How can we create a world where we can trust technology?

Research is critical to our mission at Security Compass. We actively engage and foster debate both inside and outside the security community to discuss critical issues that either face us today or will soon emerge.
Learn About Security Compass Research
Learn About Security Compass Research
OUR MISSION
From privacy and compliance to security and technology, we ask hard questions, challenge assumptions, and collaborate with key partners across industry, academia, and standards groups for the benefit of our whole industry.

From privacy and compliance to security and technology, we ask hard questions, challenge assumptions, and collaborate with key partners across industry, academia, and standards groups for the benefit of our whole industry. Security Compass is part of a much larger research and development community that comprises many different disciplines and interests.


We work closely with leading industry groups including Object Management Group, OASIS, IEEE, SAFECode, The Open Group, ISACA, PCI, and Cloud Security Alliance. Drawing on the expertise of thought leaders across multiple sectors, we encourage debate and widen access to knowledge, as we create a world where we can trust technology.

RESEARCH FOCUS

Our research interests evolve in response to the needs of our industry and community. Discover some of our current focus areas below.

Learn About Security Compass Research

GRC

We explore best Governance, Risk and Compliance (GRC) practices for continuously monitoring and aligning secure software development and product delivery pipelines with business drivers.
Learn About Security Compass Research

DevSecOps

We investigate how DevOps and Security practices can integrate into a better enterprise delivery pipeline.
Learn About Security Compass Research

Threat Modeling

We research democratizing threat modeling and applying automation to achieve a modern, scalable approach to address the known limitations of traditional practices.
Learn About Security Compass Research

Product Security

We discover ways to better integrate product and software delivery life cycles using DevSecOps workflows.
Learn About Security Compass Research

Zero Trust

We collaborate to shape the future of Zero Trust through IEEE and The Open Group working groups.

Our Community

At Security Compass, our researcher community is integral to asking and answering key questions. Meet some of our researchers below and discover their areas of interest and expertise.
Learn About Security Compass Research

Spencer Koch

Offensive Security Professional – Various

Learn About Security Compass Research
Hasan Yasar

Co Director, Secure Lifecycle Solutions, CERT, SEI, CMU

Learn About Security Compass Research
Simone Curzi

Principal Consultant – Microsoft Consulting Services

Learn About Security Compass Research
Ayhan Tek

VP of Information Security – Cyber Electra

ADD YOUR VOICE

We are always looking for new voices to collaborate with us as we explore the frontiers of application security.