This episode features guest Izar Tarandach, a seasoned security architect with extensive experience in application security, cloud security, and the development of comprehensive security frameworks. Our discussion navigates through the latest trends in application security, the pivotal role of DevSecOps, and the strategic integration of security practices within modern business environments. Sponsored by Phoenix Security: This episode is brought to you by Phoenix Security, leaders in...

A dev perspective on application security: Dive deep into the pivotal nexus of cybersecurity, application security, and software development in our latest podcast episode featuring Josh Goldberg, a renowned figure in the TypeScript ecosystem. This episode sheds light on the evolving realm of secure coding practices, acknowledging the progress achieved while recognizing the challenges that lie ahead. Join us as we unravel the nuanced role of artificial intelligence in software development,...

What does it take to get into application security from pentesting? Will AI replace the role of product security? How do you start an application security program and write a book about it?  Join us on the Cybersecurity and Cloud Podcast as we welcome the insightful Raj Umadas, head of InfoSec at Ackblue, for a vibrant discussion on the varied pathways into the field of application security. Listen in as Raj shares his unique journey from networking to the realms of software and hardware...

Will AI replace the role of product security? how to start an application security program and write a book about it? one of the best Application Security mind Derek Fisher is with us today. Join us on a captivating journey as Derek, a mastermind in product security and a prolific author, shares his expertise on setting up a fortified application security program. We start by unraveling the critical first steps, emphasizing the value of understanding your organization’s current...

Will AI replace the role of product security? This is an enlightening conversation with David Matousek exploring the intersection between automation and product security in application security. Join us on this enlightening journey with David Matousek, as we explore the intriguing world of product security within the cybersecurity realm. Listen in as David, with his wealth of experience transitioning from a technical developer to a product director, unveils the significance of perceiving...

Join us as we reconvene with cybersecurity virtuoso Michael Smith, Field CTO at Verkara, for a rerecording further to explore the fascinating intersection of cybersecurity and cloud technology. Listen in as Michael brings his wealth of experience from military intelligence to web application development to the table, shedding light on how engineering and integration teams navigate regulations and government sector compliance. The episode is brought to you by Phoenix Security; get in control...

This is an enlighting conversation with Jay Jacobs  - Exploring the Future of Vulnerability Management and Data Science Unlock the secrets of cybersecurity’s intricate dance with data science as I, Francesco Cipollone, sit down with tech wizard J Jacobs, co-founder of Cyanthia. Prepare to be captivated by J’s inspiring tech odyssey, from his youthful fascination with computing to his trailblazing efforts in quantifying cyber risk. We navigate his professional voyage, spanning IT, pen testing...

Join us for the return of an esteemed guest, Caleb, for an engaging conversation with cybersecurity veteran Caleb Sima on our latest podcast episode. Caleb, known for his significant contributions to application security and executive roles in leading tech companies, shares his profound insights into the ever-changing world of cybersecurity. He highlights the importance of mastering offensive skills for effective defence, drawing on his vast experience to advocate for a mindset that aligns...

Overcoming the Cybersecurity Talent Shortage: Innovation, Culture, and Self-Care with Jitendra Arora Join us for a transformative discussion with Jitendra Arora, the non-South Europe CISO at Deloitte, as we unravel the narrative around the talent shortage in cybersecurity. Jitendra brings a fresh perspective that emphasizes the need for creativity and open-mindedness in talent sourcing. We dissect the ”buy versus build” model, where he advocates for nurturing and developing skills in...

Get ready to embark on a captivating journey into the world of application security with our guest, Chris Ghigliotti, Director of Security Engineering at JustWorks. A man of many talents, Chris hails from a background in teaching and writing, which lends him a unique perspective on the importance of communication within the cybersecurity industry. We promise you; this isn’t your regular security conversation. We are tearing down the walls of complexity, transforming intricate risk language...

Christopher Russell is the CISO at tZERO Group, a Mesh Security advisor, and a NightDragon Advisor. He is currently getting a PhD in Cybersecurity with a focus on Blockchain Security at DSU. His military intel background helps him keep cool under even the most stressful work situations. In this episodes, Francesco and Chris discuss identity and security in relation to blockchain and digital currency. With decades of experience, Chris has an acute sense of risk and threat The episode is...

Steve Springett is the Director of Product Security at ServiceNow, helping 4,000+ developers build secure and resilient software. He’s a leader of multiple OWASP projects including Dependency Track, SCVS, and Cyclone DX. In this conversation, Steve and Francesco discuss the term SBOM (software bill of materials), the importance of regulations, and the state of the industry. The episode is brought to you by Phoenix Security; get in control of your vulnerabilities from code to cloud with...

Christophe Parisel is a Senior Cloud security architect at Société Générale. He has extensively researched risk vulnerability and native cloud security. He specializes in IaaS, PaaS, and devSecOps. Two of his major contributions to the Cloud are Azure Firewall and Azure Policy. When asked, he says he’s is optimistic about the future of Cloud security and is proud of the progress made within the last five years. The episode is brought to you by Phoenix Security; get in control of your...

Travis McPeak is a security generalist with over a decade of experience working at several companies including Databricks, Netflix, IBM, HP, and Symantec. He’s the Co-Founder and CEO of Resourcely, whose goal is to create a paved road to secure, efficient, and easy to manage cloud infrastructure. In this conversation, Travis shares his biggest takeaway from working at Netflix, the problem with overusing JIRA, and the importance of making security a shared responsibility between developers and...

In this show, Nathan and Francesco discuss the start in application security, how to mentor new interns and bridge the skillgap and how to measure application security progress when deploying shift left methodologies in devsecops  The episode is brought to you by Phoenix Security; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the most important vulnerabilities and reduce your exposure to modern attacks. See it for yourself. Go to...

Lester Chng is a Veteran who transferred his war gaming military skills to the cooperate world. After being a Naval Combat Officer with the Singapore Navy for twelve years, he runs security exercise programs for a North American financial institution. Lester prepares high-level executives for worst-case scenario security crises. He explains that exercises help buy time, space, and brain processing power during a crisis.  The episode is brought to you by Phoenix Security; get in control of...

Amanda Alvarez is the Senior DevSecOps Engineer at Trace3. Francesco and Amanda met online in a Meetup group called “Let’s Talk Software Security!” Today they discuss building an application security program, managing technical debt, and Amanda’s advice for avoiding burnout as a security professional.  The episode is brought to you by Phoenix Security Cloud; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the vulnerabilities that matters...

Larry Maccherone is a Dev[Sec]Ops Transformation Architect at Contrast Security to create a wave of DevSecOps cultural transformation in software development and cybersecurity communities. He previously worked for five years at Comcast, leading their DevSecOps Transformation initiative. When it comes to software, Larry says security and quality are synonymous. He shares his tips and tricks for getting everyone, especially leadership, committed to security.  The episode is brought to you by...

Frank Kim is a security consultant, a startup advisor and investor, and a Fellow and Curriculum Director at SANS Institute. He’s been writing curriculum and teaching for SANS for 15 years, sculpting the next generation of CISO leaders and cloud security experts. Today on the podcast, he shares his thoughts on the industry, the gate vs guardrail mentality, and tips for public speaking. The episode is brought to you by AppSec Phoenix Ltd with the Phoenix platform; you can make Vulnerability...