SimpleRisk // Josh Sokol

SimpleRisk is an enterprise-grade platform designed for any size organization that can be used to meet all of your Governance, Risk Management, and Compliance needs. In addition, SimpleRisk added a new Incident Management module in July of 2020. It boasts functionality that is comprehensive enough to be deployed by some of the largest enterprises in the world yet presents a user interface so simple and intuitive it can be used by the least technical people in your organization and is a fraction of the cost of traditional GRC tools.

Company Location: | Company Website


With Speaker: Josh Sokol

September 19th, 2013

My early career was focused around System Administration (Linux and Unix) with an emphasis on web technologies such as web servers, FTP servers, application servers, and databases. That said, Information Security has always been my passion and in early 2010 National Instruments finally gave me the opportunity to become the Information Security Program Owner. Today, I continue to run their security program handling everything from compliance to enterprise risk management to vulnerability management and more; none of which existed prior to me starting the program. I have instructed many different trainings internally and have presented externally at a large number of conferences including BlackHat, BSides Las Vegas, OWASP AppSecUSA, MISTI InfoSecWorld, HouSecCon, and TRISC as meetings for OWASP, ISSA, and SPIN. I have a BS in CS, but I enjoy breaking web applications much more than I ever enjoyed developing them.

Specialties: linux, unix, apache, mysql, oracle application server, tomcat, websphere, weblogic, bea, ibm, web application security, proxies, tokenization, metasploit, vulnerability management, enterprise risk management, compliance (sox & pci), and much more!