CISO Council

Mr. Zalewski currently provides CISO, security consulting and security advisory services. These include: • International cybersecurity advisor and trainer. • Executive advisory board member for security startups, providing guidance on security market direction and product requirements. • CISO advisory board member for venture capital firms internationally. • vCISO for companies requiring temporary or part-time CISO expertise. Services also include guidance and solutions to address incident response, security program design, security assessment, security due-diligence, vendor/supplier due-diligence, security architecture review, board reporting and other key security leadership requirements. Operational experience in Healthcare, Utilities and International Retail verticals. Key Strengths: •Organizational Management •Strategic Planning & Execution •Enterprise Security Architecture/Strategy •Executive and BOD Security Governance/Reporting •Cybersecurity Incident Response •Security Risk & Compliance Management Additionally, I co-hosts the CISOSeries Defense-in-Depth Podcasts and am a frequent speaker and panel moderator at industry events.

Sethu is a Co-founder of Zluri. He works with IT leaders across the globe to help them manage their IT stack and build a healthy bottom line. He believes SaaS and APIs will help everyone become a builder and softwari-zation of the world has just begun. He frequently writes on Software management and workplace automation. Before Zluri, he was part of the founding team at KNOLSKAPE and was its Chief Business Officer (APAC region), one of the leading corporate learning gamification startups that he helped scale across 30 countries.

As a future-oriented information security executive my key strength is coaching and educating cybersecurity companies on listening to and interpreting the pain-points and priorities of enterprise customers. These insights help drive effective product strategies, go-to-market strategies and ongoing customer success. Over the years, I’ve had the privilege of advising several cyber entrepreneurs who are now thriving. On the heels of their success, I was looking for a new challenge. In 2020, I had the opportunity to meet with the Noname Security team early in its platform design. Recognizing that they were on the verge of solving several challenges in securing APIs, I wanted to be a part of their exciting adventure. I joined Noname as Chief Information Security Officer, where I’m currently establishing a rigorous standard for operational and security excellence, in addition to advocating for ongoing platform changes based on our customers’ needs. ABOUT NONAME SECURITY: Noname Security ensures secure APIs at the speed of business with the most powerful, complete and easy-to-use API security platform. How do I know it works? I was their first customer! I believe in the platform and want to share it with the world. According to Gartner, APIs will be the #1 attack vector by 2022. Gateways and WAFs don’t protect against API breaches or find misconfigurations. API testing and bug bounty programs have significant gaps, leaving businesses exposed. Noname resolves API vulnerabilities across 4 key pillars, or as we call it, DART: ➤ Discover ➤ Analyze ➤ Remediate ➤ Test We’ll find and take inventory of all existing APIs, use AI-based detection to illuminate risks, block attacks in real time and run tests to ensure API integrity before production. WHAT YOU CAN EXPECT: ➤ Solid engineering underpinning a product that’s ahead of the competition ➤ Flexible deployment model with many integrations that adapt to your business ➤ Coverage of the 3 main areas needed to protect APIs: posture management, detection and response and code security What are you doing to protect your company’s digital content? Keep your company’s APIs out of the news with Noname Security. LEARN MORE: See what our customers are saying about us and find more information on our website: www.nonamesecurity.com

Karl is known globally as a cybersecurity innovator with over 25 years of diverse experiences as an enterprise CISO, technology strategist, and startup advisor across technology, retail and financial industry verticals. He serves today as the CISO for Endor Labs, a startup focused on software supply chain security. Prior to joining Endor Labs, Karl served as the CISO for Noname Security, specializing in API and Application Security. Previously, Karl held several leadership positions in the Financial Service community, including CISO for City National Bank, and later PennyMac Financial Services. Additionally, he was an active member of the FS-ISAC Mortgage Risk Council, President of the LA Cyber Lab, Financial Services Sector Chief for InfraGard, graduate of the FBI CISO Academy, and Adjunct Faculty at the University of Minnesota for over 10 years.