Global AppSec Strategy: Managing Risk and Innovation at Scale

Krishna Chaganti, Associate Director of AppSec at S&P Global, joins Raj to share how he scaled a globally distributed security program and built out a remediation support team that developers actually want to work with. Krishna explains how his team handles dynamic and static assessments, coordinates vulnerability triage across thousands of assets, and contributes to community initiatives like DVDB and bug bounty programs. The discussion also covers AppSec’s expanding role in M&A due diligence, the importance of proactive developer education, and why AI and automation are reshaping security expectations at enterprise scale.