Application security, DevOps

Answering the ‘How’ Questions of Software Security – Nikhil Gupta – ASW #199

Nikhil will be discussing the pain points that leaders in the application security space are facing, which can cover how software development has evolved, as well as how this has impacted development teams and security teams as well as the occurrence of shifting left. He would also like to speak to the solution he has found to this problem, specifically being that of developing a community, the Purple Book Community. This closely connects to the final topics he would like to cover, which include how breaches have continued to occur at an increasingly rapid pace, leading to the importance behind why and how companies should be prepared for when, not if, a cyber attack will occur. The talk will also cover how the Purple Book of Software Security came about and how it has now morphed into a global movement by security leaders, for security leaders, to develop secure software.

Segment Resources:

Full episode and show notes


  • Don't miss any of your favorite Security Weekly content! Visit to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!


Nikhil Gupta
Nikhil Gupta
Co-Founder and CEO at ArmorCode

Nikhil Gupta is the founder and CEO of ArmorCode, the Silicon Valley startup delivering application security at the speed of DevOps. Gupta is a successful serial entrepreneur with more than 25 years of experience leading high-growth security teams. Prior to founding ArmorCode, Gupta was the CEO and Co-founder of Avid Secure (acquired by Sophos), a market-leading AI-powered multi-cloud security and compliance platform.

Gupta is also one of the creators of The Purple Book Community (, a diverse community of security leaders who are examining issues related to software security, a topic that has sparked immense interest given recent high-profile cyberattacks on government entities, public sector organizations, and private companies. It started out as a project to write a book on best practices in software security but due to the tremendous interest in the subject, it grew into a community of hundreds of software security leaders. With the launch of AppSecCon 2022 (, world’s premier AppSec conference, it is now morphing into a movement by security leaders, for security leaders.


Mike Shema
Mike Shema
Security Partner at Square
prestitial ad