Comparative Software Security with Brook Schoenfield and Dr. James Ransome

In this episode we talk with Brook Schoenfield and Dr. James Ransome about the Comparative Software Security capability and how it can help your teams build security into their product development practices.  Brook S.E. Schoenfield is the author of Secrets Of A Cyber Security Architect (Auerbach, 2019) and Securing Systems: Applied Security Architecture and Threat Models (CRC Press, 2015). Building In Security At Agile Speed (with James Ransome, Auerbach, 2021), focuses on software security for continuous development practices and DevOps. Brook helps clients with their software security and secure design practices. He mentors technical leaders to effectively deliver security strategy. He is a technical leader and advisor to Resilient Software Security, LLC and True Positives, LLC. Previously, he technically led product security architecture at McAfee (Intel), Cisco Engineering, IT security architecture at Autodesk, and Web and Application security for Cisco Infosec. He is a founding member of IEEE’s Center for Secure Design and is a featured Security Architect at the Bletchley Park Museum of Computing. He is the originator of Baseline Application Vulnerability Assessment (BAVA), Just Good Enough Risk Rating (JGERR), Architecture, Threats, Attack Surfaces and Mitigations (ATASM) and developer-centric security. He contributed to Core Software Security (CRC Press, 2014), and co-authored The Threat Modeling Manifesto (2020), Avoiding the Top 10 Security Design Flaws (IEEE, 2014) and Tactical Threat Modeling (SAFECode, 2017). Dr. James Ransome, PhD, CISSP, CISM is the Chief Scientist for CYBERPHOS, an early stage cybersecurity startup. Most recently, James was the Senior Director of Security Development Lifecycle Engineering for Intel’s Product Assurance and Security (IPAS). In that capacity, he led a team of SDL engineers, architects, and product security experts to drive and implement security practices across the company. Prior to that, James was the Senior Director of Product Security and PSIRT at Intel Security (formerly McAfee). James’s career includes leadership positions in the private and public sectors. He served in three chief information security officer (CISO) roles at Applied Materials, Autodesk, and Qwest Communications and four chief security officer (CSO) positions at Pilot Network Services, Exodus Communications, Exodus Communications—Cable and Wireless Company, and Cisco Collaborative Software Group. Before entering the corporate world, He worked in government service for 23 years supporting the U.S. intelligence community, federal law enforcement, and the Department of Defense. --- Send in a voice message: https://podcasters.spotify.com/pod/show/comparativeagility/message

Om Podcasten

Cut through the noise and concentrate your efforts where it makes the biggest difference. Comparative Agility enables you to embed continuous improvement as part of your operating strategy. With information targeted at various levels of the organization, you will be armed with the insights and intelligence necessary to make the most of your investments and execute on an approach that is tailored to meet the needs of your unique organization.