David Nester Joins ThreatModeler Software as Chief Security Officer

Former Global Director of Fortify on Demand Brings 20 Years of Enterprise Security Expertise

Jersey City, New Jersey, UNITED STATES

JERSEY CITY, NJ., Feb. 12, 2018 (GLOBE NEWSWIRE) -- ThreatModeler Software, Inc., provider of the industry’s #1 automated threat modeling platform, today announced that David Nester, the former Global Director of Fortify on Demand at Hewlett Packard Enterprise, has been selected as the company’s new Chief Security Officer.

“I was truly impressed with the ThreatModeler Platform,” said Nester. “When the ThreatModeler team demonstrated their automated platform and how it accurately identifies 99% of the potential static and dynamic application vulnerabilities before a single line of code is even written, I knew instantly this was the solution many organizations need.”

Anurag “Archie” Agarwal, founder and Chief Technical Architect of ThreatModeler™, added, “threat modeling has been used to identify potential threats in critical and high-risk applications for years. Traditional processes, though, are too slow and resource-intensive to be used effectively in today’s fast-paced agile and DevOps environments. That can be a real problem for enterprises. Pressure to produce functional products on a continuous basis often means that security considerations can be missed or overlooked.“

According to Nester, Fortune 1000 companies have used and trusted Static (“SAST”) and Dynamic (“DAST”) assessment technologies for years. These technologies are used to analyze code in software for vulnerabilities against a library of known threats and attacks. “The challenge for the enterprise in using SAST and DAST tools is twofold,” said Nester. “Scanners can only test for known threats and attack patterns which is difficult to combat when the threat landscape is constantly changing.  Not only do scanners miss these new threats, but they unfortunately produce a great number of false positives that need to be addressed. Adding that to the ever increasing speed of moving code into production and it’s easy to understand how vulnerabilities can get missed.  While organization are moving to a much more automated process for writing, testing, and deploying code, it’s critical to spend more time in the planning stages before a single line of code is written.”

“The impact of missed vulnerabilities is significant,” says Mark Meyer, Chief Revenue Officer of ThreatModeler. “Back when organizations only produced a handful of applications in a year, bringing an application back to developers for remediation after testing was common. Today enterprises may have hundreds or even thousands of applications in their CI/CD pipeline.”

According to Meyer, the increased production volume and continuous methods are forcing organizations to rethink how they secure their IT environments. “Not only will the ThreatModeler Platform identify 99% of SAST/DAST vulnerabilities before developers start coding,” added Meyer, “but the platform fully integrates with network and production toolsets to help organizations realize a better return on those investments.”

About ThreatModeler
Security Starts with ThreatModeler™ - the Industry's #1 Automated Threat Modeling Platform. 

ThreatModeler™ is an innovative enterprise threat modeling platform that helps organizations fully integrate security into their SDLC and realize sustainable ROI on their security resources. The centralized threat framework automatically and seamlessly integrates security within existing agile and DevOps workflows. By identifying and mitigating potential security threats early in the SDLC – prior to implementing SAST and DAST, ThreatModeler™ simplifies efforts associated with developing secure applications. ThreatModeler™ then empowers enterprise IT organizations to map their unique secure requirements and policies directly into their enterprise cyber ecosystem – providing real-time situational awareness about their current threat portfolio and risk conditions.

ThreatModeler was specifically identify by Gartner in their Hype Cycle for Application Security, 2017, for automating “security requirements definition, risk assessment and threat modeling,” with SDLC integration, which “can dynamically highlight potential security ramifications of functional requirements.”

ThreatModeler was awarded 1st place Winner of the Cybersecurity Excellence Award, 2017 and 2018, in the category of threat modeling product.

Brian Beyst
Senior Director of Marketing
ThreatModeler Software, Inc
101 Hudson St
Jersey City, NJ 07302
Phone: +1-507-251-0851