Registration required: April 10, 2025 – 7:00pm – 9:00pm Pacific Time | 2 CPEs
Session One – The Future of GRC Automation in Cybersecurity: How Automation Will Redefine Compliance
Mike Schreiner from Paramify will talk about how automation is transforming Governance, Risk, and Compliance (GRC), highlighting Paramify as the most efficient solution for simplifying compliance processes. Manual compliance is costly and error-prone. Automation addresses these challenges by streamlining documentation, enabling real-time gap assessments, and reducing human error. Paramify makes risk management accessible to everyone.
Mike is a business leader, entrepreneur, investor, and currently Chief Operating Officer at Paramify – the platform for automating compliance documentation. Paramify takes the process of generating and maintaining security documentation for compliance frameworks (including FedRAMP, CMMC, StateRAMP, SOC2, and more) from months of work down to hours, for a fraction of the cost. Mike has spent his career in startups, helping build and scale companies that solve hard problems – FedRAMP being one of the worst of those. He currently resides in Utah with his wife and four children.
With Paramify, you can:
- Automate SSPs and compliance documentation in days, not months.
- Simplify POA&M management and remediation tracking.
- Maintain up-to-date, future-proof documentation in OSCAL and human-readable formats.
By reducing planning time by 60%, documentation work by 85%, and remediation rounds by 40%, Paramify brings efficiency and joy back to GRC teams.
Compliance powered by tools like Paramify, is the future of compliance—faster, smarter, and frustration-free.
Session Two – Find Your API Exploits Before They Do – APISec
Dan Barahona from APISec will discuss why attackers are targeting APIs, how they are getting exploited, and what you can do to keep your applications secure.
Dan Barahona, Co-founder of APIsec University – a site with free API security content with 100,000 students. Dan has over 20 years in cybersecurity with leadership positions at Qualys, Anomali, HP/ArcSight.
APIsec Overview: The APIsec security testing platform discovers the most serious API vulnerabilities that lead to data theft and compromise. APIsec automatically creates and runs thousands of attack playbooks, custom-generated for each unique API, to find security vulnerabilities and data logic flaws BEFORE production. The zero-touch deployment model requires no source code access, no agents, and nothing inline. APIsec runs at the speed of DevOps, alerting security teams and developers immediately of new vulnerabilities in the CI/CD pipeline, ensuring all API code is continuously validated.
