Episode Summary In this episode of The Secure Developer, Danny Allan sits down with Akira Brand , AVP of Application Security at PRA Group , to explore the evolving landscape of application security and AI. Akira shares her unconventional journey from opera to cybersecurity, discusses why AppSec is fundamentally a customer service role and breaks down how AI is reshaping security workflows. Tune in to hear insights on integrating security seamlessly into development, AI’s role in secure coding, ...
Apr 15, 2025•35 min•Season 10Ep. 162
Episode Summary In this episode of The Secure Developer, host Danny Allan sits down with Alex Salazar , founder and CEO of Arcade , to discuss the evolving landscape of authentication and authorization in an AI-driven world. Alex shares insights on the shift from traditional front-door security to back-end agent interactions, the challenges of securing AI-driven agents, and the role of identity in modern security frameworks. The conversation delves into the future of AI, agentic workflows, and h...
Apr 01, 2025•39 min•Season 10Ep. 161
Episode Summary In this episode of The Secure Developer, Danny Allan sits down with Mrinal Wadhwa , CTO at Ockam , to explore the evolving landscape of secure communication in distributed systems. They discuss the challenges of securing microservices, IoT networks, and Kubernetes environments and how traditional TLS-based security models may no longer be sufficient. Mrinal shares insights into Ockam’s approach to end-to-end encrypted, mutually authenticated channels and the impact of WebAssembly...
Mar 18, 2025•41 min•Season 10Ep. 160
Episode Summary In this episode of The Secure Developer, Danny Allan , CTO of Snyk, sits down with Wayne Chang , Founder and CEO of SpruceID , to explore the evolving landscape of digital identity and security. From self-sovereign identity to the role of AI in authentication, they discuss the future of identity management, the risks of centralized systems, and the benefits of decentralized approaches. They also dive into how policy, compliance, and emerging technologies like passkeys and zero-kn...
Mar 04, 2025•39 min•Season 10Ep. 159
Episode Summary Security is more than just a checklist—it’s a cultural movement. In this episode, Dustin Lehr , Co-founder of Katilyst , joins Danny Allan to explore the intersection of security, engineering, and culture. They discuss how to foster security champions, scale security programs, and build a culture where developers naturally integrate security into their workflows. Dustin shares insights from his extensive career, offering practical strategies for creating lasting change in securit...
Feb 18, 2025•38 min•Season 10Ep. 158
Episode Summary Join Jeremiah Grossman , application security pioneer and former CEO of WhiteHat Security , as he reflects on decades of innovation in the industry, from the early days of OWASP to today’s AI-driven development landscape. Explore critical discussions about the escalating costs of security, aligning developer incentives, and the future challenges posed by AI-generated vulnerabilities. Packed with insights, this episode dives deep into the strategies and frameworks shaping the way ...
Feb 04, 2025•37 min•Season 10Ep. 157
Episode Summary In this episode of The Secure Developer, host Danny Allan sits down with David Mytton , founder and CEO of Arcjet , former CEO of Server Density , and co-founder of Console.dev . David shares his insights into bridging the “developer-security gap” with Arcjet, a cutting-edge middleware SDK designed to empower developers with advanced security tools like rate limiting and bot protection. The conversation dives into the evolution of developer tools, the growing role of AI in coding...
Jan 21, 2025•34 min•Season 10Ep. 156
Episode Summary Imagine if AI could detect and fix vulnerabilities in your code faster and with greater precision than ever before. That future is already here! In today’s episode, we’re joined by Berkay Berabi , an AI researcher and Senior Software Engineer at Snyk , to dive into the cutting-edge world of AI-powered vulnerability detection. Berkay offers insight into how Snyk is leveraging a hybrid AI approach to detect and fix vulnerabilities in code, combining human-driven expertise with mach...
Jan 07, 2025•30 min•Season 10Ep. 155
Episode Summary Are you ready to revolutionize your coding experience with cutting-edge AI tools? In this episode of The Secure Developer, host Danny Allan is joined by Jeff Wang , Head of Business at Codeium , to take a deep dive into the transformative power of generative AI in software development. Discover how coding assistants have evolved from simple auto-complete functions to sophisticated AI-driven tools, the significant impact these advancements have had on productivity and innovation, ...
Aug 06, 2024•35 min•Season 9Ep. 154
Episode Summary In this episode of The Secure Developer, David Imhoff , Director of DevSecOps and Product Security at Kroger , shares insights on implementing DevSecOps in large organizations. He discusses balancing regulatory compliance with business objectives, fostering a security culture, and the challenges of risk mitigation. David also explores the importance of asset management, security champions, and the potential impact of AI on cybersecurity practices. Show Notes In this episode of Th...
Jul 23, 2024•40 min•Season 9Ep. 153
Episode Summary In this special episode of “The Secure Developer,” host Danny Allan interviews Snyk founder Guy Podjarny about the origins and evolution of Snyk. Guy shares his journey from conceptualizing Snyk in the shower to building it into a developer-first security platform. They discuss the challenges and successes of integrating security into the developer workflow, the importance of open-source security, and the impact of AI on the industry. Guy also provides insights into Snyk’s focus ...
May 28, 2024•51 min•Season 9Ep. 152
Episode Summary In this episode of The Secure Developer we're joined by Brian Vallelunga , Founder and CEO of Doppler , to discuss the importance of secrets management in modern application development. Brian shares his journey in creating Doppler, a secrets manager designed for developers and DevOps teams, and highlights the challenges organizations face in managing sensitive data such as API keys, database credentials, and certificates. The conversation explores best practices for secure secre...
Apr 23, 2024•26 min•Season 9Ep. 151
Special news about the future of The Secure Developer! Follow Us Our Website Our LinkedIn
Apr 09, 2024•3 min•Season 9Ep. 150
Episode Summary Are you curious about the ever-changing landscape of data security? In this episode, we are joined by Danny Allan , the newly appointed Chief Technology Officer at Snyk, to delve into the evolving landscape of data security. In our conversation, we discussed his professional background and how he went from hacking security systems at university to becoming a security expert at Snyk. Hear about his experience in dynamic application security testing and the challenges and opportuni...
Mar 20, 2024•37 min•Season 9Ep. 149
Episode Summary Explore the role of consolidated platforms in software development with our guest, John Delmare , Global Application and Cloud Security Lead of Accenture. This episode dives into the growing complexity in the developer space and how these platforms streamline processes and foster collaboration among distributed teams. We discuss balancing application and cloud security, the financial and time-saving benefits of integrated platforms, and the role of best-of-breed technology in an ...
Feb 26, 2024•29 min•Season 9Ep. 148
Episode Summary In this episode of The Secure Developer, Guy Podjarny and guest Sean Catlett discuss the shift from traditional to engineering-first security practices. They delve into the importance of empathy and understanding business operations for enforcing better security. Catlett emphasizes utilizing AI for generic tasks to focus on crafting customized security strategies. Show Notes In this episode of The Secure Developer, host Guy Podjarny chats with experienced CISO Sean Catlett about ...
Feb 12, 2024•49 min•Season 9Ep. 147
Episode Summary In this special episode, our guest host, Liran Tal , interviews Snyk's Staff Security Researcher, Rory McNamara , about newly discovered high-impact container breakout vulnerabilities. Liran and Rory go deep into the vulnerabilities and cover everything you need to know, how the vulnerabilities were discovered, and much more. Show Notes In this informative episode of The Secure Developer, guest host Liran Tal chats with Snyk security researcher Rory McNamara about his ground-brea...
Jan 31, 2024•51 min•Season 9Ep. 146
Episode Summary Laura Bell Main , CEO at SafeStack , discusses the two-fold implications of AI for threat modeling in DevSecOps. She highlights challenges in integrating AI systems, the importance of data verifiability, and the potential efficiencies AI tools can introduce. With guidance, she suggests it's possible to manage the complexities and ensure the responsible utilization of AI. Show Notes In this intriguing episode of The Secure Developer, listen in as Laura Bell Main, CEO at SafeStack,...
Jan 29, 2024•45 min•Season 9Ep. 145
In this engaging episode, hosts Simon Maple and Guy Podjarny delve into the transformative role of AI in software development and its implications for security practices. The discussion starts with a retrospective look at 2023, highlighting key trends and developments in the tech world. In particular, they discuss how generative AI is reshaping the landscape, altering the traditional roles of developers and necessitating a shift in security paradigms. Simon and Guy explore AI-generated code chal...
Jan 08, 2024•1 hr 7 min•Season 9Ep. 144
Episode Summary Guy explores AI security challenges with Salesforce's VP of Security, Henrik Smith . They discuss the fine line between authentic and manipulated AI content, stressing the need for strong operational processes and collaborative, proactive security measures to safeguard data and support secure innovation. Show Notes In this episode, host Guy Podjarny sits down with Henrik Smith, VP of Security at Salesforce, to delve into the intricacies of AI and its impact on security. As the li...
Dec 11, 2023•46 min•Season 8Ep. 143
Episode Summary In this episode of The Secure Developer, our co-hosts Simon Maple and Guy Podjarny discuss the rise of AI in code generation. Drawing from Snyk's 2023 AI Code Security Report , they examine developers' concerns about security and the importance of auditing and automated controls for AI-generated code. Show Notes In this compelling episode of The Secure Developer, hosts Simon Maple and Guy Podjarny delve into the fascinating and fast-paced world of artificial intelligence (AI) in ...
Dec 04, 2023•43 min•Season 8Ep. 142
Episode Summary In this episode, Tomasz Tunguz of Theory Ventures discusses the intersection of AI, technology, and security. We explore how AI is revolutionizing software development, data management challenges, and security's vital role in this dynamic landscape. Show Notes In this episode of The Secure Developer, Guy Podjarny engages in a deep and insightful conversation with Tomasz Tunguz, founding partner of Theory Ventures. They delve into the fascinating world of AI security and its burge...
Nov 20, 2023•46 min•Season 8Ep. 141
Episode Summary In this episode, Dr. Christina Liaghati discusses incorporating diverse perspectives, early security measures, and continuous risk evaluations in AI system development. She underscores the importance of collaboration and shares resources to help tackle AI-related risks. Show Notes In this enlightening episode of The Secure Developer, Dr. Christina Liaghati of MITRE offers valuable insights on the necessity of integrating security considerations right from the design phase in AI s...
Oct 30, 2023•36 min•Season 8Ep. 140
This week, we're rewinding to play one of our favorite episodes from the archive! We'll be back with a brand-new episode in two weeks! Today’s guest is someone we have wanted to have on the show for a long time, and we are so happy to finally welcome him. Dev Akhawe is the Head of Security at Figma, the first state-of-the-art interface design tool that runs entirely in your browser. Before that, Dev worked at Dropbox, as Director of Security Engineering, leading application security, infrastruct...
Oct 16, 2023•44 min•Season 8Ep. 139
As AI adoption continues to grow, it's important that effective risk management strategies and industry security standards evolve along with it. To discuss this, we are joined by Royal Hansen, the VP of Engineering for Privacy, Safety, and Security at Google, where he drives the overall information security strategy for the company’s technical infrastructure (and keeps billions of people safe online). Royal cut his teeth as a software developer for Sapient before building a cyber-security practi...
Oct 02, 2023•54 min•Season 8Ep. 138
Security is changing quickly in the fast-paced world of AI. During this episode, we explore AI safety and security with the help of David Haber, who co-founded Lakera.ai. David is also the creator of Gandalf, an AI tool that makes Large Language Models (LLMs) accessible to everyone. Join us as we dive into the world of prompt injections, AI behavior, and its corresponding risks and vulnerabilities. We discuss questions about data poisoning and protections and explore David’s motivation to create...
Sep 19, 2023•52 min•Season 8Ep. 137
On episode 126 of The Secure Developer we had a fascinating conversation with Guy Rosen, who is the current CISO at Meta. In our chat, we are able to mine Guy's vast experience, expertise, and perspective on what being CISO at a huge tech company in today's climate requires, focusing on how security and integrity concerns come together and play out. In his role at Meta, Guy oversees both of these areas, and listeners will get to hear how he distinguishes the two worlds, and also where they overl...
Aug 15, 2023•43 min•Season 8Ep. 136
Artificial Intelligence is innovating at a faster than ever before. Could there be a better response than fear? Sam Curry is the VP and Chief Information Security Officer at Zscaler, and he joins us to share his perspective on what AI means for cyber security. Tune in to hear how AI is advancing cybersecurity and the potential threats it poses to data and metadata protection. Sam delves into the nature of fearmongering and a more appropriate response to technological development before revealing...
Jul 31, 2023•54 min•Season 8Ep. 135
At the rate at which AI is infiltrating operations around the globe, AI regulation and security is becoming an increasingly pressing topic. As external regulations are put in place, it’s important to ensure that your internal compliance measures are up to scratch and your systems are safe. Joining us today to discuss the security of ML systems and AI applications is Ian Swanson, the Co-Founder and CEO of Protect AI. In this episode, Ian breaks down the five pillars of ML SecOps: supply chain vul...
Jun 05, 2023•1 hr•Season 8Ep. 134
In this episode of The Secure Developer, we delve into the subject of supply chain security across various ecosystems and languages, guided by industry experts Liran Tal and Roy Ram from Snyk. Liran is the Director of Developer Advocacy at Snyk and has a background working particularly in Node.js and JavaScript. Roy is a Senior Product Manager serving as part of the product team for Snyk Code, and has a background in cybersecurity and a solid understanding of C++. With a 20-year background in Ja...
May 15, 2023•38 min•Season 8Ep. 133
