When it comes to internal development, how often do security team members attend kickoff meetings for new software projects?

Secure Code & Automation (DevSecOps)Threat & Vulnerability Management

Always23%

Often47%

Sometimes18%

Rarely10%

Never1%

87 PARTICIPANTS
622 viewscircle icon1 Comment
Sort by:
CISO in Insurance (except health)6 months ago

Always. It's part of our Secure SDLC. We have integrated also with our PMO and we have been included also in the projects/initiatives kick-off. 

Content you might like

What are the biggest technical challenges preventing organizations from being able to use their existing data to enable digital transformation?

Finding data and putting it to good use13%

Controlling the security and privacy of data45%

Understanding how data is currently being used20%

All of the above19%

None of the above1%

View Results

What's your most indispensable cloud infrastructure tools to use in addition to what you get from GCP, AWS, Azure?

HashiCorp (Terraform, Vault, Packer, etc.)22%

Cloud infra automation (Ansible, Puppet, Chef, etc.)56%

APM (Datadog, AppD, SignalFX, NewRelic, etc.)10%

Others?10%

View Results

Has anyone had any success with evaluating the impact of using Generative AI tools such as GitHub's Copilot on the productivity or performance impact on developers? I see a lot of qualitative discussions about how developers say they are more productive, but how are you measuring that impact?

Read More Comments

What sorts of failsafe processes/controls, etc, do you rely on to make sure terminated or suspended employees’ access credentials are revoked immediately? Does your org generally rely on direct communications from HR or do you have an HRM or similar system to automate this?

Excluding CVE, what other vulnerability databases/info sources do you use currently? Have you developed any contingency plans to lean on in case the CVE program loses funding?