Episode Summary In this episode of The Secure Developer, Danny Allan , CTO of Snyk, sits down with Wayne Chang , Founder and CEO of SpruceID , to explore the evolving landscape of digital identity and security. From self-sovereign identity to the role of AI in authentication, they discuss the future of identity management, the risks of centralized systems, and the benefits of decentralized approaches. They also dive into how policy, compliance, and emerging technologies like passkeys and zero-kn...
Mar 04, 2025•39 min•Ep 159•Transcript available on Metacast Episode Summary Security is more than just a checklist—it’s a cultural movement. In this episode, Dustin Lehr , Co-founder of Katilyst , joins Danny Allan to explore the intersection of security, engineering, and culture. They discuss how to foster security champions, scale security programs, and build a culture where developers naturally integrate security into their workflows. Dustin shares insights from his extensive career, offering practical strategies for creating lasting change in securit...
Feb 18, 2025•38 min•Ep 158•Transcript available on Metacast Episode Summary Join Jeremiah Grossman , application security pioneer and former CEO of WhiteHat Security , as he reflects on decades of innovation in the industry, from the early days of OWASP to today’s AI-driven development landscape. Explore critical discussions about the escalating costs of security, aligning developer incentives, and the future challenges posed by AI-generated vulnerabilities. Packed with insights, this episode dives deep into the strategies and frameworks shaping the way ...
Feb 04, 2025•37 min•Ep 157•Transcript available on Metacast Episode Summary In this episode of The Secure Developer, host Danny Allan sits down with David Mytton , founder and CEO of Arcjet , former CEO of Server Density , and co-founder of Console.dev . David shares his insights into bridging the “developer-security gap” with Arcjet, a cutting-edge middleware SDK designed to empower developers with advanced security tools like rate limiting and bot protection. The conversation dives into the evolution of developer tools, the growing role of AI in coding...
Jan 21, 2025•34 min•Ep 156•Transcript available on Metacast Episode Summary Imagine if AI could detect and fix vulnerabilities in your code faster and with greater precision than ever before. That future is already here! In today’s episode, we’re joined by Berkay Berabi , an AI researcher and Senior Software Engineer at Snyk , to dive into the cutting-edge world of AI-powered vulnerability detection. Berkay offers insight into how Snyk is leveraging a hybrid AI approach to detect and fix vulnerabilities in code, combining human-driven expertise with mach...
Jan 07, 2025•30 min•Ep 155•Transcript available on Metacast Episode Summary Are you ready to revolutionize your coding experience with cutting-edge AI tools? In this episode of The Secure Developer, host Danny Allan is joined by Jeff Wang , Head of Business at Codeium , to take a deep dive into the transformative power of generative AI in software development. Discover how coding assistants have evolved from simple auto-complete functions to sophisticated AI-driven tools, the significant impact these advancements have had on productivity and innovation, ...
Aug 06, 2024•35 min•Ep 154•Transcript available on Metacast Episode Summary In this episode of The Secure Developer, David Imhoff , Director of DevSecOps and Product Security at Kroger , shares insights on implementing DevSecOps in large organizations. He discusses balancing regulatory compliance with business objectives, fostering a security culture, and the challenges of risk mitigation. David also explores the importance of asset management, security champions, and the potential impact of AI on cybersecurity practices. Show Notes In this episode of Th...
Jul 23, 2024•40 min•Ep 153•Transcript available on Metacast Episode Summary In this special episode of “The Secure Developer,” host Danny Allan interviews Snyk founder Guy Podjarny about the origins and evolution of Snyk. Guy shares his journey from conceptualizing Snyk in the shower to building it into a developer-first security platform. They discuss the challenges and successes of integrating security into the developer workflow, the importance of open-source security, and the impact of AI on the industry. Guy also provides insights into Snyk’s focus ...
May 28, 2024•51 min•Ep 152•Transcript available on Metacast Episode Summary In this episode of The Secure Developer we're joined by Brian Vallelunga , Founder and CEO of Doppler , to discuss the importance of secrets management in modern application development. Brian shares his journey in creating Doppler, a secrets manager designed for developers and DevOps teams, and highlights the challenges organizations face in managing sensitive data such as API keys, database credentials, and certificates. The conversation explores best practices for secure secre...
Apr 23, 2024•26 min•Ep 151•Transcript available on Metacast Special news about the future of The Secure Developer! Follow Us Our Website Our LinkedIn
Apr 09, 2024•3 min•Ep 150•Transcript available on Metacast Episode Summary Are you curious about the ever-changing landscape of data security? In this episode, we are joined by Danny Allan , the newly appointed Chief Technology Officer at Snyk, to delve into the evolving landscape of data security. In our conversation, we discussed his professional background and how he went from hacking security systems at university to becoming a security expert at Snyk. Hear about his experience in dynamic application security testing and the challenges and opportuni...
Mar 20, 2024•37 min•Ep 149•Transcript available on Metacast Episode Summary Explore the role of consolidated platforms in software development with our guest, John Delmare , Global Application and Cloud Security Lead of Accenture. This episode dives into the growing complexity in the developer space and how these platforms streamline processes and foster collaboration among distributed teams. We discuss balancing application and cloud security, the financial and time-saving benefits of integrated platforms, and the role of best-of-breed technology in an ...
Feb 26, 2024•29 min•Ep 148•Transcript available on Metacast Episode Summary In this episode of The Secure Developer, Guy Podjarny and guest Sean Catlett discuss the shift from traditional to engineering-first security practices. They delve into the importance of empathy and understanding business operations for enforcing better security. Catlett emphasizes utilizing AI for generic tasks to focus on crafting customized security strategies. Show Notes In this episode of The Secure Developer, host Guy Podjarny chats with experienced CISO Sean Catlett about ...
Feb 12, 2024•49 min•Ep 147•Transcript available on Metacast Episode Summary In this special episode, our guest host, Liran Tal , interviews Snyk's Staff Security Researcher, Rory McNamara , about newly discovered high-impact container breakout vulnerabilities. Liran and Rory go deep into the vulnerabilities and cover everything you need to know, how the vulnerabilities were discovered, and much more. Show Notes In this informative episode of The Secure Developer, guest host Liran Tal chats with Snyk security researcher Rory McNamara about his ground-brea...
Jan 31, 2024•51 min•Ep 146•Transcript available on Metacast Episode Summary Laura Bell Main , CEO at SafeStack , discusses the two-fold implications of AI for threat modeling in DevSecOps. She highlights challenges in integrating AI systems, the importance of data verifiability, and the potential efficiencies AI tools can introduce. With guidance, she suggests it's possible to manage the complexities and ensure the responsible utilization of AI. Show Notes In this intriguing episode of The Secure Developer, listen in as Laura Bell Main, CEO at SafeStack,...
Jan 29, 2024•45 min•Ep 145•Transcript available on Metacast In this engaging episode, hosts Simon Maple and Guy Podjarny delve into the transformative role of AI in software development and its implications for security practices. The discussion starts with a retrospective look at 2023, highlighting key trends and developments in the tech world. In particular, they discuss how generative AI is reshaping the landscape, altering the traditional roles of developers and necessitating a shift in security paradigms. Simon and Guy explore AI-generated code chal...
Jan 08, 2024•1 hr 7 min•Ep 144•Transcript available on Metacast Episode Summary Guy explores AI security challenges with Salesforce's VP of Security, Henrik Smith . They discuss the fine line between authentic and manipulated AI content, stressing the need for strong operational processes and collaborative, proactive security measures to safeguard data and support secure innovation. Show Notes In this episode, host Guy Podjarny sits down with Henrik Smith, VP of Security at Salesforce, to delve into the intricacies of AI and its impact on security. As the li...
Dec 11, 2023•46 min•Ep 143•Transcript available on Metacast Episode Summary In this episode of The Secure Developer, our co-hosts Simon Maple and Guy Podjarny discuss the rise of AI in code generation. Drawing from Snyk's 2023 AI Code Security Report , they examine developers' concerns about security and the importance of auditing and automated controls for AI-generated code. Show Notes In this compelling episode of The Secure Developer, hosts Simon Maple and Guy Podjarny delve into the fascinating and fast-paced world of artificial intelligence (AI) in ...
Dec 04, 2023•43 min•Ep 142•Transcript available on Metacast Episode Summary In this episode, Tomasz Tunguz of Theory Ventures discusses the intersection of AI, technology, and security. We explore how AI is revolutionizing software development, data management challenges, and security's vital role in this dynamic landscape. Show Notes In this episode of The Secure Developer, Guy Podjarny engages in a deep and insightful conversation with Tomasz Tunguz, founding partner of Theory Ventures. They delve into the fascinating world of AI security and its burge...
Nov 20, 2023•46 min•Ep 141•Transcript available on Metacast Episode Summary In this episode, Dr. Christina Liaghati discusses incorporating diverse perspectives, early security measures, and continuous risk evaluations in AI system development. She underscores the importance of collaboration and shares resources to help tackle AI-related risks. Show Notes In this enlightening episode of The Secure Developer, Dr. Christina Liaghati of MITRE offers valuable insights on the necessity of integrating security considerations right from the design phase in AI s...
Oct 30, 2023•36 min•Ep 140•Transcript available on Metacast This week, we're rewinding to play one of our favorite episodes from the archive! We'll be back with a brand-new episode in two weeks! Today’s guest is someone we have wanted to have on the show for a long time, and we are so happy to finally welcome him. Dev Akhawe is the Head of Security at Figma, the first state-of-the-art interface design tool that runs entirely in your browser. Before that, Dev worked at Dropbox, as Director of Security Engineering, leading application security, infrastruct...
Oct 16, 2023•44 min•Ep 139•Transcript available on Metacast As AI adoption continues to grow, it's important that effective risk management strategies and industry security standards evolve along with it. To discuss this, we are joined by Royal Hansen, the VP of Engineering for Privacy, Safety, and Security at Google, where he drives the overall information security strategy for the company’s technical infrastructure (and keeps billions of people safe online). Royal cut his teeth as a software developer for Sapient before building a cyber-security practi...
Oct 02, 2023•54 min•Ep 138•Transcript available on Metacast Security is changing quickly in the fast-paced world of AI. During this episode, we explore AI safety and security with the help of David Haber, who co-founded Lakera.ai. David is also the creator of Gandalf, an AI tool that makes Large Language Models (LLMs) accessible to everyone. Join us as we dive into the world of prompt injections, AI behavior, and its corresponding risks and vulnerabilities. We discuss questions about data poisoning and protections and explore David’s motivation to create...
Sep 19, 2023•52 min•Ep 137•Transcript available on Metacast On episode 126 of The Secure Developer we had a fascinating conversation with Guy Rosen, who is the current CISO at Meta. In our chat, we are able to mine Guy's vast experience, expertise, and perspective on what being CISO at a huge tech company in today's climate requires, focusing on how security and integrity concerns come together and play out. In his role at Meta, Guy oversees both of these areas, and listeners will get to hear how he distinguishes the two worlds, and also where they overl...
Aug 15, 2023•43 min•Ep 136•Transcript available on Metacast Artificial Intelligence is innovating at a faster than ever before. Could there be a better response than fear? Sam Curry is the VP and Chief Information Security Officer at Zscaler, and he joins us to share his perspective on what AI means for cyber security. Tune in to hear how AI is advancing cybersecurity and the potential threats it poses to data and metadata protection. Sam delves into the nature of fearmongering and a more appropriate response to technological development before revealing...
Jul 31, 2023•54 min•Ep 135•Transcript available on Metacast At the rate at which AI is infiltrating operations around the globe, AI regulation and security is becoming an increasingly pressing topic. As external regulations are put in place, it’s important to ensure that your internal compliance measures are up to scratch and your systems are safe. Joining us today to discuss the security of ML systems and AI applications is Ian Swanson, the Co-Founder and CEO of Protect AI. In this episode, Ian breaks down the five pillars of ML SecOps: supply chain vul...
Jun 05, 2023•1 hr•Ep 134•Transcript available on Metacast In this episode of The Secure Developer, we delve into the subject of supply chain security across various ecosystems and languages, guided by industry experts Liran Tal and Roy Ram from Snyk. Liran is the Director of Developer Advocacy at Snyk and has a background working particularly in Node.js and JavaScript. Roy is a Senior Product Manager serving as part of the product team for Snyk Code, and has a background in cybersecurity and a solid understanding of C++. With a 20-year background in Ja...
May 15, 2023•38 min•Ep 133•Transcript available on Metacast No one wants to fall prey to a security breach, but in the event that it does occur, it’s important to have systems in place to manage it. In episode 132 of The Secure Developer, we are joined by the CTO of CircleCI, Rob Zuber to discuss the security incident CircleCI announced on January 4th. Rob shares insight into what CircleCI does, how the incident affected customers, and how they communicated it to the public. We find out how the industry responded and adapted to the incident, as well as h...
Apr 25, 2023•47 min•Ep 132•Transcript available on Metacast In episode 131 of The Secure Developer, you’ll hear from former TikTok CISO Roland Cloutier about the realities of securing user-generated content at scale and his belief that we need to take a strictly data-centric approach rather than a humanistic one to solve many of these privacy-related issues. Tuning in, you’ll gain some insight into what it takes to oversee a social media company's cybersecurity, data protection, and crisis management, and find out why Roland believes that an innate under...
Apr 05, 2023•50 min•Ep 131•Transcript available on Metacast In episode 130 of The Secure Developer, we bring cast our focus on cloud security, and to help us examine this subject we welcome Rick Doten to the show! Rick shares his insight on what cloud security is, some of its history, current concerns in the field, and his hopes and ideas for its future. Our guest generously offers some of his vast experience talking about basic controls, how to organise security teams, necessary education and skills development, and the challenges of putting theoretical...
Mar 17, 2023•41 min•Ep 130•Transcript available on Metacast 
