Overview: In this session, Raghu (Co-Founder, Sprinto) discusses with Venky how SaaS Startups have to upgrade their security standards significantly to become SOC 2 compliant and the major pitfalls they should avoid. He differentiates between SOC 1, SOC 2, & SOC 3 compliance in super-easy terms and highlights some overlapping parameters between security standards like ISO 27001, PCI DSS, HIPPA, GDPR, etc.

In this session, Puneet Miglani (Founder - Candor Technology) discusses with Venky how app development companies are emphasizing security in their AMC contracts. He shares that security is a moving goalpost and a must-have for their customers. Having a security partner helps them provide better services and boost their revenue streams. He even shares the factors one must consider when choosing a security partner to build a long-term sustainable business.

The report – “The State of Application Security Q4 2022” is based on a sample size of 1400+ applications. With new threats rising daily, application security is the primary concern for many businesses today. It exposes sensitive information like customer data to the outside world. To benchmark your security program and stay on top of the emerging threat, we conducted an in-depth analysis of application security.

- 829 million attacks were blocked on the AppTrana WAF in Q4 2022. This was just on a sample size of 1400+ web, mobile, and API applications. The research on these findings included data on top vulnerability exploits, no. of days these vulnerabilities have been open, DDoS and Bot attacks. The findings also include tactics that security teams are employing to thwart these attacks. In the upcoming webinar, join Vivek Gopalan, VP of Product Management at Indusface as he shares these findings to help you develop your application security playbook in 2023.

In this session, John Goecke (CEO) discusses with Venky how everything changed for StratusVue after a ransomware attack in 2018. He shares how the construction industry is a soft target as there is no regulatory oversight, unlike in banking and healthcare, and security is always an afterthought for business owners. Along with all this, he explains complex terms like zero-day, zero-trust, FedRAMP, etc., in a highly rudimentary way.