Pejman Pourmousa is Vice President of Services at Veracode, where he is responsible for the successful adoption of Veracode’s solutions by its customers. This includes program management, customer success, security consulting, manual penetration testing, and customer support. In the last seven years, he has built cohesive teams that help cutomers develop, deploy, and mature their AppSec programs. Pejman has spent the entirety of his career in the area of services management and delivery, specifically around compliance, risk, and security. Prior to Veracode, he was a Manager of Client Services at Integrity Interactive (acquired by SAI Global), where he led the team responsible for the…
Enabling our customers to create software quickly and securely has always been our mission, and it remains so today. While the safety and health of our employees is a top priority right now, so is the health of our customers’ software, especially considering some of the industries they support. We need to keep the health care providers and their systems secure and operational, protect the farmers… READ MORE
Stay up to date on Application Security
- Characteristics of a World-Class AppSec Program
A great AppSec program requires more than just scanning. It takes seamless processes and services designed to help developers fix flaws and write more secure code. The following is a list of the characteristics that we have found among our customers with world-class AppSec programs. Consider security early In early planning phases, ensure secure architecture and design and conduct threat modeling… READ MORE
- Beyond Scanning: Don’t Let AppSec Ignorance Become Negligence
In recent months, as I’ve worked with more and more prospects and customers, I’ve started to see an interesting trend: As more agile dev teams become responsible for their own security posture, they are relying on the operations team to “plug an AppSec tool” into their CI/CD pipeline to resolve their AppSec. While I agree with the sentiment that security needs to be embedded in the build process… READ MORE
You wouldn’t be very effective if you didn’t prioritize your to-do list. Treating “prep for board meeting tomorrow” and “organize in-box” with the same level of urgency would slow you down at best, seriously impact your job performance at worst. Similarly, neglecting to prioritize your application security “to-do list” will slow your progress, or prevent it altogether. Even the best application… READ MORE
- Application Security Policy: Might Need to Revisit as DevOps EmergesNovember 6, 2017 | Managing AppSec
I’ve worked in program management at Veracode for the past six years, and during that time, I have seen a lot of different approaches to deploying AppSec policies. Typically, the security team (CISO/CIO led) deploys an AppSec policy that applies to developers and engineers. However, with the rapid change in the ways software is developed and released, most of the security policies that were… READ MORE
- What Makes an AppSec Program Successful: A Program Management PerspectiveNovember 30, 2016 | Managing AppSec
I have spent the entirety of my career in the area of services management and delivery, specifically around compliance, risk and security. I have had the good fortune of seeing over 1,300 program deployments across all size companies spanning every industry. Today, I am the Director of Program Management at Veracode, working to help customers successfully adopt Veracode’s solutions. I wanted to… READ MORE
Independent software suppliers need to recognize the tide of change that is coming from their largest enterprise customers. Over the course of 2013, I witnessed a shift in security. As we learned about government surveillance and suffered through credit card replacements as a result of the Target Breach, questions of security have come to the forefront. These questions focus not just on the… READ MORE
- Who Creates a Successful Application Security Program?
“Our developers are just too busy to worry about securing their applications.” If only I received a dollar for every time I have heard a CISO, CIO or Application Security Manager say these exact words when attempting to develop an appsec program. My name is Pejman Pourmousa and I am a Customer Success Manager at Veracode. I have been working in Professional Services for years. At Veracode, I… READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.