<p><iframe style="border: none;" src="//html5-player.libsyn.com/embed/episode/id/19221110/height/90/theme/custom/thumbnail/yes/direction/backward/render-playlist/no/custom-color/a93a3c/" width="100%" height="90" scrolling="no" allowfullscreen="allowfullscreen"></iframe></p>
<p> </p>
<p> </p>
<center><br /><video poster="https://securityweekly.com/wp-content/uploads/2021/05/wordpress_Manish-0.png" controls="controls" width="640" height="360"><source src="https://wpmedia-converted.s3.us-east-2.amazonaws.com/ASW_152_-_Manish_Gupta-0.mp4" type="video/mp4" /></video></center>
<p> </p>
<h1>Sponsored By</h1>
<p> </p>
<p> </p>
<center><br /><img class="alignnone  wp-image-37646" src="https://securityweekly.com/wp-content/uploads/2021/05/SL_horiz_rgb_owasp96-245x89.jpg" alt="" width="616" height="224" /><br /><strong>Visit <a href="https://securityweekly.com/shiftleft">https://securityweekly.com/shiftleft</a> for more information!</strong></center>
<p> </p>
<p>Appsec in a modern CI pipeline needs a combination of tools, collaboration, and processes to be successful. Importantly, it also needs to scale. We can’t just shift responsibility left and assume that will be successful. So, how can an appsec team bring tools and security knowledge to developers?</p>
<p>This segment is sponsored by ShiftLeft.</p>
<p>Visit <a href="https://securityweekly.com/shiftleft" rel="nofollow">https://securityweekly.com/shiftleft</a> to learn more about them! Visit <a href="https://www.securityweekly.com/asw" rel="nofollow">https://www.securityweekly.com/asw</a> for all the latest episodes!</p>
<p><a href="https://securityweekly.com/asw152">Full Episode Show Notes</a></p>
<h1>Bringing AppSec to a Modern CI Pipeline</h1>
<h1>Guests</h1>
<table>
<tbody>
<tr valign="top">
<td style="padding-right: 10px; width: 150px;"><img class=" wp-image-210" src="https://securityweekly.com/manish-0/" alt="Manish Gupta" width="120px;" height="96" /></td>
<td>
<p style="margin-bottom: 0;">Manish Gupta - CEO and Co-Founder at ShiftLeft</p>
<p> </p>
<p style="margin-bottom: 0;">@manishguptaTD</p>
<p> </p>
<p>Manish has 15+ years in cybersecurity. He was previously the Chief Product and Strategy Officer at FireEye, helping grow the company from approximately $70 million to more than $700 million in revenue. Prior, he was VP of Product Management for Cisco’s $2 billion security portfolio. He also served as a VP/GM at McAfee growing the network security business five fold in 5 years.</p>
</td>
</tr>
</tbody>
</table>
<h1>Hosts</h1>
<table>
<tbody>
<tr valign="top">
<td style="padding-right: 10px; width: 150px;"><img class="wp-image-210" src="https://securityweekly.com/john_kinsella-1/" alt="John Kinsella" width="150px;" height="96" /></td>
<td>
<p style="margin-bottom: 0;">John Kinsella - Chief Architect at Accurics</p>
<p> </p>
<p style="margin-bottom: 0;">@johnlkinsella</p>
<p> </p>
<p>John Kinsella is the Chief Architect for Accurics</p>
</td>
</tr>
<tr valign="top">
<td style="padding-right: 10px; width: 150px;"><img class="wp-image-210" src="https://securityweekly.com/mike-shema-0/" alt="Mike Shema" width="150px;" height="96" /></td>
<td>
<p style="margin-bottom: 0;">Mike Shema - Product Security Lead at Square</p>
<p> </p>
<p style="margin-bottom: 0;">@Codexatron</p>
<p> </p>
<p>Mike Shema is the Product Security Lead of Square</p>
</td>
</tr>
</tbody>
</table>
<h1>Announcements</h1>
<ul style="margin-left: 50px;">
<li>
<p>Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN <span class="caps">PERSON</span> October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners &amp; InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event <span class="caps">AND</span> you will save 20% off on your world pass! Visit <a href="https://securityweekly.com/isw2021" rel="nofollow">https://securityweekly.com/isw2021</a> to register using our discount code!</p>
</li>
<li>
<p>Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting <a href="https://securityweekly.com/guests" rel="nofollow">https://securityweekly.com/guests</a> and completing the form! We review suggestions monthly and will reach out to you once reviewed!</p>
</li>
</ul>

<p><iframe style="border: none;" src="//html5-player.libsyn.com/embed/episode/id/19221110/height/90/theme/custom/thumbnail/yes/direction/backward/render-playlist/no/custom-color/a93a3c/" width="100%" height="90" scrolling="no" allowfullscreen="allowfullscreen"></iframe></p>
<p> </p>
<p> </p>
<center><br /><video poster="https://securityweekly.com/wp-content/uploads/2021/05/wordpress_Manish-0.png" controls="controls" width="640" height="360"><source src="https://wpmedia-converted.s3.us-east-2.amazonaws.com/ASW_152_-_Manish_Gupta-0.mp4" type="video/mp4" /></video></center>
<p> </p>
<h1>Sponsored By</h1>
<p> </p>
<p> </p>
<center><br /><img class="alignnone  wp-image-37646" src="https://securityweekly.com/wp-content/uploads/2021/05/SL_horiz_rgb_owasp96-245x89.jpg" alt="" width="616" height="224" /><br /><strong>Visit <a href="https://securityweekly.com/shiftleft">https://securityweekly.com/shiftleft</a> for more information!</strong></center>
<p> </p>
<p>Appsec in a modern CI pipeline needs a combination of tools, collaboration, and processes to be successful. Importantly, it also needs to scale. We can’t just shift responsibility left and assume that will be successful. So, how can an appsec team bring tools and security knowledge to developers?</p>
<p>This segment is sponsored by ShiftLeft.</p>
<p>Visit <a href="https://securityweekly.com/shiftleft" rel="nofollow">https://securityweekly.com/shiftleft</a> to learn more about them! Visit <a href="https://www.securityweekly.com/asw" rel="nofollow">https://www.securityweekly.com/asw</a> for all the latest episodes!</p>
<p><a href="https://securityweekly.com/asw152">Full Episode Show Notes</a></p>
<h1>Bringing AppSec to a Modern CI Pipeline</h1>
<h1>Guests</h1>
<table>
<tbody>
<tr valign="top">
<td style="padding-right: 10px; width: 150px;"><img class=" wp-image-210" src="https://securityweekly.com/manish-0/" alt="Manish Gupta" width="120px;" height="96" /></td>
<td>
<p style="margin-bottom: 0;">Manish Gupta &#8211; CEO and Co-Founder at ShiftLeft</p>
<p> </p>
<p style="margin-bottom: 0;">@manishguptaTD</p>
<p> </p>
<p>Manish has 15+ years in cybersecurity. He was previously the Chief Product and Strategy Officer at FireEye, helping grow the company from approximately $70 million to more than $700 million in revenue. Prior, he was VP of Product Management for Cisco’s $2 billion security portfolio. He also served as a VP/GM at McAfee growing the network security business five fold in 5 years.</p>
</td>
</tr>
</tbody>
</table>
<h1>Hosts</h1>
<table>
<tbody>
<tr valign="top">
<td style="padding-right: 10px; width: 150px;"><img class="wp-image-210" src="https://securityweekly.com/john_kinsella-1/" alt="John Kinsella" width="150px;" height="96" /></td>
<td>
<p style="margin-bottom: 0;">John Kinsella &#8211; Chief Architect at Accurics</p>
<p> </p>
<p style="margin-bottom: 0;">@johnlkinsella</p>
<p> </p>
<p>John Kinsella is the Chief Architect for Accurics</p>
</td>
</tr>
<tr valign="top">
<td style="padding-right: 10px; width: 150px;"><img class="wp-image-210" src="https://securityweekly.com/mike-shema-0/" alt="Mike Shema" width="150px;" height="96" /></td>
<td>
<p style="margin-bottom: 0;">Mike Shema &#8211; Product Security Lead at Square</p>
<p> </p>
<p style="margin-bottom: 0;">@Codexatron</p>
<p> </p>
<p>Mike Shema is the Product Security Lead of Square</p>
</td>
</tr>
</tbody>
</table>
<h1>Announcements</h1>
<ul style="margin-left: 50px;">
<li>
<p>Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN <span class="caps">PERSON</span> October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners &amp; InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event <span class="caps">AND</span> you will save 20% off on your world pass! Visit <a href="https://securityweekly.com/isw2021" rel="nofollow">https://securityweekly.com/isw2021</a> to register using our discount code!</p>
</li>
<li>
<p>Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting <a href="https://securityweekly.com/guests" rel="nofollow">https://securityweekly.com/guests</a> and completing the form! We review suggestions monthly and will reach out to you once reviewed!</p>
</li>
</ul>



wordpress_Manish-0.png

Security Weekly

Bringing AppSec to a Modern CI Pipeline – Manish Gupta – ASW #152

North America

Podcast

Related Events


<p>When it comes to developing strong security hygiene habits, it’s easy to talk a big game. But consistently executing on these practices is another ballgame entirely. Even the simplest of tasks can become unwieldly as a company’s IT assets scale in size. Nevertheless, businesses can take significant strides in bolstering their cyber hygiene against today’s threats through a combination of people, process and technology. <br> <br>Featuring thought leaders from FireMon and the CyberRisk Alliance, this webinar discussion will examine five key recommendations for ensuring consistent security hygiene – as presented by Mike Rothman, president of Firemon subsidiary DisruptOPS as well as Securosis. Attendees will learn of fundamental steps they can take to improve their security posture, including policy alignment, asset visibility, automation and more. </p>



<p><strong>Speakers:</strong></p>



<div class="wp-block-cra-webcast-speaker"><div class="speaker-wrap overflow -grid"><figure class="speaker-image"><img src="https://files.scmagazine.com/wp-content/uploads/2022/05/Mike-Rothman.jpg" alt="Speaker"/></figure><div class="speaker-info"><div class="speaker-about"><p class="speaker-name">Mike Rothman</p><p class="speaker-job">President, Securosis</p><p class="speaker-company">Advisor to FireMon</p></div><div class="speaker-description"><p>Mike is a 25-year security veteran, specializing in the sexy aspects of security, such as; protecting networks, protecting endpoints, security management, compliance, and helping clients navigate a secure evolution in their path to full cloud adoption. In addition to his role at FireMon, Mike is an Analyst &amp; President of Securosis.</p></div></div></div></div>



<div class="wp-block-cra-webcast-speaker"><div class="speaker-wrap overflow -grid"><figure class="speaker-image"><img src="https://files.scmagazine.com/wp-content/uploads/2021/09/Bill-Brenner.jpg" alt="Speaker"/></figure><div class="speaker-info"><div class="speaker-about"><p class="speaker-name">Bill Brenner</p><p class="speaker-job">VP, Content</p><p class="speaker-company">CyberRisk Alliance</p></div><div class="speaker-description"><p>Bill Brenner is VP of Content Strategy at CyberRisk Alliance &#8212; an InfoSec content strategist, researcher, director, tech writer, blogger and community builder. He was formerly director of research at IANS, senior writer/content strategist at Sophos, senior tech writer for Akamai Technology&#8217;s Security Intelligence Research Team (Akamai SIRT), managing editor for CSOonline.com and senior writer for SearchSecurity.com.</p></div></div></div></div>



<div class="wp-block-cra-webcast-speaker"><div class="speaker-wrap overflow -grid"><figure class="speaker-image"><img src="https://files.scmagazine.com/wp-content/uploads/2022/03/BradleyBarth.jpg" alt="Speaker"/></figure><div class="speaker-info"><div class="speaker-about"><p class="speaker-name">Bradley Barth</p><p class="speaker-job">Director of Community Content</p><p class="speaker-company">CyberRisk Alliance</p></div><div class="speaker-description"><p>As director of community content at CyberRisk Alliance, Bradley Barth develops content for SC Media online conferences and events, as well as video/multimedia projects. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.</p></div></div></div></div>



<p><strong>Sponsored By:</strong></p>



<figure class="wp-block-image size-large"><img width="1024" height="217" src="https://files.scmagazine.com/wp-content/uploads/2022/05/firemon-logo-color-01_orig-0-2-1024x217.png" alt="" class="wp-image-275424" srcset="https://files.scmagazine.com/wp-content/uploads/2022/05/firemon-logo-color-01_orig-0-2-1024x217.png 1024w, https://files.scmagazine.com/wp-content/uploads/2022/05/firemon-logo-color-01_orig-0-2-300x63.png 300w, https://files.scmagazine.com/wp-content/uploads/2022/05/firemon-logo-color-01_orig-0-2-768x162.png 768w, https://files.scmagazine.com/wp-content/uploads/2022/05/firemon-logo-color-01_orig-0-2-1536x325.png 1536w, https://files.scmagazine.com/wp-content/uploads/2022/05/firemon-logo-color-01_orig-0-2.png 2033w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>


Cybersecurity Asset Management

Network security

Cybercast

Kicking Cyber Hygiene Into High Gear: 5 Must-Know Tips for Consistent Execution


<p>As more organizations adopt multi-cloud strategies, security managers must develop a strategy to consistently protect web applications across hybrid environments, while preserving quality of security and operational efficiency. The traditional approach to application security no longer works in the multi-cloud, and anew approach is needed. Join us for this webinar to discuss the new challenges of multi-cloud security and how to overcome them. In this webinar you will learn:</p>



<ul><li>The security challenges of the multi-cloud</li><li>Why traditional approaches and tools no longer work</li><li>The requirements for multi-cloud security solutions</li><li>How Radware helps organizations protect their web applications in the multi-cloud</li></ul>



<p><strong>Speakers:</strong></p>



<div class="wp-block-cra-webcast-speaker"><div class="speaker-wrap overflow -grid"><figure class="speaker-image"><img src="https://files.scmagazine.com/wp-content/uploads/2022/05/Eyal-Arazi.png" alt="Speaker"/></figure><div class="speaker-info"><div class="speaker-about"><p class="speaker-name">Eyal Arazi</p><p class="speaker-job">Solution Expert</p><p class="speaker-company">Radware</p></div><div class="speaker-description"><p>Eyal is a Solution Expert in Radware&#8217;s security group, responsible for the company’s line of cloud security products, including Cloud WAF, Cloud DDoS, and Cloud Malware Protection. Eyal has extensive background in security, having served in the Israel Defense Force (IDF) at an elite technological unit.</p></div></div></div></div>



<div class="wp-block-cra-webcast-speaker"><div class="speaker-wrap overflow -grid"><figure class="speaker-image"><img src="https://files.scmagazine.com/wp-content/uploads/2021/09/Bill-Brenner.jpg" alt="Speaker"/></figure><div class="speaker-info"><div class="speaker-about"><p class="speaker-name">Bill Brenner</p><p class="speaker-job">VP, Content</p><p class="speaker-company">CyberRisk Alliance</p></div><div class="speaker-description"><p>Bill Brenner is VP of Content Strategy at CyberRisk Alliance &#8212; an InfoSec content strategist, researcher, director, tech writer, blogger and community builder. He was formerly director of research at IANS, senior writer/content strategist at Sophos, senior tech writer for Akamai Technology&#8217;s Security Intelligence Research Team (Akamai SIRT), managing editor for CSOonline.com and senior writer for SearchSecurity.com.</p></div></div></div></div>



<p><strong>Sponsored By:</strong></p>



<figure class="wp-block-image size-full"><img width="513" height="86" src="https://files.scmagazine.com/wp-content/uploads/2022/05/Radware-Logo.jpg" alt="" class="wp-image-260913" srcset="https://files.scmagazine.com/wp-content/uploads/2022/05/Radware-Logo.jpg 513w, https://files.scmagazine.com/wp-content/uploads/2022/05/Radware-Logo-300x50.jpg 300w" sizes="(max-width: 513px) 100vw, 513px" /></figure>


Application security

Cloud security

How to Protect Your Applications in the Multi-Cloud


<p>Security practitioners have many different initiatives demanding their time: evaluating and mitigating 3rd party risk, enabling strategic business efforts, implementing zero-trust practices, and supporting compliance activities, to name just a few. Often overlooked in these initiatives is a security gap that is critical to close if any of these initiatives are to be complete.&nbsp;</p>



<p>In this presentation, Solution Architect Matthew McGuirk will present the essential facts about client-side risk and security to arm security leaders with the information they need to address this crucial problem in all of their domains of practice.</p>



<p>It is important to understand that:&nbsp;</p>



<ul><li>Client-side risk is 3rd party supply chain risk&nbsp;</li><li>Client-side security is critical to any zero-trust initiatives</li><li>Securing the client-side is absolutely fundamental to compliance with PCI DSS, GDPR and other data privacy mandates&nbsp;</li><li>Addressing the client-side actually enables the business to do more, without fear of security or compliance violations&nbsp;</li></ul>



<p>By providing an understandable, plain-language overview of the security gap that exists on essentially every website &#8212; the threat of client-side attacks &#8212; this presentation will show how this problem can be solved effectively and definitively while also bolstering key security initiatives to ensure business value and strategic alignment.</p>



<p><strong>Speaker:</strong></p>



<div class="wp-block-cra-webcast-speaker"><div class="speaker-wrap overflow -grid"><figure class="speaker-image"><img src="https://files.scmagazine.com/wp-content/uploads/2022/05/matt.jpeg" alt="Speaker"/></figure><div class="speaker-info"><div class="speaker-about"><p class="speaker-name">Matthew McGuirk</p><p class="speaker-job">Solution Architect, Office of the CTO</p><p class="speaker-company">Source Defense</p></div><div class="speaker-description"><p>Matt McGuirk is an expert in JavaScript, web technologies, and both client-side risk and client-side attacks. He has over 15 years of experience in web application development, website administration, and cybersecurity. Additionally, he has provided consultation and analysis to Fortune 50 companies on how best to secure their customer-facing web properties and business critical web applications. Matt lives in the American Northeast with his wife and two dogs.</p></div></div></div></div>



<div class="wp-block-cra-webcast-speaker"><div class="speaker-wrap overflow -grid"><figure class="speaker-image"><img src="https://files.scmagazine.com/wp-content/uploads/2022/05/John_Kinsella-6.15.jpeg" alt="Speaker"/></figure><div class="speaker-info"><div class="speaker-about"><p class="speaker-name">John Kinsella</p><p class="speaker-job">Co-founder &amp; CTO</p><p class="speaker-company">Cysense</p></div><div class="speaker-description"></div></div></div></div>



<p><strong>Sponsored By:</strong></p>



<figure class="wp-block-image size-full is-resized"><img src="https://files.scmagazine.com/wp-content/uploads/2022/05/SD_logo_color_transparent.png" alt="" class="wp-image-256304" width="277" height="277" srcset="https://files.scmagazine.com/wp-content/uploads/2022/05/SD_logo_color_transparent.png 300w, https://files.scmagazine.com/wp-content/uploads/2022/05/SD_logo_color_transparent-150x150.png 150w" sizes="(max-width: 277px) 100vw, 277px" /></figure>
