Tom Kanan is a nine-year veteran of business-to-business security sales. He’s an active member of OWASP and the Cloud Security Alliance who believes in deeply understanding his customer’s business needs. This episode focuses on improving the dynamics between security and sales teams, both internally and externally.

In the 2023 Gartner® Magic QuadrantTM for Application Security Testing, Synopsys placed highest and furthest right for the fifth consecutive year for our Ability to Execute and our Completeness of Vision.

Ten represents the completion of a cycle and the beginning of a new one, as there are ten digits in our base-10 number system. We've scanned nearly 140 trillion lines of code, so we can’t help but pick up on the one and the zero in our exciting announcement. It's the tenth publication of the Gartner® Magic Quadrant™ for Application Security Testing (AST), and we are pleased to announce we are a Leader for the tenth consecutive time.

Gartner’s 2023 “Market Guide for Cloud-Native Application Protection Platforms” (CNAPP) caused some security leaders to question whether they need yet another tool to protect the complex beast that is the cloud. Procuring yet another shiny security product is probably not how you earn the envy of your peers, but if your organization relies on shipping secure applications fast, then CNAPP should be on your radar. What exactly is CNAPP?

Application security is constantly evolving — and there’s no better place to observe these changes than in the Bay Area. Silicon Valley is home to thousands of companies attempting to solve a multitude of problems, but one thing they all have in common is the often daunting task of risk mitigation.

Having malicious code detection strategies in place is critical to keeping your software supply chain secure. Let’s imagine you discover a string of suspicious code within one of your applications. Perhaps a routine scan by your application testing team finds a point of interest that indicates malicious code, such as a time bomb or back door, has been inserted by a malicious insider within your software supply chain.

What is malicious code? What makes it dangerous? Learn how can you detect it and keep it out of your software supply chain. Everyone wants to believe that the code developed within a trusted software supply chain is legitimate. The unfortunate reality is that malicious coders have subtle ways to secretly embed code that exposes your business to risk. Malicious code can be challenging to recognize and can remain undetected within applications long before it causes damage.

I had the pleasure of chatting with Rajendra (Raj) Umadas, who is working as the Head of Information Security at Actblue. He’s been involved in security programs for some truly cutting-edge organizations, like Etsy, Spotify, WeWork, and Compass. Raj is not just a security expert, but also a true leader. Our conversation weaves together his reflections on security and leadership. Check out the full episode here.