Container security, DevOps, Cloud Security

ASW #152

May 24, 2021

 

 


 

Sponsored By

 

 



Visit https://securityweekly.com/shiftleft for more information!

 

Appsec in a modern CI pipeline needs a combination of tools, collaboration, and processes to be successful. Importantly, it also needs to scale. We can’t just shift responsibility left and assume that will be successful. So, how can an appsec team bring tools and security knowledge to developers?

This segment is sponsored by ShiftLeft.

Visit https://securityweekly.com/shiftleft to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

Bringing AppSec to a Modern CI Pipeline

Guests

Manish Gupta

Manish Gupta – CEO and Co-Founder at ShiftLeft

 

@manishguptaTD

 

Manish has 15+ years in cybersecurity. He was previously the Chief Product and Strategy Officer at FireEye, helping grow the company from approximately $70 million to more than $700 million in revenue. Prior, he was VP of Product Management for Cisco’s $2 billion security portfolio. He also served as a VP/GM at McAfee growing the network security business five fold in 5 years.

Hosts

John Kinsella

John Kinsella – Chief Architect at Accurics

 

@johnlkinsella

 

John Kinsella is the Chief Architect for Accurics

Mike Shema

Mike Shema – Product Security Lead at Square

 

@Codexatron

 

Mike Shema is the Product Security Lead of Square

Announcements

  • Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!



This week in the AppSec News segment, Mike and John talk: HTTP bug bothers IIS, Android platform security, supply chain security (new and old), brief (very brief) history of browser security, & more! Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

IIS Bug, Browsers & Androids & Supply Chains Oh My!

Hosts

John Kinsella

John Kinsella – Chief Architect at Accurics

@johnlkinsella

John Kinsella is the Chief Architect for Accurics

Mike Shema

Mike Shema – Product Security Lead at Square

@Codexatron

Mike Shema is the Product Security Lead of Square

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!

  • In our May 27th webcast at 11am ET, we’ll explore the latest attacks against DNS and the latest techniques that make it possible to discover and disrupt attacks. In our June 3 webcast at 11am ET, you will learn about pen testing tools and why every organization should be using them regularly. Then join us June 10 at 11am ET for our webcast on insider risk to learn how to quickly mitigate data exposure risks. Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

prestitial ad