Virtualization Technology News and Information
RSA Conference 2022 Q&A: ArmorCode will Showcase Major New Capabilities of its AppSecOps Platform


Are you getting ready for the upcoming RSA Conference, the world's leading information security conference and exposition?  The event is quickly approaching, taking place June 6-9, 2022, both digitally and yes, physically, at the Moscone Center in San Francisco.  For four days, you'll gain insights, join conversations and experience solutions that could make a huge impact on your organization and your career.

Ahead of the show, VMblog received an exclusive interview with Mark Lambert, VP of Products at ArmorCode, a leader in AppSecOps, to find out what they have planned for the event.  Customers use the ArmorCode platform for AppSec Posture, Vulnerability, and Compliance Management and DevSecOps workflow automation.

armorcode logo 


VMblog:  To kick things off, give VMblog readers a quick overview of the company.

Mark Lambert:  ArmorCode helps organizations scale the impact of their Application Security teams - so that they can ship secure software and ship it fast.

As organizations embed application security tools into their DevSecOps pipeline, along with Infrastructure and Cloud Security tools, the volume of vulnerabilities, alerts and findings overwhelms the AppSec, Development and DevOps professionals. The resulting AppSec Chaos leads to unmanaged risk in production environments - as the team struggle to keep up with the pace of development. The ArmorCode AppSecOps platform brings order to this chaos - by combining Application Security Posture Management, Unified Vulnerability Management, DevSecOps Orchestration and Continuous Compliance into a single platform. ArmorCode customers are able to scale the impact of their AppSec team and achieve AppSec success across the organization.

VMblog:  What is your message to RSA attendees and those individuals who won't be able to make the conference this year?

Mark Lambert:  Cloud, containers and Infrastructure as Code (IaC) are blurring the boundaries between application security (or code security) and infrastructure security. To get a complete view of your security posture, you have to look at both together and unify vulnerability management to ensure you are sufficiently managing the risk to the business. 

VMblog:  What market needs or problems are you addressing in the security space? 

Mark Lambert:  Organizations are trying to build secure software by embedding siloed and disconnect point tools into their DevSecOps pipeline. These tools are highly automated and generate a lot of data - but require significant manual effort to extract 'information' and insights from across the tools. ArmorCode normalizes, de-duplicates and correlates findings from across application and infrastructure security tools to provide actionable insights, workflow automation and unified SLAs to reduce remediation times and scale security best practices.

VMblog:  Where/how can attendees find you at the show? 

Mark Lambert:  Booth #6 in the Early Stage Expo

VMblog:  What are some of the key takeaways of your solution that RSA conference goers should be aware of?  And what sets you apart from the competition?

Mark Lambert:  ArmorCode combines AppSec Posture Management, DevSecOps Workflow Automation, Vulnerability Management, and Continuous Compliance into a single solution.

Key benefits of the ArmorCode AppSecOps platform are: 

  • Customers get a 360° view of their security posture with over 90+ integrations for security, development, and operational products and systems
  • The platform eliminates manual and repetitive tasks to reduce remediation time and meet SLAs to protect the business
  • It creates a common understanding and transparency between Dev and AppSec teams
  • Customers are able to scale AppSec to the speed of DevSecOps and achieve AppSec Success across the organization
VMblog:  Is your company launching anything new at the show?  Can you give us a sneak peek?

Mark Lambert:  ArmorCode is launching major new capabilities of its AppSecOps platform, including: asset discovery, no-code workflow automation, unified SLAs and persona dashboards for CISO, AppSec and Development professionals - along with over 100 DevSecOps integrations covering application and infrastructure security tools, as well as development and DevOps systems.

VMblog:  What else will you be showing off at the show this year?

Mark Lambert:  We will be showing how the ArmorCode AppSecOps platform helps organizations scale their application security program, and the impact of their AppSec team, to meet the needs of modern software development.

VMblog:  What are some top priorities for security leaders at RSA to consider this year?

Mark Lambert:  Every year software releases are going out the door faster and faster but security teams are struggling to keep up with the pace of development - and the friction between security and development has become the #1 concern of today's security leads. Security leaders need to focus on ways to make the security process efficient and enable cross team collaboration between security and development teams.

VMblog:  What are some of the security best practices you would deem critical?

Mark Lambert:  When looking at application security, it is not about the tools or individual practices, such as source composition analysis. The main focus needs to be on building a process and practice that is scalable. This is accomplished by leveraging a coaching model such as Security Champions, to establish overall security culture within the organization.

VMblog:  I'm sure the keynotes will discuss big pictures, but what trends are you seeing that we should be aware of in 2022?

Mark Lambert:  The obvious thing is that software is getting released faster and faster - and the "bad guys'' are more motivated and more coordinated than ever. The recent Log4Shell and Spring4Shell vulnerabilities have reinforced the fact that we need to identify vulnerabilities within the applications themselves, not just at the perimeter or within infrastructure. This will allow security teams to react quickly when a new vulnerability is discovered "in the wild."

VMblog:  Does your company have any speaking slots at RSA?  If so, can you tell us more about those sessions so people can get them on their schedules?

Mark Lambert:  I will be hosting the session "Scaling Application Security to the speed of DevSecOps" for DevOps Connect: DevSecOps at the RSAC Virtual Event on July 12th.

VMblog:  Is your company giving away any interesting tchotchke?

Mark Lambert:  ArmorCode will have a super raffle where attendees can win various prizes.

VMblog:  As a show sponsor, do you have any tips for attendees to better prepare or handle the conference?

Mark Lambert:  As everyone is eager to get back to "face to face" conferences, we anticipate the conference being very busy. So plan ahead, schedule 1on1s with key people before you go - you can schedule a 30-minute conversation about how to scale your AppSec program with ArmorCode's VP of Products, Mark Lambert, using


Published Thursday, June 02, 2022 7:30 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<June 2022>