EP 27 — Mohit Kalra: How Sprinklr Scales Product Security

In this episode of the Future of Application Security, Harshil speaks with Mohit Kalra, Vice President of Product Security at Sprinklr, a platform that enables the world's largest enterprises to market, advertise, research, care, and engage consumers. Together, they take a look at the overall management of product security in a SaaS organization that needs to keep a large amount of customer data safe. Mohit's advice includes how to prioritize your product security program, become more aware of your environment, make listening and learning a security process, and other useful tips, tricks, and strategies that any security leader can take and apply to their team today. 

Topics discussed:

• How a Product Security leader should think about security maturity,  for more reliable and repeatable actions.
• Why it's key to better understand your products and applications before you implement preventative controls.
• How to become more aware of what you have in your environment, where to start if you don't know what to secure, and how to create processes for remediation of issues that you find.
• How to establish listening as a process, and why it's key in getting to better know your products, teams, and business trajectory.
• Why ProdSec is an incremental process and has a problem of prioritization
• How to calculate your organization's risk, and why security starts with assessing the needs of the company.
• Why the best approach to remediation is to strategically ticket your security backlog, and how to do so in order to make the most progress.