Back

Paul Davis

Field CISO

Paul is an experienced IT Security Executive who, as Field CISO at JFrog, works to help CISOs, IT execs and security teams, enhance protection of their software supply chain. Additionally, he advises IT security startups, mentors security leaders, and provides guidance on various IT security trends. Paul also spends his time exploring the latest technologies, DJing, reading, and boating.

The Latest From Paul Davis

  • RSAC 2025 Recap: Software Supply Chain Security Takes Center Stage
    | 5 min read

    The RSA Conference 2025 at the Moscone Center in San Francisco on April 28 - May 1, brought together over 44,000 cybersecurity professionals from around the world. This year's event, marking the 34th annual flagship conference, placed significant emphasis on software supply chain security and secure software development lifecycle (SDLC) practices. From the keynotes, speaking…

    Read More  

  • Mind the Gap: The Disconnect Between Execs & Developers
    | 4 min read

    Note: This blog post was previously published on Hackeroon We surveyed 1,200+ technology professionals from around the globe, including 300+ VP and C-level executives, on their AI/ML usage and software supply chain security efforts. Upon analysis, a surprising gap emerged between what executives believe is happening and what developers and engineers report is happening. Here’s…

    Read More  

  • Key Take Aways from RSA 2024
    | 7 min read

    The impact of the 2024 RSA Conference on security in San Francisco was beyond expectations.  It was really a fantastic opportunity to meet an amazing group of individuals from all stages of the software supply chain from CISOs to researchers to development and security teams. Our discussions reflected the key challenges facing software security professionals…

    Read More  

  • Removing Friction Between DevOps and Security is Easier than you Think
    | 11 min read

    Removing friction between DevOps and Security teams can only lead to good things. By pulling in the same direction, DevOps can make sure developers continue to work with minimum interruption, while automation and background processes make security more effective and consistent than before. And, security teams have the visibility and understanding of the software development…

    Read More  

  • Friction between DevOps and Security – Here’s Why it Can’t be Ignored
    | 5 min read

    Note: This post is co-authored by JFrog and Sean Wright and has also been published on Sean Wright's blog. DevOps engineers and Security professionals are passionate about their responsibilities, with the first mostly dedicated to ensuring the fast release and the latter responsible for the security of their company's software applications. They have many common…

    Read More