiness #saasproducts  #saas #pentesting #virtualpatching #waf #firewall #vulnerability #apptrana #indusface #podcast #saastrana #thoughtleadership

Mar 09, 202345:06
API Security for AI Driven SaaS Companies & Security Daily Gym | Kashi (Co-Founder & CTO Fitbots OKRs)

API Security for AI Driven SaaS Companies & Security Daily Gym | Kashi (Co-Founder & CTO Fitbots OKRs)

Overview

In this podcast, Kashi (Co-founder & CTO, Fitbots OKRs) discusses with Venky how AI-based SaaS organizations can secure their APIs with the help of dynamic endpoints.

He even shares about his life as a CTO, where he spends a short time on security but still maintains the highest security standards with the help of a Daily Security Gym!

With 15+ years of corporate experience, he has followed some consistent security practices over the years and discusses them in detail.


Key highlights from the discussion:

00:00 - Introduction to Kashi and Fitbots

04:20 - About OKRs and its alignment with the organization

12:06 - OKR technology landscape for Fitbots OKRs

15:10 - API evolution and App to App communication

19:14 - API security with dynamic endpoints

23:48 - Social engineering attacks and cybersquatting

29:18 - Security demands as per customer segments

38.22 - Security Daily Gym!

44:04 - Pitfalls to avoid by a CTO of a new SaaS firm

48:25 - Indusface for API security and with 100% customer recommendation


About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.


Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards. such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.


♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt

📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg

Website: www.indusface.com


#apisecurity #apis #apiprotection #saas #saasindustry #saasfirm #securitystandards #applicationsecurity #saassecurity #compliance #appsec #cybersecurity #apptrana #indusface #saastrana #podcast

Feb 28, 202350:18
Cloud Keys on Public GitHub, Ransomware & Other SaaS AppSec Stories | Alok (CTO, Good Meetings)

Cloud Keys on Public GitHub, Ransomware & Other SaaS AppSec Stories | Alok (CTO, Good Meetings)

🎙️ In this podcast, Alok Mishra (Co-Founder & CTO, Good Meetings) discusses with Venky how he looks at security as a vital part of building any SaaS business.

He shares his unplanned appointment with a Ransomware attacker and how it led him to build best practices to deal with Application Security problems.

He even talks about some common security demands from customers and how fulfilling the expectations is a must for organizations 🧳

Here are some of the key highlights from the discussion :


- About Alok and his ventures
- The future of hybrid work
- Integrating with multiple third-party applications
- Situational awareness in cybersecurity
- Cloud keys on public GitHub & ransomware attack
- Performing security monitoring
- Building best practices
- Security demands by customers
- Pitfalls to be avoided by SaaS founders
- Say No to Ransomware!

About Indusface:  Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.   

Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards. such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.

♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt 

📰 Interested to read more about Web Application Security Blog: https://bit.ly/2Y5AJZg 

website: www.indusface.com

#saas #saasbusiness #applicationsecurity #ransomwareattacks #cybersecurity #ransomware #appsec #apptrana #indusface #saastrana #cloudsecurity #thoughtleadership


Feb 20, 202336:41
SOC 2 Compliance for SaaS Startups & Top Pitfalls to Avoid | Raghu (Co-Founder, Sprinto)

SOC 2 Compliance for SaaS Startups & Top Pitfalls to Avoid | Raghu (Co-Founder, Sprinto)

Overview: 

In this session, Raghu (Co-Founder, Sprinto) discusses with Venky how SaaS Startups have to upgrade their security standards significantly to become SOC 2 compliant and the major pitfalls they should avoid.

He differentiates between SOC 1, SOC 2, & SOC 3 compliance in super-easy terms and highlights some overlapping parameters between security standards like ISO 27001, PCI DSS, HIPPA, GDPR, etc.

He talks about how meeting Application Security best practices is a must-have factor for any compliance. If avoided, it can make selling products/services challenging in international markets.

Key highlights from the discussion: 

- Compliance automation with Sprinto 

- What are AICPA and NIST? 

- SOC 2 compliance and audit procedure 

- Differences between SOC 1 Vs. SOC 2 Vs. SOC 3 

- What are Type 1 and Type 2 in SOC 2 

- Disparities between FEDRAMP, GDPR, PCI DSS, ISO 27001, etc. 

- Companies need compliance for an added trust  

About Indusface:  Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 4000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.

Indusface has been funded by Tata Capital Growth Fund II, is the only vendor to be named Gartner Peer Insights™ Customers’ Choice’ in all the 7 segments for Web Application and API Protection Report 2022, is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards. such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.

♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt   

📰 Interested to read more about Web Application Security Blog: https://bit.ly/2Y5AJZg  

#soc2 #soc #gdpr #aicpa #iso #saasstartups #applicationsecurity #appsec #apptrana #indusface #saas #saassecurity #saasstartups

Feb 06, 202332:18
App Development Companies are Emphasizing Security in Their AMC Contracts | Puneet Miglani (Founder, Candor)

App Development Companies are Emphasizing Security in Their AMC Contracts | Puneet Miglani (Founder, Candor)

Overview:

In this session, Puneet Miglani (Founder - Candor Technology) discusses with Venky how app development companies are emphasizing security in their AMC contracts.

He shares that security is a moving goalpost and a must-have for their customers. Having a security partner helps them provide better services and boost their revenue streams.

He even shares the factors one must consider when choosing a security partner to build a long-term sustainable business.


Key highlights from the discussion :

  • Candor's journey- digital marketing to IT solutions
  • Focusing on security as a separate project & software development as a separate one
  • Today's market understanding of application security
  • Is open-source safe?
  • Risk mitigation and building resiliency
  • Security is like oxygen & not a multi-vitamin!
  • The need for a security partner to provide focus on service offerings
  • Things to consider while choosing a security partner


About Indusface:  Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 4000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.   Indusface has been funded by Tata Capital Growth Fund II, is the only vendor to be named Gartner Peer Insights™ Customers’ Choice’ in all the 7 segments for Web Application and API Protection Report 2022, is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards. such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.  


♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt 

📰 Interested to read more about Web Application Security Blog: https://bit.ly/2Y5AJZg

Jan 31, 202323:07
Ransomware in SaaS: When 3 Levels of Redundant Backups Failed | John Goecke | CEO, StratusVue

Ransomware in SaaS: When 3 Levels of Redundant Backups Failed | John Goecke | CEO, StratusVue

In this session, John Goecke (CEO) discusses with Venky how everything changed for StratusVue after a ransomware attack in 2018.

He shares how the construction industry is a soft target as there is no regulatory oversight, unlike in banking and healthcare, and security is always an afterthought for business owners.   

Along with all this, he explains complex terms like zero-day, zero-trust, FedRAMP, etc., in a highly rudimentary way.

Key highlights from the discussion: - 

  • Cybersecurity in the construction industry
  • API protection processes at StratusVue
  • The story of 2018 crypto-malware - Trust but verify your security!
  • IT security spending in construction companies'
  • Becoming security compliant for Federal projects
  • Country-wise data sovereignty
  • Verifying, knowledge sharing, and auditing for security
  • Security - a business enabler & not an after-thought

About Indusface:  

Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 4000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.   

Indusface has been funded by Tata Capital Growth Fund II, is the only vendor to be named Gartner Peer Insights™ Customers’ Choice’ in all the 7 segments for Web Application and API Protection Report 2022, is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards. such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.

Website: www.indusface.com

Jan 17, 202357:13
App Security & Compliance for SaaS Companies in Saudi Arabian Market | Sangmesh Hiremath (Founder, Marmin.ai)

App Security & Compliance for SaaS Companies in Saudi Arabian Market | Sangmesh Hiremath (Founder, Marmin.ai)

Overview:

In this session, Sangmesh Hiremath (Founder Marmin.AI) talks to Venky about how cybersecurity is a crucial driver for their business to expand and grow in Saudi Arabia, the Middle East, and the European markets.

He also shares in detail about how meeting cybersecurity compliance enables them to stay on top of customer needs and serve them in the long run.


Key highlights from the discussion :

- Understanding cybersecurity compliance in the Saudi Arabia & the Middle East market
- What is National Cybersecurity Authority in Saudi Arabia?
- Building cyber defense, governance, and cyber resilience
- Adhering to the security checklist of the customers
- Why is cybersecurity + error & omission insurance expected to be done?
- Why a third-party cybersecurity provider is beneficial in compliance
- How does virtual patching help in case of any open vulnerabilities?

Jan 11, 202331:04
SaaS AppSec Stories on Malware, Sleepless Nights and DevSecOps | Kashish Jajodia (CTO, Draup)

SaaS AppSec Stories on Malware, Sleepless Nights and DevSecOps | Kashish Jajodia (CTO, Draup)

This podcast is hosted by Venkatesh Sundar, founder at Indusface, with our guest Kashish Jajodia CTO at Draup.

In this session, Kashish talks to Venky about how he looks at vulnerability assessment, penetration testing, and application security. What drives Draup to look at application security? Is it for building trust with their customers or compliance needs?

Jan 02, 202331:59