New Context was founded in 2013 with the vision to keep the connected world safe and the mission to use Lean Security™ to automate the orchestration, governance and protection of critical infrastructure. Since then, we have been serving Fortune 500 companies and government entities by building secure compliant data platforms and enabling their teams to build secure and resilient software.
“[…] it is no longer capital but data that connects and drives everything […]”
– Shinzo Abe, Prime Minister of Japan @ World Economic Forum 2019 discussing Society 5.0
Lean Security™ is a methodology to reduce risk and increase velocity for companies who are embracing digital transformation and data economies. Inspired by lean, agile, DevOps and test-driven development, Lean Security™ is used to build secure and compliant software that increases efficiency, effectiveness and resilience.
Many software development teams still treat security and compliance as separate practices, and it is not uncommon to encounter cases of “the security person who is not invited in the room” [Read Epic Failures in DevSecOps, a publication of DevSecOpsDays.com Press].
Checking security and compliance is often done at the end of the software life cycle, while business requirements are treated first. In many cases, the solution is thought to be in the infrastructure, resulting in the addition of more tools. Since being founded, New Context realized that building efficient and resilient software relies on an ecosystem: infrastructure for sure, but also people and processes. Security and compliance should not be an add-on to software development, they should be integrated into it.
This realization is what makes Lean Security™ truly different: the methodology is based on principles, practices and tactics that are infused in the ecosystem of people, processes and infrastructure that produces software.