Pejman Pourmousa

Pejman Pourmousa is Vice President, Program Management at Veracode, where he is responsible for the successful adoption of Veracode’s solutions by its customers. This includes a global team of 65+ Security Program Managers and Customer Success Managers that ensure the success of customers, by providing expertise, guidance and care in the area of application security. Pejman has spent the entirety of his career in the area of services management and delivery specifically around Compliance, Risk and Security. Prior to Veracode, he was a Manager of Client Services at SAI Global where he led the team responsible for the delivery of Compliance and Risk solutions across SAI Global’s client base....
Posts by Pejman Pourmousa

Beyond Scanning: Don’t Let AppSec Ignorance Become Negligence

December 19, 2018

In recent months, as I’ve worked with more and more prospects and customers, I’ve started to see an interesting trend: As more agile dev teams become responsible for their own security posture, they are relying on the operations team to “plug an AppSec tool” into their CI/CD pipeline to resolve their AppSec. While I agree with the sentiment that security needs to be embedded in the build process... READ MORE

Not All Vulnerabilities Are Created Equal

November 15, 2017  | Managing AppSec

You wouldn’t be very effective if you didn’t prioritize your to-do list. Treating “prep for board meeting tomorrow” and “organize in-box” with the same level of urgency would slow you down at best, seriously impact your job performance at worst. Similarly, neglecting to prioritize your application security “to-do list” will slow your progress, or prevent it altogether. Even the best application... READ MORE

Application Security Policy: Might Need to Revisit as DevOps Emerges

November 6, 2017  | Managing AppSec

I’ve worked in program management at Veracode for the past six years, and during that time, I have seen a lot of different approaches to deploying AppSec policies. Typically, the security team (CISO/CIO led) deploys an AppSec policy that applies to developers and engineers. However, with the rapid change in the ways software is developed and released, most of the security policies that were... READ MORE

What Makes an AppSec Program Successful: A Program Management Perspective

November 30, 2016  | Managing AppSec

I have spent the entirety of my career in the area of services management and delivery, specifically around compliance, risk and security. I have had the good fortune of seeing over 1,300 program deployments across all size companies spanning every industry. Today, I am the Director of Program Management at Veracode, working to help customers successfully adopt Veracode’s solutions. I wanted to... READ MORE

Are You Ready for the Inevitable Question on Software Security?

March 6, 2014

Independent software suppliers need to recognize the tide of change that is coming from their largest enterprise customers. Over the course of 2013, I witnessed a shift in security. As we learned about government surveillance and suffered through credit card replacements as a result of the Target Breach, questions of security have come to the forefront. These questions focus not just on the... READ MORE

Who Creates a Successful Application Security Program?

March 27, 2013 3

“Our developers are just too busy to worry about securing their applications.” If only I received a dollar for every time I have heard a CISO, CIO or Application Security Manager say these exact words when attempting to develop an appsec program. My name is Pejman Pourmousa and I am a Customer Success Manager at Veracode. I have been working in Professional Services for years. At Veracode, I... READ MORE



contact menu