Security Champions
Program

drop us a line
why

From a product development perspective security always seems to be “the bottleneck” or “the department of NO!”. An increasing number of product releases and daily software deployments overwhelms the security department additionally.

Turn the tables by rolling out a security champions program. Accelerate your product development while staying secure by establishing security-as-code and a security culture across your organization with A&B. Stay innovative and improve your overall security posture!

what

Alice&Bob.Company enables teams to act as Security Champions by example. After integrating in the team, A&B employees start to implement security-as-code in each phase of the DevSecOps pipeline and reach a high degree of security automation.

Together with the client’s leadership team and in alignment with the general companies’ security policies, the Security Champions Program covers e.g.

  • Agile Threat Modeling
  • DevSecOps
  • Security-as-Code & -automation
how

The Alice&Bob.Company follows its very own “integrate&enable” approach to get the most out of the program for the client and create a customer centric program, that addresses organizations, teams, and tools.

Integrate

The A&B Security Champion integrates immediately in clients product team, defines possible threats in mutual workshops and starts leading the change. After clarification, the Security Champion starts implementing Security-as-Code in all phases of the DevSecOps lifecycle.  

Enable

As interim Security Champions and mentors, A&B not only implements Security-as-Code, but onboards clients novice Security Champions, empowers them with recurring trainings on how to become a Security Champion and sets up the right communication channels to build a network of Security Champions.

After starting with a “lighthouse” team, A&B continues to roll-out the program across various teams.

Once the Security Champions Program is initially rolled out, A&B will take care to continuously improve the program. There will be bi-weekly moderated team retrospectives with the novice client Security Champions.

drop us a line

YOUR BENEFITS

Main advantages of launching a Security Champions Program with A&B:

  • You take care on your product. We take care on creating a modern security culture in your product teams. Continuously and managed.​
  • Security Champions will improve your innovation speed: ship secure software faster!
  • Establish security as additional quality dimension in your agile product teams
  • Increase diversity, by adding risk-oriented views in your feature-driven team

other products in 04 continuous improvement

Continuous Penetration Testing

Minimize the risk of application vulnerabilities by combining manual and continuously automated penetration testing for your web applications and API’s.

Read More
Cloud Security Posture Management

Keeping visibility and enforced security across public cloud accounts – probably across multiple public cloud vendors with the right tools: facilitate a managed Cloud Security Posture Management (CSPM) service by Alice&Bob.Company.

Read More
Managed Container & Serverless Security

Have you heard about Kubernetes Security Posture Management (KSPM)? Keep a clear view on your Cloud and Serverless Security with A&B’s Managed Container & Serverless Security.

Read More
Managed Perimeter Protection

Protect your publicly accessible websites, e-commerce platforms, IoT-, IIoTT-applications and other dynamic web application against abuse of bugs, vulnerabilities and Distributed Denial of Service (DDoS) attacks. The team of A&B and AWS give you a peaceful sleep. 

Read More
CI/CD Pipeline improvement

Pimp your existing CI/CD pipeline to the next level! Alice&Bob.Company continuously monitors and improves your current CI/CD pipelines.
We continuously integrate automated and scalable Cloud Security into your software development lifecycle.

Read More
Security Chaos Engineering Program

Transfer the disruptive operational method of chaos engineering, developed initially by Netflix, to cloud security. We accompany your team(s) over the course of 12 month to establish the concepts and culture of Security Chaos Engineering (SCE).

Read More
Cloud Security Trainings

Never stop learning! The cloud never stops teaching! In Jan 2021 AWS consists of more than 199 ready to use service. 45+ of those are security related. Let us help to enable and educate you team(s) with an individual training plan over a timeframe of 6 to 24  months.

Read More
Custom Tailored Managed Service

Is there anything you need, but we haven’t covered? We are always curious and eager to learn about your requirements. And maybe, we develop a new Cloud Security Managed Service together.

Let's discuss

01 health-check

AWS certified architect challenges your platform setup in a brief mutual discussion.
view more

02 warm-up

Deep dive on your individual platform, either risk or best practice based: threat mod- eling workshop, security assess- ment or well architected review.
view more

03 launch

Platform improvement due to individually defined project work (AWS Security portfolio, Shift Left, Continuous Security, Automated Auditing).
view more

04 continuous improvement

Iterative proactive managed security services or consulting solutions.
view more