ISO 27001 Compliance for SaaS | SOC2 vs ISO | Girish Redekar (CEO & Co-Founder, Sprinto)

Building Secure SaaS Products | Protecting B2B Business from AI Threats | Goutham (CEO, Kernel Labs)

Overview: In this episode of the SaaSTrana podcast, Goutham Sukumar (CEO - Kernel Labs) talks to Venky about the best practices for building secure SaaS products from scratch.   He also shares reasons why B2B businesses are at threat due to the upcoming AI and LLM technologies and suggests steps organizations can take to protect themselves. Key highlights:   00:00 - About Goutham Sukumar 04:16 - Pivoting on the product roadmap with an emphasis on security 17:14 - The evolution of the application security landscape 20:11 - Focusing on security right from scratch (MVP / V1 products) 21:50 - Potential threats in integrating new code bas / third-party libraries 24:40 - Protecting businesses from AI & LLM threats 30:16 - The concept of the Swiss cheese model w.r.t multi-layer security 34:05 - The role of web application firewalls to protect from cyber threats About Indusface:  Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.    Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards, such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, and Deloitte Asia Top 100.    ♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt    📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg    #aithreats #llmthreats #saasproduct #saas #saassecurity #b2bsaas  #cyberthreats #securityproducts #saassoftware #saassolutions #compliance #securitycompliance #apptrana #indusface

B2B Firms & Compliance with The Digital Data Protection Act 2023 | Srikanth (CEO - Perfios)

Overview: In this SaaSTrana podcast, Srikanth Rajagopalan (CEO - Perfios Account Aggregation Services (P) Ltd) talks to Venky about the importance of data security for B2B (SaaS) companies and the implications imposed by the Digital Data Protection Act 2023 in case of a data breach. Furthermore, Rajagopalan explains how focusing on data security can benefit organizations in the long run by giving them a competitive edge and building customer trust. Key highlights from the discussion: 00:00 - About Srikanth’s Journey and Perfios Account Aggregation Services 13:01 - Managing customer data securely as a data aggregator 22:44 - Highlights of The Digital Data Protection Act 2023 by MeitY 27:04 - Scope of the act (regulations) for fiduciaries and data processors 31:32 - Applicability of fines and penalties for B2B (SaaS) businesses and its impact on the long run 43:51 - Cybersecurity as a trust enabler for customers About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine. Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards, such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, and Deloitte Asia Top 100. ♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt 📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg Website: www.indusface.com #data #datasecurity #b2b #dataprivacy #dataprotection #dataprotectionbill #personalidentity #privacy #dataprivacy #datamanagement #securityregulations #miety #compliance #dataprotectionact #digitaldata #securitybreach #indusface #apptrana

Security Incident Management, Data Protection & Privacy Best Practices | Edgar P. (Group CISO @ YNV)

In this SaaSTrana podcast, Edgar Pimenta (Group CISO @ YNV Group) talks to Venky about the security incident management and data protection/privacy management best practices in highly regulated organizations such as telcos and financial.    He also shares the steps on how orgnizations can prepare themselves in case of an incident breach and ways to recover from it quickly.    Here are some key highlights from the discussion:   00:00 - About Edgar and YNV Group 03:40 - Data Protection and Privacy - uplifting the security initiatives of an organization 08:31 - Access management, security by default and pen-testing initiatives for data security 10:30 - Security and compliance as a differentiator 12:19 - Nuances in the Application Security across Telco, Financial and SaaS Industries 21:01 - Building secure products at a faster pace 23:54 - Preparing for an incident breach (An example of a real-life ransomware story) 29:17 - Importance of audit logging 31:21 - WAF/WAAP - a highly important tool for website security 34:23 - Virtual patching for protection from zero-day vulnerabilities   About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine. Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards, such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, and Deloitte Asia Top 100. ♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt 📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg Website: www.indusface.com #securityincident #incidentmanagement #dataprotection #privacy #dataprivacy #datamanagement #securityregulations #securitybreach #auditlogs #compliance #zeroday #ciso #waap #waf #apptrana

Breaking Silos in Platform Security, Trust & Safety, and Risk - Mona Salvi (Sr. Director, HubSpot)

Overview:  In this SaaSTrana podcast, Mona Salvi (Senior Director - Product Security, HubSpot) talks to Venky about building a unified org structure and North Star metrics to drive security-related initiatives in a cohesive working environment.   She also shares how to manage three pillars - platform security + trust & safety + payments fraud together under a single leadership umbrella.   Here are some key highlights from the discussion:   * About Mona Salvi and HubSpot * Developing the mindset of intrinsic vs. extrinsic security * Driving secure product experiences along with focusing on core business * The pillars of platform security + trust and safety + payments fraud * Breaking the silos between the risk officer and the security officer * Developing applications at speed without impacting the security * Building security champions within the organizations * Building North Star metrics for security teams * Security - an enabler for customers to pick the right vendor of choice * Protecting from threats caused by OpenAI and LLM tools (The facts on utilizing security co-pilots) About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine. Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards, such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, and Deloitte Asia Top 100. ♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt 📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg Website: www.indusface.com #productsecurity #platformsecurity #securepayments #cyberrisk #cyberrisks #trustandsafety #securityoperations #cybersecurity #applicationsecurity #securitymanagement #saas #saassecurity #apptrana #indusface

ISO 27001 Compliance for SaaS | SOC2 vs ISO | Girish Redekar (CEO & Co-Founder, Sprinto)

Overview: In this podcast, Girish Redekar (CEO and Co-Founder, Sprinto), shares with Venky the most effective ways to implement the ISO 27001 framework for organizations to attain comprehensive security, rather than solely obtaining a certification. He also discusses similarities & differences between SOC2 and ISO 27001, and suggests that organizations can streamline their security program to achieve multiple certifications more efficiently. Key highlights from the discussion: 00:00 - About Girish and Sprinto 07:34 - What exactly is ISO 27001 compliance/certification? 12:36 - Who should consider getting an ISO 27001 certification? 15:10 - Similarities & differences between SOC2 and ISO 27001 18:30 - How long does it take to get the compliance/certificate? 20:32 - At what stage should companies start thinking of security compliance 22:38 - Practices to follow to reduce the time taken to achieve compliance 27:20 - Importance of VAPT in ISO 27001 31:20 - Which compliances/certifications do SaaS companies need to grow their business? About Indusface: Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine. Indusface has been funded by Tata Capital Growth Fund II. It is the only Cloud WAAP (WAF) Vendor with 100% recommendation for three consecutive years - Gartner® Peer Insights™ Voice of Customer. And is a “Great Place to Work” certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards. such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others. ♨️ Start 14 days Free Trial - http://bit.ly/3XlovZt 📰 Interested to read more about Web Application Security: https://bit.ly/2Y5AJZg Website: www.indusface.com #iso #iso27001 #soc2 #soc #compliance #security #cybersecurity #compliances #compliance #saasstartups #applicationsecurity #appsec #apptrana #indusface #saas #saassecurity #saasstartups