Security Weekly
Enterprise Security WeeklySubscribe

SWVHSC Micro Interviews: CrowdStrike & Synopsys – Ian McShane, Michael Borohovski – ESW #197

This year we’ve seen organizations accelerate their so-called digital transformation almost overnight. Now we’re getting to the point where security leaders and business owners need to stop and take stock of what happened, what’s a temporary band aid, and figure out how to build their strategy without the luxury of getting yelled at by vendor booths in Mandalay Bay. This segment is sponsored by CrowdStrike. Visit https://securityweekly.com/crowdstrike for a totally free trial!

CrowdStrike at Black Hat USA 2020 https://www.crowdstrike.blog/join-crowdstrike-at-black-hat-2020/

All applications use APIs—they’re nothing new to the development world. But are organizations factoring API security into their broader security strategy effectively? We’ve seen high-profile breaches at well-known companies stemming from their exposure or use of insecure API endpoints. This raises the question of how your software security initiative addresses the controls you need to ensure the APIs you use and produce are secure. Within this segment, Michael Borohovski will discuss key considerations when designing APIs, along with security controls and security testing that could make or break your software. This segment is sponsored by Synopsys.

Visit https://securityweekly.com/synopsys to learn more about them!

Full episode and show notes

Guests

Ian McShane
VP, Product Marketing at CrowdStrike

With almost twenty years in information security including practitioner, product manager, and a shift as the lead Gartner analyst for endpoint security and EDR, CrowdStrike’s VP of Product Marketing Ian McShane has seen a lot of crazy things in his time.

Michael Borohovski
Director of Software Engineering at Synopsys

Michael “Borski” Borohovski is Director of Software Engineering within the Synopsys Software Integrity Group. He co-founded and was CTO of Tinfoil Security, a SaaS company providing security tooling to DevOps teams, prior to the company’s acquisition by Synopsys in January 2020. With over thirteen years of experience in cybersecurity, Borski has made it his mission to empower developers and protect their work from those seeking to cause mischief. He is also a co-inventor on four patents—with an additional four pending. He holds a BS in Computer Science and Engineering from MIT.

Hosts

Chief Product Officer at CyberSaint
Principal Security Evangelist at Eclypsium

Related

Threat Modeling and Understanding Inherent Threats – Adam Shostack – ESW #359

This is a great interview with Adam Shostack on all things threat modeling. He's often the first name that pops into people's heads when threat modeling comes up, and has created or been involved with much of the foundational material around the subject. Adam recently released a whitepaper that focuses on and defines inherent threats. Resources: ...
How GenAI Can Improve SecOps – Ely Kahn – ESW #359

We've talked about generative AI in a general sense on our podcast for years, but we haven't done many deep dives into specific security use cases. That ends with this interview, as we discuss how generative AI can improve SecOps with Ely Kahn. Some of the use cases are obvious, while others were a complete surprise to me. Check out this episode if...