Categories
Podcast

Common Pitfalls of Cloud Security

Michael Tayo is an Assistant Vice President and Principal Information Security Engineer at U.S. Bank where he is responsible for providing visionary guidance for the enhancement of cloud and application security product offerings. With over 10 years of experience as an Information Security Professional, Michael specializes in designing and deploying cutting-edge security solutions to enhance […]

Categories
Podcast

What Zero Trust Means for Applications

Amanda Alvarez is a DevSecOps Architect consultant at Trace3 with a passion for helping people learn more about software security.  She is a highly-motivated practitioner who enjoys creating developer-oriented solutions with an emphasis on increasing effective feedback loops to help companies balance agility with security.  Her mission is to spread awareness on scalable and sustainable […]

Categories
Podcast

How to Make Security Sexy

  Jeevan Singh is the Director of Product Security at Twilio, where he is embedding security into all aspects of the software development process. He enjoys building security culture within organizations and educating staff on security best practices. He’s responsible for architecting security programs, driving security strategy, and mentoring and growing security engineers and managers. Before […]

Categories
Podcast

How to Build an OWASP Chapter

Jeremiah Salamon is the Information Security Director at one of the nation’s premier law firms. He has over a decade of experience in Security Operations, Security Architecture and Engineering, and Governance, Risk & Compliance working in small businesses and large enterprise environments with regulated data. Regardless of the size or complexities of the organization, Jeremiah […]

Categories
Podcast

CI/CD Killed the Manual Code Review

Sean Wright is a veteran application security engineer with software development roots. Within security, he has a particular interest in TLS encryption and supply chain attacks. He believes security teams must be business enablers with a focus on efficiency. I had the pleasure of hosting Sean on this week’s episode of Champions of Security. Here’s […]

Categories
Podcast

Navigating the Gatekeepers of Cybersecurity

Shanief Webb is well-versed in the disciplines of computer science, cybersecurity, and digital forensics. He has over 8 years of diverse cybersecurity experience working for the FBI, Google, Cox Communications, IBM, Slack, Dropbox, and now Okta. I had the pleasure of hosting Shanief on this week’s episode of Champions of Security. Here’s the full episode […]

Categories
Podcast

Building a Grassroots Security Champions Program

Chris Romeo, CEO and Co-founder of Kerr Ventures, and Dustin Lehr, Head of Platform Security at Fivetran, joined me for a live LinkedIn session. If you missed out, here’s the recording and my three key takeaways. Key Takeaways #1: A Passionate Security Champion Leader is Vital A sustainable security champions program requires a skilled, motivated […]

Categories
Podcast

How to Ensure Secure Governance for Generative AI

Walter Haydock is the Founder and Chief Executive Officer of StackAware, a cybersecurity risk management and communication platform. He is also the author of the blog Deploying Securely. Previously, he was a Director of Product Management at Privacera, a data governance startup backed by Accel and Insight Partners – as well as PTC – where […]

Categories
Podcast

Becoming a Red Team Engineer with Micah Jackson

Micah Jackson is a Senior Red Team Engineer who was an application security lead when we filmed this episode. He’s a hacker who enjoys breaking things and building them back stronger. As a security enthusiast, he enjoys diving into every facet of security, from firewalls to malware reverse engineering. Key Takeaway 1: Find a Cybersecurity […]

Categories
Podcast

Social Engineering of Salespeople in Cybersecurity

Tom Kanan is a nine-year veteran of business-to-business security sales. He’s an active member of OWASP and the Cloud Security Alliance who believes in deeply understanding his customer’s business needs. This episode focuses on improving the dynamics between security and sales teams, both internally and externally. Key Takeaway 1: Salespeople See Confidential Data Proprietary information […]

Categories
Podcast

Ditching the SDLC w/ Raj Umadas

I had the pleasure of chatting with Rajendra (Raj) Umadas, who is working as the Head of Information Security at Actblue. He’s been involved in security programs for some truly cutting-edge organizations, like Etsy, Spotify, WeWork, and Compass. Raj is not just a security expert, but also a true leader. Our conversation weaves together his […]

Categories
Podcast

Spoofing Modern Car ECUs

Soufiane Alami is now a Principal DevOps Cybersecurity Engineer for Fidelity Investments. When we filmed episode 5 of Champions of Security, he worked as a cloud and application security engineer for Ford Motors.  Buckle up, because you’re in for a wild ride. 3 Key Takeaways Much of what Soufiane and I talk about in this […]

Categories
Podcast

Building a Security Program with Developers in Mind

I caught up recently with Justus Post, Principal Cyber Security Architect at Bose. Justus is a prime example of why developers make great security pros. After all, if you understand how something is built, you’ll be able to secure it.  Justus developed an interest in technology (and more importantly, an interest in breaking technology) as […]

Categories
Podcast

Common Weaknesses Used By Cyber Attackers

Veteran penetration tester David Ethington joined me on the third episode of Champions of Security. David’s vast experience in offensive and defensive cybersecurity in the Army, as a consultant, and now as an information security architect for Paramount gives him a broad view of the cybersecurity industry. We had an excellent conversation about cybersecurity education, […]

Categories
Podcast

Teaching Developers to Code Securely

I had the pleasure of hosting Vimalathithan Rajasekaran on episode 2 of my podcast, Champions of Security.  Vimal has a truly fascinating professional background. He spent several years in engineering and developer roles at Visa, Safeway/Albertsons/Kroger, and United Airlines. Once he started developing cloud and serverless functions in AWS, he began to see how critical […]

Categories
Podcast

Where Security Fits into DevOps with Andrés Mayhew

This blog isn’t about a specific security topic or feature of our product. Rather, it’s about the broader security community. This week, we are launching a podcast, “Champions of Security,” as a way to better serve this community. Why Champions of Security? Over the last year, I’ve heard countless compelling stories from security-minded humans that […]

CrowdStrike Bionic

Have you heard the news?

Bionic to be acquired by CrowdStrike to provide the industry’s most comprehensive cloud security platform. Together, we are creating the industry-defining cloud security platform, fully integrated from code to runtime.