Today on The Secure Developer, we interview the Director of Product Security at Datadog, Douglas DePerry. Doug has experience in the offense side of the industry, working as a security researcher and consultant at LeafSR and iSEC partners, and in the realm of defense, having been involved with various defense contractors and the US army. In this episode, Doug talks about wearing many hats at Datadog, first starting in infrastructure security and then moving along to product security amid the com...
Mar 31, 2020•19 min•Season 5Ep. 52
Security is a vital feature of a platform’s architecture on both the service provider as well as the consumer, and it helps to have a leader who can see the big picture. Our guest for today is Adrian Ludwig, Chief Information Security Officer at Atlassian. Adrian has a marketing and tech background, we speak to him about his transition between the two seemingly unrelated fields through his work at NSA, Adobe, Nest, and Android, and how both sides inform his approach to security at Atlassian.We t...
Mar 24, 2020•37 min•Season 5Ep. 51
Joining us on today’s episode of The Secure Developer is Mandi Walls, technical community manager at Chef Software. Her role involves helping technology organizations increase their effectiveness by using configuration management and other modern IT practices. Along with this, she is also a frequent speaker at tech conferences and is the author of the whitepaper, Building a DevOps Culture, published by O’Reilly. In this show, which is another DevSecCon special, Mandi shares more on the topic of ...
Mar 17, 2020•18 min•Season 5Ep. 50
Unsurprisingly, many high performing organizations in the DevOps space are simultaneously the best in security and in operations too. In this episode, we sit down to talk with Gene Kim about his work on the saves that get made by organizations who have great operations, and how this fits into their security. Gene Kim is the founder of Tripwire, author of The Unicorn Project and The Phoenix Project and has also co-authored The DevOps Handbook and the State of DevOps Report amongst other texts. He...
Mar 10, 2020•36 min•Season 5Ep. 49
Our guest today on the show is Clint Gibler, a research director at NCC Group, where he helps provide organizations with security consulting services. Clint speaks to Guy Podjarny at DevSecCon Seattle about the current landscape of application security, how his company fits into that as a global information assurance specialist and the job of helping companies scale their security efforts through cutting edge tools and processes. His vast experience in the field of security, with a wide range of...
Mar 03, 2020•22 min•Season 5Ep. 48
In the age of startups, diverse employee backgrounds are increasingly important for companies to be resilient and deeply innovative. People's prior experience helps their work in security both in expected and unexpected ways. Our guest today, Tad Whitaker, has one of the most interesting backgrounds we’ve yet to encounter. From working as a gold miner to a newspaper reporter to a private investigator, Tad’s journey to landing his role as a Engineering Manager at CircleCI has been very colorful. ...
Feb 25, 2020•39 min•Season 5Ep. 47
In our conversation, we chat to Julien about his current professional role, his talk at DevSecCon and the inspiration behind it before diving into his ideas on security's present and possible futures. Julien makes an argument for setting up 'paved roads' for security in order to save time and resources but rather than these being restrictive, he emphasizes the freedom that should remain built into these systems. For a fascinating chat with Julien and some insight into what is going at Mozilla cu...
Feb 18, 2020•14 min•Season 5Ep. 46
What Mike and the various other cloud businesses within the broader Cisco network have managed to do is create an environment where they share knowledge and learn from one another to the ultimate benefit of their customers. He talks about their system according to which his team engages with and gives feedback to engineers and the model they have implemented to constantly evaluate their efficiency. We switch to talking about Duo's acquisition by Cisco and how it has boosted the organization, and...
Feb 11, 2020•38 min•Season 5Ep. 45
In episode 44 of The Secure Developer, Guy Podjarny sits down with guest host Simon Maple of Snyk to reflect back on the numerous guests he’s had on the show throughout 2019, and the many security lessons and insights shared along the way. The post Ep. #44, Year in Review with Guy Podjarny appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Dec 26, 2019•49 min•Season 4Ep. 44
In episode 43 of The Secure Developer, Guy joins Stu Hirst, Principal Cloud Security Engineer at Just Eat. They discuss Stu’s journey into cloud security, avoiding burnout, cultivating better hiring practices, and the importance of failing fast. The post Ep. #43, Combatting Security Burnout with Stu Hirst of Just Eat appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Dec 12, 2019•37 min•Season 4Ep. 43
In episode 42 of The Secure Developer, Guy speaks with Kate Whalen, a security engineer at The Guardian, to discuss news media security and advocating security across many teams within a large organization. The post Ep. #42, News Media Security with Kate Whalen of The Guardian appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Nov 28, 2019•24 min•Season 4Ep. 42
In episode 41 of The Secure Developer, Guy talks with Sara Dunnack, a security engineer at InVision. They discuss methods for improving communication between DevSecOps, AppSec, and Engineering teams within an organization. The post Ep. #41, Optimizing Team Communication with Sara Dunnack of InVision appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Nov 14, 2019•21 min•Season 4Ep. 41
In episode 40 of The Secure Developer, Guy speaks with Brian Sodano, Director of Engineering at Liberty Mutual Insurance. They unpack what happens to security when a company goes through a large-scale digital transformation, and ruminate on the future of the security industry. The post Ep. #40, Large-Scale Digital Transformation with Brian Sodano of Liberty Mutual appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Oct 31, 2019•32 min•Season 4Ep. 40
In episode 39 of The Secure Developer, Guy is joined by Mohan Yelnadu, Head of AppSec at Prudential. They discuss Mohan’s journey from pen tester to DevSecOps consultant, security threat modeling, and his 6 principles of continuous security. The post Ep. #39, Build, Break, and Defend with Mohan Yelnadu of Prudential appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Oct 17, 2019•36 min•Season 4Ep. 39
In episode 38 of The Secure Developer, Guy speaks with Andy Ellis, CSO of Akamai. They discuss streamlining customer assurance, the role of an incidents coordinator, and the value of transparency between a security company and their associates. The post Ep. #38, You Own It, You Secure It with Andy Ellis of Akamai appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Oct 03, 2019•41 min•Season 4Ep. 38
In episode 37 of The Secure Developer, Guy speaks with James Kaplan of McKinsey & Co. James describes his journey into the telecommunications industry, and how many longstanding companies must reevaluate security practices when going through a digital transformation. The post Ep. #37, Security Transformation with James Kaplan of McKinsey & Company appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Sep 19, 2019•39 min•Season 4Ep. 37
In episode 36 of The Secure Developer, Guy is joined by Peter Oehlert of Smartsheet. They discuss holistic security approaches, understanding various categories of risk, and how the different teams in a large organization can work together to improve security. The post Ep. #36, Holistic Security with Peter Oehlert of Smartsheet appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Sep 05, 2019•41 min•Season 4Ep. 36
In episode 35 of The Secure Developer, Guy is joined by Robert C. Seacord of NCC Group, who champions the continued practice of coding security in C and C++, and offers practical advantages to using various programming languages in the Agile era. The post Ep. #35, Secure Coding in C/C++ with Robert C. Seacord of NCC Group appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Jul 25, 2019•28 min•Season 4Ep. 35
In episode 34 of The Secure Developer, Guy speaks with Siren Hofvander of Cybercom about her enlightening journey from the digital medical space to running a secure developer consulting team, as well as her empathy-driven ethos in the one-size-fits-all security world. The post Ep. #34, Positive Security with Siren Hofvander of Cybercom appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Jul 11, 2019•36 min•Season 4Ep. 34
In episode 33 of The Secure Developer, Guy is joined by Leif Dreizler and Eric Ellett of Segment. They discuss motivating security teams, the importance of investing time in your business relationships, and the longterm rewards of proper security training. The post Ep. #33, Engineering Teams with Leif Dreizler and Eric Ellett of Segment appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Jun 28, 2019•35 min•Season 4Ep. 33
In episode 32 of The Secure Developer, Duncan Godfrey from Auth0 speaks with Guy about his journey into security. Duncan also shares great insights into staying secure and compliant in a fast moving environment. The post Ep. #32, Security and Compliance with Duncan Godfrey of Auth0 appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Jun 13, 2019•34 min•Season 4Ep. 32
In episode 31 of The Secure Developer, Guy is joined by Tanya Janca, Cloud Advocate at Microsoft. Tanya shares insights, from her early days leading software teams for the Canadian government, to evangelizing software security at Microsoft. The post Ep. #31, Evangelizing Security with Tanya Janca of Microsoft appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
May 30, 2019•47 min•Season 4Ep. 31
In episode 30 of The Secure Developer, Guy speaks with Justin Somaini, a security industry leader and Founder of Somaini LLC. They discuss how security theory has changed over the past 25 years, and how AppSec can be improved by educating the developer community. The post Ep. #30, Improving Security Culture with Justin Somaini appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
May 16, 2019•36 min•Season 4Ep. 30
In episode 29 of The Secure Developer, Guy sits down with Liran Tal, Developer Advocate at Snyk, to discuss the state of open source, Docker security, and developer infrastructure. The post Ep. #29, The State of Open Source & Docker Security appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
May 02, 2019•28 min•Season 4Ep. 29
In episode 28 of The Secure Developer, Guy is joined by Jason Chan of Netflix to discuss simplifying the security process for software developers, as well as some of the open source projects Netflix has shared with the community. The post Ep. #28, Developer Empathy with Jason Chan of Netflix appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Apr 18, 2019•36 min•Season 4Ep. 28
In episode 27 of The Secure Developer, Guy is joined by Jeff McAffer, director of Microsoft’s Open Source Programs Office, who shares his insights on how to keep open source projects sustainable and secure for the whole community. The post Ep. #27, Open Source Security with Jeff McAffer of Microsoft appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Apr 04, 2019•31 min•Season 4Ep. 27
In episode 26 of The Secure Developer, Guy is joined by Jim Manico, founder of Manicode Security, to discuss insights from his long career as a security educator, and to explore the importance of developer training in application security. The post Ep. #26, Security Education with Jim Manico appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Mar 21, 2019•40 min•Season 4Ep. 26
In episode 25 of The Secure Developer, Guy meets with Simon Bennett, VP Product at Bitnami, to discuss golden images, image layering, and how Bitnami helps accelerate application delivery across multiple clouds. The post Ep. #25, Golden Images with Simon Bennett of Bitnami appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Mar 14, 2019•42 min•Season 4Ep. 25
In episode 24 of The Secure Developer, Guy is joined by Omer Levi Hevroni, DevSecOps Engineer at Soluto, to discuss application security, OWASP, security ‘mavens,’ and more. The post Ep. #24, Application Security with Omer Levi Hevroni appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Jan 24, 2019•38 min•Season 4Ep. 24
In episode 23 of The Secure Developer, Guy speaks with Zach Powers, CISO of One Medical, to discuss the evolution of security at One Medical, what he looks for when hiring for his team, and why automation is a must. The post Ep. #23, Automation with One Medical’s Zach Powers appeared first on Heavybit . Follow Us Our Website Our LinkedIn...
Nov 20, 2018•37 min•Season 3Ep. 23
