Explore "software security" with insightful episodes like "Preventing Top Threats to Manufacturing Security -- Mike Crones | Chief Information Officer, aPriori", "Making security easier for developers", "DtSR Episode 509 - The Shift Left Debate", "Laurie Williams" and "Software Security, from DevSecOps to SBOM (2 of 2)" from podcasts like ""Manufacturing Insights", "Software Engineering Unlocked", "Down the Security Rabbithole Podcast (DtSR)", "Agile Caravanserai" and "Testing 1-2-3 | Hosted by Parasoft"" and more!
Digital transformation presents new risks when it comes to data security. Learn from a CIO how to head off security threats before they impact the bottom line.
Prologue
James has been talking about "shift left" for a while so when Jeff Williams posted interesting research on LinkedIn - we jumped on an opportunity to have him on the show to talk about the subject. Let's face it, everyone is shifting left, and most of this is just marketing nonsense, but some of it is actually an attempt to push security "earlier" into the cycles - but is that good? Does it even make sense?
Jeff kills one of my favorite, go-to, security myths about software security...and a fun discussion ensues. Join us, and maybe add to the conversation!
Guest
>>> If you're reading this, consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast
Laurie Williams is a Distinguished Professor in the Computer Science Department of the College of Engineering at North Carolina State University (NCSU).
Laurie's research focuses on software security; agile software development practices and processes, particularly continuous deployment; and software reliability, software testing and analysis.
Over the last 21+ years, Laurie has served NCSU at all levels of professorship as well as associate & interim department head.
Laurie also leads the Software Engineering Realsearch research group at NCSU. Alongside her students, Laurie has been working collaboratively with high tech organizations like Cisco, IBM Corporation, Microsoft, Red Hat, and more!
Laurie was one of the founders of the first agile conferences, XP Universe, in 2001 which has since grown into the Agile 200x annual conference.
She is also the lead author of the book “Pair Programming Illuminated” and co-editor of “Extreme Programming Perspectives.”
Kevin Greene, director of security solutions at Parasoft joins Rick Stewart and Michael Fitzurka of DLT to discuss the importance of formalizing DevSecOps practices to improve software security. Greene shares insights on software security, from DevSecOps to Software Bill of Material (SBOM), and the impact on improving software security. (Part 2 of 2)
Kevin Greene, director of security solutions at Parasoft joins Rick Stewart and Michael Fitzurka of DLT to discuss the importance of formalizing DevSecOps practices to improve software security. Greene shares insights on software security, from DevSecOps to Software Bill of Material (SBOM), and the impact on improving software security. (Part 1 of 2 )
Host Tanya Janca learns what it’s like to do Cybersecurity Product testing and reviews at Security Weekly Labs with guest Adrian Sanabria!
Thank you to our sponsor Checkmarx! https://www.checkmarx.com/
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security
Don’t forget to check out We Hack Purple Academy’s NEW courses,
Join our Cyber Security community: https://community.wehackpurple.com/ A safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter here: https://newsletter.wehackpurple.com/
Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it’s like to found and run a small business (Zimana Analytics) focused on data analytics, with guest Pierre DeBois!
Thank you to our sponsor Checkmarx! https://www.checkmarx.com/
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security
Don’t forget to check out We Hack Purple Academy’s NEW courses,
Join our Cyber Security community: https://community.wehackpurple.com/ A safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter here: https://newsletter.wehackpurple.com/
Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it’s like to be a physical penetration tester, with guest Deviant Ollam. Famous for hacking banks, elevators and basically any physical security device, he will share how he got to where he is today! Check out his Twitter while you’re at it!
Thank you to our sponsor 10Security
NEW Secure coding Course here!
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security.
Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/
Join our Cyber Security community: https://community.wehackpurple.com/
A fun and safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com .
Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns from Sunny Wear about penetration testing with a live demonstration! Sunny shows off her custom app, Burp Tool Buddy, which shows you how to use and configure burp suite Pro. And it's a STEAL at $4.99!! https://twitter.com/SunnyWear
Thank you to our sponsor 10Security
NEW Secure coding Course here!
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security.
Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/
Join our Cyber Security community: https://community.wehackpurple.com/
A fun and safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com .
Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca meets Ron Brash. He is a well-known technical expert in the ICS community, with a long-standing history in oil and gas from a young age, but also by engaging in difficult-to-solve industry solution development questions. Today, he has a Master’s degree in Computer Science, a Bachelor’s in Technology, over a decade of experience with industrial networks and technologies, embedded systems, systems design, risk advisory, and in several different domains ranging from aviation, energy, gas & more. Currently, he is a director at Verve Industrial Protection where his role as Director of Cybersecurity Insights includes product ownership, risk analysis, vulnerability research, reverse engineering, and facilitating relationships in IT & OT divisions of organizations. Check out his Twitter!
Thank you to our sponsor 10Security
NEW Secure coding Course here!
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security.
Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/
Join our Cyber Security community: https://community.wehackpurple.com/
A fun and safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com .
Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it’s like to be an offensive Engineer at @zoom, as well as a PluralSight author & mentor. Maril Vernon is always helping peeps break into cybersecurity. https://twitter.com/shewhohacks
Thank you to our sponsor 10Security
NEW Secure coding Course here!
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security.
Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/
Join our Cyber Security community: https://community.wehackpurple.com/
A fun and safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com .
Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca meets Leif Dreizler who manages the Product Security team at Segment. The ProdSec Team is focused on partnering with software engineering teams to design and implement security features for the Segment product. Leif got his start in the security industry at Redspin doing security consulting work and was later an early employee at Bugcrowd. He helps organize the Bay Area OWASP Chapter, the AppSec California Conference and LocoMocoSec.
Thank you to our sponsor 10Security
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security.
Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/
Join our Cyber Security community: https://community.wehackpurple.com/
A fun and safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com .
Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca talks with guest Jessica Dodson to learn what it’s like to be a Customer Engineer (CE) in Security & Identity Modernization @ Microsoft. You can learn more about Jess here:
https://girl-germs.com/
or follow her on Twitter.
https://linktr.ee/girlgerms
https://www.linkedin.com/in/jrdodson/
https://twitter.com/girlgerms
Thank you to our sponsor #10Security! https://www.10security.com/
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security.
Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/
Join our Cyber Security community: https://community.wehackpurple.com/
A fun and safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com .
Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it’s like to be a BISO (Business Information Security Officer)! Alyssa Miller has had a very exciting career, and has a LOT to share with us on how to climb the career ladder in Cyber! https://twitter.com/AlyssaM_InfoSec
Thank you to our sponsor Thread Fix!
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security.
Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/
Join our Cyber Security community: https://community.wehackpurple.com/
A fun and safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com .
Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it's like to be a PhD, S-CISO, CISSP, AND the Head of Cyber Risk Consulting at Marsh Singapore! She's also a leader for WoSEC Singapore, has run many security events such as CTFs for girls and women, and so, so much more. Join us to listen in! https://twitter.com/m49D4ch3lly
Thank you to our sponsor Thread Fix!
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security.
Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/
Join our Cyber Security community: https://community.wehackpurple.com/
A fun and safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com .
Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it's like to be the executive Vice President at F5, with Haiyan Song! She has had a very long career in security and Tanya is looking forward to delving into Haiyan's career path, and tips she has to share! https://twitter.com/HaiyanatF5
Thank you to our sponsor Thread Fix!
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security.
Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/
Join our Cyber Security community: https://community.wehackpurple.com/
A fun and safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com .
Find us on Apple Podcast, Overcast + Pod
With our guest being unable to make it, host Tanya Janca gave a lesson on API security best practices. She also shared a twitter link with a list of API security testing tools, as well as a downloadable PDF about the best practices discussed.
Thank you to our sponsor Thread Fix!
Buy Tanya's new book on Application Security: Alice and Bob Learn Application Security.
Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/
Join our Cyber Security community: https://community.wehackpurple.com/
A fun and safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com .
Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it's like to be a Open Source Intelligence Analyst, with Ritu Gill, AKA OSINT Techniques! https://twitter.com/OSINTtechniques
Thank you to our sponsor Thread Fix!
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security.
Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/
Join our Cyber Security community: https://community.wehackpurple.com/
A fun and safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com .
Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it's like to be a Chief Product Officer (CPO) of a DevSecOps Product startup, with Abhi Arora! His startup is called Cloud Defense.
Thank you to our sponsor Thread Fix!
Buy Tanya's new book on Application Security: Alice and Bob learn Application Security.
Don’t forget to check out We Hack Purple's Academy and Community! A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter while you're at it!
Sponsorship info: info@wehackpurple.com
Find us on Apple Podcast, Overcast + Pod
Stay up to date
For any inquiries, please email us at hello@podcastworld.io
