Welcome!

Related Topics: Cloud Security

Cloud Security: Blog Post

New Cenzic Partner-Application Security Scanning

RSA interview with Bala Venkat, CMO for Cenzic

Hi Bala, Thanks for taking the time to answer my questions. Please tell us, what is Cenzic all about and what do you do?

Bala Venkat: Cenzic is a provider of application security intelligence to continuously assess Cloud, Mobile and Web applications and reduce online security risk. The platform integrates with various technologies including WAF (Web Application Firewall), GRC (Governance, Regulations, and Compliance), SIEM (Security Information Event Management), Mobile Platforms (iOS, Android, Blackberry etc.), Static Application Testing and Security Quality Assurance, ensuring vulnerabilities can quickly be identified and immediately addressed.

Today, we secure millions of applications across Fortune 100 companies and SMB's.

What are you launching at RSA?

Venkat: We're launching a new security solution that will protect enterprises from threats arising out of third party digital connections. We call this the next generation Supply Chain Security. We have developed a comprehensive Certification Program that enterprises can roll out to their partners and request them to certify their applications before connecting into parent networks. We're seeing more and more breaches happening via third party connections, and this is a huge hole that must be addressed in enterprise security today.

Cenzic Partner-Application Security Scanning (Cenzic PASSTM) offers a full suite of services including:

  • Accurate cloud-based scanning services to test the vulnerabilities in integrated partner applications.
  • Consulting Services to help define the application security certification standards needed by partners.
  • Customization of portal, policy, database, and all automated emails that usher application owners through certification.
  • An Administration Dashboard that displays the scanning status and allows you to efficiently manage outcomes.
  • Detailed Vulnerability Reports sent to partners, who can then opt to work directly with Cenzic for any remediation.

Who is your target audience and how do you intend to reach them? What is the biggest challenge you face right now in telling your story and winning over new clients?

Venkat: Our target audience is the CISO and CIO across all corporations. We're horizontal in our solutions approach as every industry needs and uses our solutions today to secure their applications and minimize online risk.

I'd be curious to hear any general thoughts you have on market trends...

Venkat: Today, the market is seeing a rapidly moving intersection of mobile, analytics, cloud, and automation. This presents a new set of challenges in security across a layer that's seeing a blurring boundary. Companies must embrace tight holistic security programs to ensure they are not on the front pages of the next breach.

What is the viral aspect of your product?

Venkat: The choice and control we provide to the customer.

What's the business model? How will you make money?

Venkat: We offer customers the option to select the solution model that best fits their needs. We have various options available for purchase, including a self-service cloud, managed services, enterprise on premise software, a hybrid solution of software + cloud, as well as mobile application assessment services. Each service/product is customized to specific customer needs.

How do you differentiate from your competitors?

Venkat: Quality, reliability, comprehensiveness and customer focus!

How does your technology differentiate from the competition and can you elaborate on the different technology deployed?

Venkat: Reporting, depth of assessment, quality of the product and detailed remediation guidance with, again, customizability and choice for the customer.

Cenzic provides the leading application security intelligence platform to continuously assess CloudMobile and Web applications to reduce online security risk. Cenzic's solutions scale from single applications to enterprise-level deployments with hybrid approaches that enable testing of applications at optimal levels. Cenzic helps brands of all sizes protect their reputation and manage security risk in the face of malicious attacks. Cenzic's solutions are used in all parts of the software development lifecycle, and most importantly in production, to protect against new threats even after the application has been deployed. Cenzic's application security intelligence platform is architected to handle web, cloud and mobile applications and is the first to provide risk reduction recommendations for business, application developers and specific applications. Today, Cenzic secures more than half a million online applications and trillions of dollars of commerce for Fortune 1000 companies, all major security companies, government agencies, universities and SMBs.

More Stories By Xenia von Wedel

Xenia von Wedel is a Tech blogger and Enterprise Media Consultant in Mountain View, serving clients in a variety of industries worldwide. She is focused on thought leadership content creation and syndication, media outreach and strategy. She mainly writes about Enterprise, B2B solutions, social media and open source software, but throws the occasional oddball into the mix. Buy her a coffee if you like her article: http://xeniar.tip.me

Latest Stories
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
SYS-CON Events announced today the Kubernetes and Google Container Engine Workshop, being held November 3, 2016, in conjunction with @DevOpsSummit at 19th Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA. This workshop led by Sebastian Scheele introduces participants to Kubernetes and Google Container Engine (GKE). Through a combination of instructor-led presentations, demonstrations, and hands-on labs, students learn the key concepts and practices for deploying and maintainin...
Security, data privacy, reliability, and regulatory compliance are critical factors when evaluating whether to move business applications from in-house, client-hosted environments to a cloud platform. Quality assurance plays a vital role in ensuring that the appropriate level of risk assessment, verification, and validation takes place to ensure business continuity during the migration to a new cloud platform.
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
Security, data privacy, reliability and regulatory compliance are critical factors when evaluating whether to move business applications from in-house client hosted environments to a cloud platform. In her session at 18th Cloud Expo, Vandana Viswanathan, Associate Director at Cognizant, In this session, will provide an orientation to the five stages required to implement a cloud hosted solution validation strategy.
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, discussed the importance of WebRTC and how it enables companies to focus...
Up until last year, enterprises that were looking into cloud services usually undertook a long-term pilot with one of the large cloud providers, running test and dev workloads in the cloud. With cloud’s transition to mainstream adoption in 2015, and with enterprises migrating more and more workloads into the cloud and in between public and private environments, the single-provider approach must be revisited. In his session at 18th Cloud Expo, Yoav Mor, multi-cloud solution evangelist at Cloudy...
UpGuard has become a member of the Center for Internet Security (CIS), and will continue to help businesses expand visibility into their cyber risk by providing hardening benchmarks to all customers. By incorporating these benchmarks, UpGuard's CSTAR solution builds on its lead in providing the most complete assessment of both internal and external cyber risk. CIS benchmarks are a widely accepted set of hardening guidelines that have been publicly available for years. Numerous solutions exist t...
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.
Verizon Communications Inc. (NYSE, Nasdaq: VZ) and Yahoo! Inc. (Nasdaq: YHOO) have entered into a definitive agreement under which Verizon will acquire Yahoo's operating business for approximately $4.83 billion in cash, subject to customary closing adjustments. Yahoo informs, connects and entertains a global audience of more than 1 billion monthly active users** -- including 600 million monthly active mobile users*** through its search, communications and digital content products. Yahoo also co...
"Software-defined storage is a big problem in this industry because so many people have different definitions as they see fit to use it," stated Peter McCallum, VP of Datacenter Solutions at FalconStor Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Extreme Computing is the ability to leverage highly performant infrastructure and software to accelerate Big Data, machine learning, HPC, and Enterprise applications. High IOPS Storage, low-latency networks, in-memory databases, GPUs and other parallel accelerators are being used to achieve faster results and help businesses make better decisions. In his session at 18th Cloud Expo, Michael O'Neill, Strategic Business Development at NVIDIA, focused on some of the unique ways extreme computing is...
"We're bringing out a new application monitoring system to the DevOps space. It manages large enterprise applications that are distributed throughout a node in many enterprises and we manage them as one collective," explained Kevin Barnes, President of eCube Systems, in this SYS-CON.tv interview at DevOps at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Amazon has gradually rolled out parts of its IoT offerings in the last year, but these are just the tip of the iceberg. In addition to optimizing their back-end AWS offerings, Amazon is laying the ground work to be a major force in IoT – especially in the connected home and office. Amazon is extending its reach by building on its dominant Cloud IoT platform, its Dash Button strategy, recently announced Replenishment Services, the Echo/Alexa voice recognition control platform, the 6-7 strategic...
The best-practices for building IoT applications with Go Code that attendees can use to build their own IoT applications. In his session at @ThingsExpo, Indraneel Mitra, Senior Solutions Architect & Technology Evangelist at Cognizant, provided valuable information and resources for both novice and experienced developers on how to get started with IoT and Golang in a day. He also provided information on how to use Intel Arduino Kit, Go Robotics API and AWS IoT stack to build an application tha...