Cloud Security

Securing Salesforce and your favorite SaaS Applications

appomni-blog
If you have not moved to the cloud, you likely will soon. Along the way you will likely have adopted software as a service applications (SaaS) such as Salesforce, Service Now and Office365. Security teams that grew up counting corporate on-premise vulnerabilities or finding exploitable web applications are ill equipped to secure and audit these applications. Fortunately, AppOmni enables security teams to audit their major SaaS applications. I got to ask the former CISO of Salesforce and former Security CTO for ServiceNow, Brendan O’Connor, about why he created AppOmni and what sorts of cyber risks SaaS applications can introduce into an organization.
Read More…

Tala Security Protects against Magecart Group Attacks


tala2-header-768

It has been a little over a year since we conducted an interview with Tala Security CEO, Aanand Krishnan . Since then, "Magecart" attacks which steal personal financial information directly from web browsers have effected millions of Internet users. Tala Security has risen to the challenge and is currently helping many large e-commerce and financial sites protect their web users from these types of attacks. In this interview, I ask Aanand about client-side attacks, why RASP and WAFs are not the right tools to to secure web clients and what the PCI council may be doing about this. Read More…

Protego Introduces Damn Vulnerable Serverless App



A few weeks ago, Protego released an open source project called the Damn Vulnerable Serverless App. The project was donated to OWASP and can be used by anyone to research, teach and test security issues associated serverless computing.
Read More…

Securing Serverless — Q&A With Protego CTO Hillel Solow

1*-VXmbTFrZcNPngcHmsvqWA

Serverless computing is the ultimate reduction in security attack surface. There is no computer, virtual machine, container infrastructure or network service to attack — just your code and the potential of a security issue introduced by mostly human configuration errors. As is tradition with our portfolio companies, I conducted an interview with the CTO of our serverless security investment, Protego Labs about how monitoring the security of a serverless infrastructure is different than traditional cyber security paradigms.
Read More…

Protecting web users from direct attacks like crypto-jacking — an interview with Tala Security CEO and co-founder, Aanand Krishnan


1*KKR8xFWcSQAofhbYoV2mzw

If you were at RSA’s Innovation Sandbox this year, you may have seen Aanand and his team from Tala Security. They were demonstrating how their technology protects attacks against web browsers from being leveraged to steal data from secure web sites. Gula Tech Adventures invested in Tala Security last year as part of our focused on web security. As is tradition with many of our portfolio companies, I was able to catch up with Aanand and ask him interview questions.
Read More…

Q&A with NanoVMs Founder, Ian Eyberg

blog-nanovm
Earlier this year, Gula Tech Adventures invested in NanoVMs (formerly Defer Panic) as part of our overall focus on web and application security. I caught up with the founder of NanoVMs, Ian Eyberg, and asked him a variety of questions about the emerging space of “unikernels”. Read More…

Privileged Access Managment Q&A with OnionID Founder Anirban Banerjee

1*yWJJ-FvNGnTxpKqSKr4ZFQ

OnionID CEO and founder, Anirban Banerjee


I first met OnionID CEO Anirban Banerjee when he was head of research and development for a company called Stop The Hacker which exited to CloudFlare. I was very impressed with Anirban’s leadership and technical abilities and became an investor in his company, OnionID, which enables privileged access management for cloud and data center applications.

Read More…

5 Questions with StackRox Cofounder and CEO Sameer Bhalotra




0*naE4YrboVwckj0Uw

Read More…

Reinventing the VPN — Q&A With New Edge CEO David Goldschlag

0*Gl3shaLfemI_LKQr
New Edge has a unique approach for secure remote access which brings traditional VPN concepts into the modern “cloud first” era. As an investor and user of the solution, I recently was able to ask New Edge CEO and cofounder, David Goldschlag, a variety of questions about VPNs and New Edge’s unique approach.
Read More…

Interview with Jeff Williams, Contrast Security CTO

0*V3LgGqT41tdrh_SM

I’ve known Jeff Williams for more than a decade. He is the CTO of Contrast Security. He’s done very much to advance the art of web application security auditing and his development team is based in the Natty Boh building in Baltimore. I invested in Contrast for their pioneering RASP technology and how much customers raved about them during diligence. I recently caught up with Jeff in the following interview. Read More…