ASW #146 | SC Media
DevOps, Training, Threat modeling

ASW #146

April 5, 2021



The security industry generally agrees on the value of enabling developers in an agile environment—although we don’t agree on what to call it… “Shifting Left,” “Creating a Paved Path,” “DevSecOps.” Regardless of the name, we tend to focus on teaching developers how to Sec, but there’s less focus on security engineers learning how to Dev.

This segment will focus on how to create a meaningful partnership between security and software engineers.

Segment Resources:
https://segment.com/blog/shifting-engineering-right/
Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

Shifting Right: What Security Engineers Can Learn From DevSecOps

Guests

Leif Dreizler

Leif Dreizler – Engineering Manager, Product Security at Segment

@leifdreizler

Leif manages the Product Security team at Segment. The ProdSec Team is focused on partnering with software engineering teams to design and implement security features for the Segment product. Leif got his start in the security industry at Redspin doing security consulting work, and was later an early employee at Bugcrowd. He helps organize the Bay Area OWASP Chapter, the AppSec California Conference and LocoMocoSec.

Hosts

John Kinsella

John Kinsella – Chief Architect at Accurics

@johnlkinsella

John Kinsella is the Chief Architect for Accurics

Mike Shema

Mike Shema – Product Security Lead at Square

@Codexatron

Mike Shema is the Product Security Lead of Square

Announcements

Audio



PHP deals with two malicious commits, SSO and OAuth attack vectors to remember for your threat models, zines for your DevSecOps education! Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

Malicious PHP Commits, OAuth Attacks & XML Injection, & Zines For DevSecOps

Hosts

John Kinsella

John Kinsella – Chief Architect at Accurics

@johnlkinsella

John Kinsella is the Chief Architect for Accurics

Mike Shema

Mike Shema – Product Security Lead at Square

@Codexatron

Mike Shema is the Product Security Lead of Square

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Audio

prestitial ad