“Security First” for the Win at Bluescape

DevSecOps Quick Start

Publish Date

Aug 12, 2021

Written by

ZN Logo for Blog


Tagged with

  • DevSecOps

Technology providers are feeling heavy pressure to provide the best user experience, the most intuitive UI, and are racing to release better and better versions of their offerings. But organizations are often pushing to release these improvements at the expense of ensuring the software they’re releasing is secure and free from vulnerabilities.

A “security first” approach is ultimately going to win this race for two reasons. First, “improve everything before security” will ultimately backfire when vulnerabilities are compromised, and breaches occur. And second, the recent White House Executive Order on cybersecurity highlights the software supply chain as a key security risk vector, reinforcing what many customers are already asking for and raising this as a priority.

Businesses are often forced to make a choice in development: focus on the externally facing, visible improvements that customers can experience, or on the ensuring the security of their software and applications is rock solid. Think of it as investing in a new kitchen remodel that everyone can see and enjoy versus a new furnace. As Bluescape CISO Mark Willis discussed in a recent blog, he and his team went through this evaluation process and chose a “security first” approach because it was imperative to “focus on security first, even if it meant rolling out new tools, features, and programs at a later date.”

This has proven to be the right choice for this enterprise-scale visual collaboration SaaS platform. With exploding demand for online collaboration tools, the quality and security of Bluescape’s software is one of its competitive differentiators. The company is proud of its application security program and its ability to deliver AppSec assurance to its customers. As part of of its security-first approach, Bluescape chose the ZeroNorth DevSecOps platform to provide the backbone and risk metrics for its software security program, using ZeroNorth to showcase its scanning processes and cadence, closed-loop remediation and AppSec risk reporting. Mark is proud to say to his own customers that “our Secure SDLC is orchestrated and powered by ZeroNorth.”

eBooks & Research Reports

Research Report: The Journey to True DevSecOps

Many questions emerge as the topic of DevSecOps is volleyed about. First, confusion exists in terms of understanding what it actually means to get to true ...

Read Now


Application Security: Bridging the Gap Between DevOps and Security Teams

When AppSec and DevOps teams aren’t aligned on how to deliver secure software, fast, organizations are at risk. This video discusses how to tackle this challenge ...

Watch Now

Related Articles


Need an AppSec Program Fast? Get with the Platform!

By Joanne Godfrey Jun 3, 2021

With software now at the heart of both business and life, the need for application security (AppSec) has never been more critical. If your software is ...

Read More

DevSecOps Quick Start

Week Three Featuring Research From Forrester: How to Make Open Source Software Work For You

By ZeroNorth Jun 26, 2020

Open source software (OSS) continues to grow in popularity and remains a key part of application development. The advantages of using open source code are fairly ...

Read More

The ZeroNorth DevSecOps platform offers options for your DevSecOps journey—getting started with AppSec, finding enterprise visibility or fully integrating security into DevOps.