Last year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) introduced a new Secure by Design pledge. This set the groundwork for security vendors to integrate cybersecurity into every step of product development. Watch Joe Levy and Chester Wisniewski discuss how Sophos supports #SecureByDesign in the full episode of Inside Pacific Rim: https://bit.ly/4i5wm8w
Engineering Manager, Gitlab
1wWas glad to be a part of this Security by Design pledge initiative while at Sophos for MFA and Step-up Auth. Which was an initiative led by Anirudh Sivaramakrishnan and was designed and implemented superbly. By focusing on Security by Design, we can shift-left, and continuously innovate secure solutions that are mostly non-blocking, (there are exceptions like authentication and authorization enforcement among a few others), but, the principles allocate workflows for security that becomes proactive habits, rather reactive feedback loops. Pretty cool! 😊