Salesforce, Inc. - Experts & Thought Leaders

Bugcrowd, the pioneer in crowdsourced security, announced the addition of Trey Ford as Chief Information Security Officer for the Americas, to the leadership team. Trey is a seasoned strategic advisor and security thought pioneer with over 25 years of experience in offensive and defensive security disciplines. Trey has held key leadership roles at Deepwatch, Vista Equity Partners, Salesforce, Black Hat, and more. He has also been a valued member of Bugcrowd's advisory board for over a decade. Future of cybersecurity Trey is eager to work with firm pioneers, corporate directors, and investors to help teams Trey is passionate about working with enterprise pioneers, corporate directors, and investors to help teams strengthen their technology and execution strategy. “I’m really looking forward to joining this amazing Bugcrowd team and this fast-growing, dynamic organisation that continues to execute on its compelling vision for the future of cybersecurity, based on the ingenuity of the crowd,” Ford said. “I’ve always believed in taking a hands-on approach to building, breaking, and deconstructing security problems to first principles-I intend to continue applying that same mindset here at Bugcrowd.”  Team’s capabilities to new heights “Trey’s addition to our team marks a pivotal moment for enhancing our operational capabilities in the Americas region,” said Nick McKenzie, Chief Information and Security Officer of Bugcrowd. “His leadership and offensive security expertise, coupled with his ability to help us connect with and support customers, will elevate the team’s capabilities to new heights—a timely appointment with our current business momentum.” Bugcrowd’s AI-powered platform Bugcrowd told an other growth capital facility of USD 50 million from Silicon Valley Bank in October Bugcrowd also announced the availability of Bugcrowd Continuous Attack Surface Pentesting as a Service Subscription, a new way to consume pen testing. By using this subscription model, customers can enjoy the flexibility and predictability of pre-paid capacity on the Bugcrowd Platform to be drawn-down on demand. In addition, Bugcrowd announced an additional growth capital facility of USD 50 million from Silicon Valley Bank in October. The new financing will further scale Bugcrowd’s AI-powered platform globally, fund continued innovation into the Bugcrowd Platform, and leverage opportunities for strategic M&A, providing added value to clients, partners, and the hacker community. Powerful insights  “We are extremely excited by the rapid growth and market momentum that Bugcrowd has achieved so far this year,” said Dave Gerry, Chief Executive Officer of Bugcrowd. “We believe we are putting together the world’s strongest combination of people and technologies to deliver on the powerful insights provided by elite hackers operating on our global Platform.” The Bugcrowd Platform connects organisations with trusted security researchers and hackers to help proactively defend themselves against sophisticated threats. Bugcrowd’s crowdsourced solutions For over a decade, Bugcrowd’s unique "skills-as-a-service" approach has uncovered more high-impact vulnerabilities than traditional methods, along with clearer ROI, for more than 1,200 customers – including OpenAI, Google, T-Mobile, Carvana, the US Department of Defence’s Chief Digital and Artificial Intelligence Office (CDAO), ExpressVPN, Rapyd, New Relic, and OpenSea.  With unmatched flexibility and access to a decade of vulnerability intelligence, the Bugcrowd Platform has evolved to address a changing attack surface influenced by the adoption of mobile infrastructure, hybrid work, APIs, crypto, cloud workloads, and AI. Bugcrowd’s crowdsourced solutions include penetration-testing-as-a-service, managed bug bounties, vulnerability disclosure programs (VDPs), and AI Safety and Security products.

HackerOne, the pioneer in human-powered security, announced partnerships with GuidePoint Security and Softcat to simplify how enterprises access the world’s largest security researcher community. Through PartnerOne, partners will open new revenue streams with buyers worldwide who must meet growing global regulatory requirements and fight complex, emerging threats. Additional international partners, including APNT and BlueFort Security will serve a diverse customer base.  Security strategies For the first time, partners can offer their customers human-powered, AI-boosted services, including AI red teaming, vulnerability disclosure, bug bounty, and on-demand pentesting that complement existing security strategies to deliver cyber resilience.  PartnerOne supports channel and technology partners, including value-added resellers (VAR), solutions providers, and referral partners, among others. The program prioritises simplifying customers’ access to the global security researcher community and providing transparency and profitability for partners, offering: Transparent pricing and program structures - HackerOne solutions follow a simple subscription-style pricing structure, with one hundred percent of bounty rewards continuing to go to researchers engaging on the platform. Hands-on partner and program support - Partners gain tools like free online training and enablement, opportunity management, lead source sharing, renewals managers, and more.  A dedicated partnerships leader - John Addeo, VP of Global Channels, brings more than two decades of global enterprise IT and cybersecurity business expertise to lead the program and advocate for ParterOne’s partners and their customers' best interests. Leading brand-name testimonials - Partners can provide their customers with case studies and testimonials from leading organisations, including General Motors, the U.S. Department of Defense, the UK Ministry of Defence, Adobe, Zoom, Hyatt, Salesforce, and Goldman Sachs. Continuous innovation and platform improvements - In February, HackerOne announced its new AI co-pilot Hai, which is changing the way organisations run their programs, reducing the time it takes to find and address threats. The company also announced CREST certification of its penetration testing solution, so testers are up-to-date on best practices so organisations stay compliant.  Complex cybersecurity challenges "As the threat landscape grows, all industries are confronted with increasingly complex cybersecurity challenges. More complexity also means automated solutions might not always detect gaps that a bad actor could exploit," said Justin Iwaniszyn, Director of New and Emerging Alliances at GuidePoint Security. "HackerOne's solutions offer access to a global community of security researchers who find elusive, high-impact vulnerabilities, so customers stay ahead of emerging threats and remain compliant in an evolving regulatory landscape." Human-powered security solutions “With the addition of HackerOne, our customers have gained access to pioneering human-powered security solutions, which complement and extend our existing suite of offerings,” said Remco Poortvliet, CTO at APNT. “Our customers can now access an extensive, global community of security researchers and benefit from AI red teaming, bug bounty programs, and penetration testing.” “Partnering with HackerOne was a no-brainer for Bluefort,” said David Henderson, CEO at BlueFort Security Ltd. “As our clients increasingly drove demand for vulnerability disclosure and bug bounty programs, we assessed the UK market and arrived at the conclusion that HackerOne’s proposition and execution were the most complete." Critical challenges Henderson added: "Coupled with a 100% channel-friendly partnership model, we are excited to build on the impressive traction that we have already made with HackerOne to solve these critical challenges for our customers.” “A rapidly evolving threat landscape has driven strong market demand for the adversarial testing skills, services, and risk reduction that only security researchers can provide,” said John Addeo, VP of Global Channels at HackerOne. “Expanding access to HackerOne across the channel enables our growing partner network to build an additional revenue opportunity and support their customers through increasingly complex cybersecurity challenges.” HackerOne’s platform PartnerOne will simplify how global organisations access HackerOne’s platform, which continues to grow as businesses discover the benefits of the diverse security researcher community.  Earlier this month, HackerOne announced a record-breaking Q2, with AI red teaming and pentesting businesses growing 200% quarter-over-quarter. 

Siemens Digital Industries Software announced the new Teamcentre® SLM app on Salesforce AppExchange. Developed by Siemens in collaboration with Salesforce, the app connects product engineering and product service operations by bringing together the Teamcentre Service Lifecycle Management solution from the Siemens Xcelerator portfolio of industry software with Salesforce Manufacturing Cloud and Salesforce Service Cloud.  Service-centric business models This new app enables manufacturers to adopt more service-centric business models, improve the customer experience, and increase service revenue.  “Siemens and Salesforce are coming together to enable manufacturers to connect to their customers in whole new ways through this innovative integration of service lifecycle and customer relationship platforms,” said Zvi Feuer, Senior Vice President of Digital Manufacturing, Siemens Digital Industries Software. Closed loop integration The app delivers an enhanced customer service experience that can revolutionise service operations" Zvi Feuer adds, “Through our new collaboration with Salesforce, we’re helping manufacturers move to servitisation through a closed loop integration that brings together product knowledge with the full customer story." Zvi Feuer continues, "The app delivers an enhanced customer service experience that can revolutionise service operations, foster collaboration between engineering and service teams, and drive enhanced customer satisfaction - by delivering the right information at the right time in a single, centralised location.” Benefits of Teamcentre SLM app Benefits of the new Teamcentre SLM app include improving operational efficiency through a better first-time-fix ratio, reducing the cost of service, and helping to improve alignment between sales and service efforts. Equipped with the right asset information, tools, and inventory, service teams can improve the customer service experience and drive revenue growth.   Visibility and AI technology The app can scan knowledge articles created from service plans authored in Teamcentre to help find resources The app also gives greater visibility for technicians and field staff into customer asset information alongside the graphically rich product data, managed in Teamcentre helping service activities to be completed successfully the first time.  With access to Einstein, Salesforce’s AI technology, the app can scan knowledge articles created from service plans authored in Teamcentre to help find resources and solutions. With easy access to service data, manufacturers can drive continuous product improvement as lessons learned through service events become part of each asset’s digital twin. Efficiency and service “We’re excited to partner with Siemens to help manufacturers increase efficiency, provide better service, and open new revenue streams,” said Achyut Jajoo, SVP & GM of Manufacturing and Automotive, Salesforce. Achyut Jajoo adds, “By bringing together Salesforce, which is powered by real-time data and AI, with Siemens’ Teamcentre service lifecycle management, we can help advance digital transformation across the sector and empower manufacturers to deliver better service while generating new revenue streams.” The Teamcentre SLM app is available on Salesforce AppExchange.

Many people, quite correctly, point to Salesforce.com—which launched in February of 2000—as the first example of cloud computing. In the years following, the term ‘cloud’ became so popular and was applied to so many products and service offerings, that it became almost meaningless. The result was cloud confusion in the business world and in the media. In one stark example from 2008, Oracle CEO Larry Ellison described news stories about cloud as, ‘complete gibberish.’ Endeavouring to provide some clarity on cloud, the U.S. National Institute of Standards and Technology (NIST) worked for more than two years to put together ‘The NIST Definition of Cloud Computing,’ which defines the five essential cloud computing characteristics and several ‘as-a-service’ cloud computing models. True cloud applications In the security industry, we talk about ‘True Cloud.’ It’s a term coined by Dean Drako, Founder and Former President and CEO of Barracuda Networks, now Founder and CEO of Eagle Eye Networks, IC Manage and Drako Motors. It refers to software running in the cloud that has the five essential cloud computing characteristics. It refers to software running in the cloud that has the five essential cloud computing characteristics A true cloud system is built from the ground up and is designed to function in the cloud for optimum cost and performance, using the Software as a Service (SaaS) model as defined in the NIST document. Despite the efforts of NIST and others, false cloud marketing persists. A CIO magazine article coined the term ‘cloudwashing’ to describe ‘the practice of taking legacy software and running it on a cloud instance, while calling it ‘true cloud.’ Physical security industry So, it should not be surprising that within the physical security industry, many vendors have been loosely using the term ‘cloud’ to market any kind of software deployment in a public cloud data centre (such as AWS or Azure) as a ‘cloud offering,’ implying some level of conformance to the NIST cloud computing definition and its SaaS model, even though there isn’t. Virtualisation and Orchestration are secrets to popularity of cloud popularity. In early 2022, DataArt reported that 94% of all business workloads are now processed on the cloud (75% is SaaS), and that half of all enterprise businesses expect to become cloud-native in 2022 (i.e., all or nearly all applications will be true cloud). A close look at the cloud computing essential characteristics reveals how and why cloud computing is becoming so popular. Operating system software The essential characteristics of cloud are established by using two software techniques The essential characteristics of cloud are established by using two software techniques: virtualisation and orchestration. Virtualisation is a technique of using software to make virtual computing environments that act like physical hardware, but they are really software representations of the capabilities of underlying hardware. This can be used, for example, to split a single physical server into multiple ‘virtual’ servers, making it appear as though each virtual server's operating system software is running on its own dedicated computer hardware and allowing each operating system to be rebooted and run independently. It can also be used in the opposite way, making the memory and processing resources of multiple computers work together as if they were a single large computer. Individual physical server The main difference between cloud virtualisation and traditional virtualisation is that very large, virtualised pools of computing resources are automatically managed by cloud virtualisation software, whereas traditional virtualisation relies on manual processes to adjust the sharing of computing resources on each individual physical server. Orchestration is the automated configuration and coordination of data centre computer systems Orchestration is the automated configuration, management, and coordination of data centre computer systems, applications, and services – including cloud computing services. Orchestration is used to automate complex IT tasks and workflows by simplifying the management of large-scale computing environments. This is what makes self-service possible for cloud-based systems. The five essentials These are the five essential characteristics that make high-performing scalable cloud systems and applications possible: Resource pooling, as described above, is the most fundamental cloud characteristic. A set of virtualised computing resources are shared by many subscribers whose resource usage is isolated from that of other subscribers, which is referred to as multi-tenancy. On-demand self-service allows security integrators or end-users to expand their subscriptions when they want to change the number of cameras, change a camera’s recorded video resolution, or update the number of days for a camera’s video retention. These selections are made in an application dashboard and don’t require human intervention from the cloud application provider. Broad network access means that all user application functionality is available from anywhere an internet connection is available, analogue or network cameras can be connected via cloud-managed appliances at a facility, and cameras made for connecting directly to the cloud data centre can be placed practically anywhere. Rapid elasticity allows computing resources to be increased or decreased instantly, for example, to maintain sufficient video retention for outdoor cameras, which has traditionally been a challenge even for motion-based recording, in weeks when rain, wind or other activity spikes up the percentage of time motion recording is activated. Measured service meters the resources provided to ensure that each subscriber only uses and pays for the resources allotted by subscription. Video management systems That’s why vendors of all types are eager to market their products and services as cloud The combination of these cloud characteristics means that video management systems are always provisioned correctly, eliminating concerns about system sizing and hitting CPU processing or storage capacity ceilings, and trying to prevent over-provisioning, which raises both fixed costs and variable operational costs in non-true-cloud systems. More than two decades after the first cloud computing systems were launched, the benefits of the cloud are well understood. That’s why vendors of all types are eager to market their products and services as the cloud. However, it’s important to look beyond marketing. Pooling, rapid elasticity, and on-demand self-service are not easy to deploy securely and globally. It takes years of cloud computing engineering experience and a considerable amount of investment to get it right. Will your system provide all of the benefits of a true system to both end-user and integrator? It’s worth taking the time to ask your vendor how the system conforms to the five essential characteristics of a true cloud system.