Security Weekly
DevOps

DevOps and Securing Applications – PSW #632

Full episode and show notes

Guests

Chris Eng
Chris Eng
Chief Research Officer at Veracode

Chris Eng is Chief Research Officer at Veracode. A founding member of the Veracode team, he is responsible for all research initiatives including applied research and product security. Chris is a frequent speaker at industry conferences and serves on review boards for Black Hat USA and the Kaspersky Security Analyst Summit. He is also a charter member of MITRE’s CWE/CAPEC Board. Bloomberg, Fox Business, CBS, and other prominent media outlets have featured Chris in their coverage. Previously, Chris was technical director at Symantec (formerly @stake) and an engineer at the National Security Agency.

Eric Johnson
Eric Johnson
Principal Security Engineer at Puma Security

Eric is co-founder and Principal Security Engineer at Puma Security focusing on cloud security, static code analysis, and DevSecOps automation. His experience includes performing cloud security reviews, infrastructure as code automation, application security automation, web and mobile application penetration testing, secure development lifecycle consulting, and secure code review assessments. Eric is also a Principal Instructor with the SANS Institute where he authors information security courses on cloud security, DevSecOps automation, secure coding, and defending mobile apps. He delivers security training for SANS around the world, and presents security research at conferences including SANS, BlackHat, OWASP, BSides, RSA, DevOpsDays, and ISSA.

Frank Catucci
Frank Catucci
Head of AppSec at DataRobot

Frank Catucci is a global application security leader with over 15 years of diverse experience which grants him the unique ability to see and lead information and application security with a unique, complete and holistic approach. Frank is currently leading efforts within application security and devsecops with groundbreaking security research, techniques and completeness of vision, as a pioneer and leader of application security and devsecops advancement.

James Ford
James Ford
Head of Information Security at CrossBorder Solutions

As a technology leader with wide-ranging experience over 24 years at ADP, instilling entrepreneurial dynamism into product development has been a constant theme of my career. ADP is a world-class provider of solutions. My efforts delivered the technical vision and direction for dozens of products addressing complex business needs with well-designed simplicity. This set me up well to transition to helping other companies solve difficult problems… My value comes from knowing what to do to bring a product to life with minimal risk and maximum benefit to customers and the bottom line. I’ve seen just about every business, project, and technology situation, and can look at an idea from both big picture and detail perspectives to ensure a product’s success. Much of my work focuses on the people side of technology. I thrive on shaping great teams and cultures needed for breakthrough innovation, and on being an evangelist – I love to share knowledge about new products, practices, and technologies to help emerging companies punch above their weight and achieve their business goals through technology.

Jason Kent
Jason Kent
Hacker in Residence at Cequence Security

For over the last 20 years, Jason has been ethically peering into Client Behavior, Wireless Networks, Web Applications, APIs and Cloud Systems, helping organizations secure their assets and intellectual property from unauthorized access. As a consultant he’s taken hundreds of organizations through difficult compliance mine fields, ensuring their safety. As a researcher he has found flaws in consumer IoT systems and assisted in hardening them against external attacks. At Cequence Security Jason does research, community outreach and supports efforts in identifying Automated Attacks against Web, Mobile, and API-based Applications to keep Cequence’s customers safe.

Josh Corman
Josh Corman
Founder, I am The Cavalry / recently Chief Strategist for the CISA COVID Task Force at I am The Cavalry

Joshua Corman is a Founder of I am The Cavalry (dot org), and recently served as Chief Strategist for the CISA COVID Task Force. He previously served as CSO for PTC, Director of the Cyber Statecraft Initiative for the Atlantic Council, CTO for Sonatype, and other senior roles. He co-founded RuggedSoftware and IamTheCavalry to encourage new security approaches in response to the world’s increasing dependence on digital infrastructure. His unique approach to security in the context of human factors, adversary motivations, and social impact has helped position him as one of the most trusted names in security. He also serves as an Adjunct Faculty for Carnegie Mellon’s Heinz College, and was a member of the Congressional Task Force for Healthcare Industry Cybersecurity.

Keith Hoodlet
Keith Hoodlet
Application Security Manager at Thermo Fisher Scientific

Keith Hoodlet is the Application Security Manager at Thermo Fisher Scientific. He is the Co-Founder of the InfoSec Mentors Project .

Sandy Carielli
Sandy Carielli
Principal Analyst at Forrester Research

Sandy is a principal analyst at Forrester advising security and risk professionals on application security, with a particular emphasis on the collaboration among security and risk, application development, operations, and business teams. Her research covers topics such as proactive security design, security testing in the software delivery lifecycle, protection of applications in production environments, and remediation of hardware and software flaws.

Hosts

April Wright
April Wright
Preventative Security Specialist at Architect Security
John Kinsella
John Kinsella
Co-founder & CTO at Cysense
Matt Alderman
Matt Alderman
VP, Product at Living Security
Mike Shema
Mike Shema
Security Partner at Square
Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
prestitial ad