The Evolution of SaaS Management: Establishing Complete Control

CISO Council

April 16, 2024 - National


Steve Zalewski

Former CISO

Levi Strauss & Co.

Council Speaker

Mr. Zalewski currently provides CISO, security consulting and security advisory services. These include: • International cybersecurity advisor and trainer. • Executive advisory board member for security startups, providing guidance on security market direction and product requirements. • CISO advisory board member for venture capital firms internationally. • vCISO for companies requiring temporary or part-time CISO expertise. Services also include guidance and solutions to address incident response, security program design, security assessment, security due-diligence, vendor/supplier due-diligence, security architecture review, board reporting and other key security leadership requirements. Operational experience in Healthcare, Utilities and International Retail verticals. Key Strengths: •Organizational Management •Strategic Planning & Execution •Enterprise Security Architecture/Strategy •Executive and BOD Security Governance/Reporting •Cybersecurity Incident Response •Security Risk & Compliance Management Additionally, I co-hosts the CISOSeries Defense-in-Depth Podcasts and am a frequent speaker and panel moderator at industry events.

Sethu Meenakshisundaram



Council Speaker

Sethu is a Co-founder of Zluri. He works with IT leaders across the globe to help them manage their IT stack and build a healthy bottom line. He believes SaaS and APIs will help everyone become a builder and softwari-zation of the world has just begun. He frequently writes on Software management and workplace automation. Before Zluri, he was part of the founding team at KNOLSKAPE and was its Chief Business Officer (APAC region), one of the leading corporate learning gamification startups that he helped scale across 30 countries.

Karl Mattson


Noname Security

Council Speaker

As a future-oriented information security executive my key strength is coaching and educating cybersecurity companies on listening to and interpreting the pain-points and priorities of enterprise customers. These insights help drive effective product strategies, go-to-market strategies and ongoing customer success. Over the years, I’ve had the privilege of advising several cyber entrepreneurs who are now thriving. On the heels of their success, I was looking for a new challenge. In 2020, I had the opportunity to meet with the Noname Security team early in its platform design. Recognizing that they were on the verge of solving several challenges in securing APIs, I wanted to be a part of their exciting adventure. I joined Noname as Chief Information Security Officer, where I’m currently establishing a rigorous standard for operational and security excellence, in addition to advocating for ongoing platform changes based on our customers’ needs. ABOUT NONAME SECURITY: Noname Security ensures secure APIs at the speed of business with the most powerful, complete and easy-to-use API security platform. How do I know it works? I was their first customer! I believe in the platform and want to share it with the world. According to Gartner, APIs will be the #1 attack vector by 2022. Gateways and WAFs don’t protect against API breaches or find misconfigurations. API testing and bug bounty programs have significant gaps, leaving businesses exposed. Noname resolves API vulnerabilities across 4 key pillars, or as we call it, DART: ➤ Discover ➤ Analyze ➤ Remediate ➤ Test We’ll find and take inventory of all existing APIs, use AI-based detection to illuminate risks, block attacks in real time and run tests to ensure API integrity before production. WHAT YOU CAN EXPECT: ➤ Solid engineering underpinning a product that’s ahead of the competition ➤ Flexible deployment model with many integrations that adapt to your business ➤ Coverage of the 3 main areas needed to protect APIs: posture management, detection and response and code security What are you doing to protect your company’s digital content? Keep your company’s APIs out of the news with Noname Security. LEARN MORE: See what our customers are saying about us and find more information on our website:

April 16, 2024


All times Eastern Time

3:00 PM-4:15 PM

The Evolution of SaaS Management: Establishing Complete Control

In 2024, SaaS Management is evolving to control app spending, ensure compliance, and tackle shadow IT. Integrating IT policies with unified SaaS administration is crucial. Organizations need complete visibility into all apps and users to eliminate shadow IT. Granular access control across federated, non-federated, and shadow apps is essential. Continuous cost optimization requires enforcing centralized spend policies. Automation tools help stay compliant and audit-ready by streamlining access reviews and ensuring alignment with standards.

  • What challenges do organizations today face in eliminating Shadow IT? How can they enable granular & secure access control across federated, non-federated, and shadow apps?
  • How can companies enable continuous cost optimization by enforcing centralized spend policies?
  • What tools and strategies are leaders currently exploring and implementing to stay compliant and audit-ready?

In Partnership With