BH2020 Subscribe

Application security, Careers, Cloud security, DevOps

Developer Security Champions – Sandy Carielli – BH20 #3

August 5, 2020

Firms that want to secure applications are challenged by understaffed security teams and lack of security awareness on the part of developers. Developer security champions are developers who act as a security point of contact in their team, but programs to create and support them require investment and planning.

Full episode and show notes

Guest

Sandy Carielli

Sandy Carielli

Principal Analyst at Forrester Research

https://www.forrester.com/

Sandy is a principal analyst at Forrester advising security and risk professionals on application security, with a particular emphasis on the collaboration among security and risk, application development, operations, and business teams. Her research covers topics such as proactive security design, security testing in the software delivery lifecycle, protection of applications in production environments, and remediation of hardware and software flaws.

Hosts

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

Matt Alderman

Matt Alderman

VP, Product at Living Security

Related

Managed services

Generative AI Security Implications, Protecting Web Applications – Liam Mayron – PSW #786

May 24, 2023

Liam Mayron from Fastly comes on the show to talk about his unique path into information security, the security implications of generative AI, advances in technologies to protect web applications, detecting bots, and enabling better MSP services! This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them!...

Managed services

Are MSSPs Snubbing Web Security? Why Websites Take a Back Seat to Network Needs – CFH #22

May 23, 2023

It's understandable why many organizations' cyber investments heavily concentrate on protecting core networks and data centers from breaches and ransomware attacks. But let's not overlook the importance of ensuring that your website remains operational, especially when it directly drives revenue through sales or advertisements. Threats such as DDoS...

New TLDs Zip By, eBPF Fuzzer, Microsoft Rocks Rust, Unwanted Tracking Spec – ASW #242

May 22, 2023

New TLDs are already old news, fuzzing eBPF validators, Microsoft sets to kill bug classes, draft RFC to track location trackers, a top ten list with directory traversal on it, conference videos from Real World Crypto and BSidesSF, and an attack tree generator from markdown.