<iframe src="//www.googletagmanager.com/ns.html?id=GTM-KXSCJR" height="0" width="0" style="display:none;visibility:hidden">

Julien Bellanger

Recent Posts

The Future of Application Security Depends On Our Infrastructure

Julien Bellanger | Jun 13, 2016

To say that the future of application security depends on our infrastructure may sound controversial -- especially coming from a runtime application security startup founder.

Don’t get me wrong. Our vision is still the same: application security has to be done at the application layer, and more so than ever, that security must be embedded in the application.

Continue reading

Topics: Application Security, RASP, Language Security, LANGSEC, AppSec, Runtime Application Self-Protection, Vulnerability remediation, Runtime Application Security, Infrastructure

Prevoty Turns Three Years Old and Gets a Web Lift

Julien Bellanger | May 9, 2016

Over the last three years, we went from brainstorming crazy ideas at a kitchen table to creating a new category for securing enterprises applications at runtime. We've captured our top 3 learnings in this blog post and have made some exciting new additions to our website. 

Continue reading

Topics: Company News, RASP, Prevoty Technology, DevOps, Language Security, LANGSEC, Runtime Application Self-Protection, Vulnerability remediation, DevSecOps, Runtime Application Security

Why DevOps Fails At Application Security

Julien Bellanger | Oct 15, 2015

In a recent survey of developers, nearly half of respondents admit to releasing applications with known vulnerabilities at least 80 percent of the time.


This post originally appeared on DarkReading.com

 

Continue reading

Topics: SSDLC, Application Security, DevOps

Security intelligence just got Splunk’d

Julien Bellanger | Aug 10, 2015

Ever since we announced Prevoty’s application security monitoring capability, we’ve had dozens of customers ask us about integration with various SIEM’s. Our ability to provide real-time attack intelligence from inside production applications is an exciting development for application security professionals and being able to correlate that data with other security information is extremely valuable.

Continue reading

Topics: Feature Updates, Partnerships & Integrations

The outlook for secure software just got a whole lot brighter

Julien Bellanger | Aug 4, 2015

If you’ve been following our blog there is a good chance that you, like us, believe that application security is one of the most important, and yet still under-served, components of a successful enterprise security strategy. 

There are many important elements of a comprehensive implementation, but ultimately the goal of the various application security technologies and secure software development methodologies is the same: to end up with secure applications in production.

Continue reading

Topics: Partnerships & Integrations

Luck, Geniuses and Love at First Sight

Julien Bellanger | Jul 23, 2015

Timing is everything when it comes to the success of a new technology. Get into the market too early and you will be faced with some tough choices on how to keep going until the market arrives. Get in too late and you have to invest heavily while hoping that you can catch some crumbs. History has proven that in each case it is highly unlikely that you will lead your market. However, timing a market is close to impossible so luck is probably the main factor to get the timing right. 


The original Fortify Software team knows this more than most. In 2002 founder and CTO Roger Thornton had the genius vision that application security would be a very large component of the information security landscape. Along with his partners, Roger built the first set of real application security products for the enterprise and quickly defined Fortify as the market leader in this new technology sector.  The company was successfully sold to HP in 2010 to become HP Fortify. 

Continue reading

Topics: Company News

Securing Production Applications: Performance Matters

Julien Bellanger | Jun 25, 2015

Ever since we deployed to our first customer in late 2013, there have been three consistent criteria that our customers consider when they are evaluating Prevoty or other RASP technologies: 

  • Efficacy – does the solution accurately identify malicious behavior?
  • Scalability – can the solution scale to support hundreds or thousands of applications?
  • Performance – what impact does the solution have on my applications? 
Continue reading

Topics: Company News, Application Security, RASP

Changing the application security game

Julien Bellanger | Jun 8, 2015

In my role I am fortunate to have the opportunity to discuss application security with many security leaders. For larger enterprises, there is a common thread in these discussions that the toughest challenge related to application security is getting alignment between the  “Builders” – those developing applications and features – and the “Defenders” – those in charge of ensuring application security. The costs in terms of time and resources of running a vulnerability management program are significant and application remediation efforts detract from the Builders main focus of releasing new software.

Continue reading

Topics: Company News, Application Security Monitoring

Prevoty named a Gartner “Cool Vendor” in Security Infrastructure Protection

Julien Bellanger | May 5, 2015

I am extremely proud to be able to say that we announced today that Prevoty has been named a “Cool Vendor” in the April 27, 2015 research report by Gartner, Inc. titled, “Cool Vendors in Security Infrastructure Protection, 2015.”

The report evaluates new and intriguing technologies in the security infrastructure protection market, identifying innovative vendors who are improving the way organizations protect and defend against malicious attacks. 

Continue reading

Topics: Company News

5 Must-do's for CISOs in 2015

Julien Bellanger | Jan 16, 2015

There’s no need for me to re-hash all the reasons why information security within enterprises has greater exposure in 2015 than at any time in the industry’s short history. CISOs will face the double-edged sword of increased exposure and importance within the executive ranks together with increased accountability to  the CEO and Board of Directors.

Noise from the information security technology industry is also at an all-time high.  Every vendor blasts a variant of the same message: "We can help protect you."

Information security budgets may increase in 2015, but challenges are still manifold. How exactly does a CISO cut through all the noise and set appropriate priorities?

Continue reading

Topics: Application Security