Michael Isbitski is an Analyst in Gartner for Technical Professionals Security and Risk Management Strategies team. Mr. Isbitski's coverage areas include application security programs (e.g., secure design, S-SDLC, DevSecOps, secure continuous delivery), application security testing (e.g., SAST, DAST, IAST), application protection (e.g., bot management, RASP, WAF, application shielding, application wrapping) and API security.
Prior to joining Gartner, Mr. Isbitski led a team of security practitioners responsible for a variety of application security activities including security testing, ethical hacking, training and awareness, and incident handling. He has over 20 years of combined IT experience in the fields of application security, vulnerability management, risk assessment, and enterprise architecture. His experience is within multiple industries including telecommunications, energy and utilities, and healthcare.
Manager - Application Security Assessment Services
Distinguished Member of Technical Staff - IT Application Security
Verizon Data Services
Senior Member of Technical Staff - Planning and Engineering
M.S., Cum Laude, Information Assurance, Capitol College
B.S., Cum Laude, Information Technology, New Jersey Institute of Technology
1How do I develop secure web/mobile applications and web APIs? (S-SDLC)
2How can I verify security of web/mobile applications and web APIs? (AST)
3How do I adapt application security for agile development and DevOps initiatives? (DevSecOps)
4How do I protect web/mobile applications and web APIs from exploits and abuse in production?
5How can I validate security of open-source software components in application development?