Published on : Nov 21, 2022
Today, ControlPlane is proud to announce its continued global expansion in the United States, New Zealand, and Australia supported by key executive hires. Long-time friend of the company Andrés Vega, a product leader formerly responsible for security at VMware, has joined as VP of Operations for North America. Aiman Alsari, Principal Engineer and long-term financial services consultant, has been promoted to Head of Asia Pacific to lead ControlPlane’s APAC expansion from New Zealand.
ControlPlane, a cloud native and open source cybersecurity consultancy which began in London in 2017, now serves Europe, Asia Pacific, and North America with direct entities throughout the UK, Germany, Italy, Netherlands, France, Spain, Portugal, New Zealand, and the US, with regional teams rendering professional services implementing zero trust infrastructure for regulated industries.
“The use of open standards and open specifications introduce a practical security roadmap that solves long-standing critical governance problems for our regulated customers,” said Andres Vega, Vice President of Operations, North America at ControlPlane. “ControlPlane’s services, tools, and expertise sensibly ease the task of operating modern software in the most stringent of environments without compromising peace of mind in terms of risk.”
Built upon a track record of delivering trust, safety, and assurance outcomes to cloud providers, multinational banks, and regulated enterprises around the globe, this team of cloud native experts and security engineering practitioners serve one mission: to realize the promise of cloud developer productivity and secure operational efficiency in the sensitive systems that underpin the critical infrastructure and hyperconnected digital reality of modern life.
“With the recent spate of breaches seen in Australia, security concerns are under the collective lens. Our history of deploying strong preventative and detective controls using cloud native technology means we are in a strong position to advise on and remediate security issues for businesses in the region. The ever-increasing adoption of cloud native technologies presents opportunities to accelerate organizational growth for our customers, and I’m really excited to bring ControlPlane’s world-class knowledge and expertise to APAC businesses,” says Alsari, Head of Asia Pacific at ControlPlane.
ControlPlane has a proven track record of open source collaboration and leadership, co-chairing the Linux Foundation’s Technical Advisory Group on Security (CNCF TAG Security), acting as pro-bono CISO for the open source charity OpenUK, and contributing to the Open Source Security Foundation (OpenSSF) and Fintech Open Source Foundation (FINOS) community working groups.
ControlPlane delivers security assurance to its customers through four primary specialized outcomes:
1) Embed trust and assurance through architecture and automation: Modern applications must be architected and developed with security insight from inception to delivery. Doing so requires analysis and modeling of the threat landscape: ControlPlane provides value through the design, implementation, and enforcement of programmatically driven and continuously verified security services built upon open standards and specifications.
2) Strengthen defense through offensive security: Resiliency in the face of the evolving threat landscape demands operational readiness. Developing the capability to withstand and overcome adversity is the product of a practical, oppositional understanding of the intent of state actor collaborators and their tactics. Operating under an “assumed breach” mentality, ControlPlane excels at threat modeling, penetration testing, attack chaining, and understanding advanced threats targeted at complex distributed systems, isolated execution environments, content inspection systems, and data query execution environments. This is combined with Red Team enablement, utilizing knowledge of Kubernetes attack paths gained through the creation of cloud native attack trees, authorship of “Hacking Kubernetes” for O’Reilly, and gamified breach simulation built with in-house tooling to yield a safer adaptive posture.
3) Catalyze organization transformation through education and support: Organizations want their developers to rapidly deploy new applications and services whilst automatically applying security best practices with minimal fuss. ControlPlane's codified body of knowledge and technical libraries provide a sound foundation for customer engineers to develop and deploy software while simultaneously enabling security teams to step back from expensive and time-consuming manual security reviews by utilizing shared context and tooling.
4) Ingrain trust in the supply chain: Open source adoption has increased dramatically in the past five years, yet over 90% of open source software installed today has a vulnerability and related patch. The asymmetry between secure adoption and fair remuneration of open source maintainers presents an imbalanced incentive structure, and through years of experience and collaboration with the world-leading Secure Systems Lab at NYU Tandon School of Engineering, ControlPlane is uniquely placed to reduce third-party code risk and harden open source ingestion pipelines for systems of the highest sensitivity, ensuring rapid development velocity with light-touch security guardrails.
“Open source is the new security frontier for organizations wishing to attract and retain the world’s best talent. As we continually respond to the ever-evolving threat landscape, ControlPlane is honored to welcome two recognized industry magnates to high-impact executive roles, continuing to enhance and expand our leadership in private and public sector organizations across the globe,” says Andrew Martin, founder and CEO.