3rd Party Risk Management , Application Security , Geo Focus: Asia
Ethical Hacking Bolsters Software Supply Security
App Security Insights From Prasanna Raghavendra of JFrog IndiaBusinesses need operationally clean software and contextualized security management to counter supply chain attacks. Prasanna Raghavendra, senior director of research and development at JFrog India, highlighted the importance of DevSecOps and ethical hacking in strengthening enterprise security against new threats.
See Also: InfoSec: Applying AI to Third-Party Risk Management to Achieve Consistency
According to Raghavendra, ensuring the software used by enterprises is operationally clean is paramount. "It's not just about the number of stars on GitHub; it's about how responsive the team is in fixing security issues," he said. This approach helps enterprises maintain confidence in their software dependencies amid a high volume of software industry vulnerabilities.
"Think of it like drinking clean water," Raghavendra said. "You don't just drink any water; you use a filter. Similarly, enterprises need to filter their software dependencies to ensure security."
In this interview with Information Security Media Group at the ISMG Cybersecurity Summit in Bengaluru, Raghavendra discussed:
- Using contextualized security management for incoming vulnerabilities to determine their relevance and impact on the organization;
- Integrating DevOps and security, or DevSecOps, to enhance supply chain resilience;
- The role of ethical hacking and AI in threat detection and overall software security.
With over two decades of IT experience, Raghavendra has experience in software delivery, engineering platforms and cloud technologies. He previously led the SaaS engineering practice at Infosys for over 10 years. Before that, at Misys, he headed the BankFusion platform's engineering. He is an expert in Agile and DevOps and is passionate about advancing these practices.