What does it take to get into application security from pentesting? Will AI replace the role of product security? How do you start an application security program and write a book about it?  Join us on the Cybersecurity and Cloud Podcast as we welcome the insightful Raj Umadas, head of InfoSec at Ackblue, for a vibrant discussion on the varied pathways into the field of application security. Listen in as Raj shares his unique journey from networking to the realms of software and hardware design, ultimately leading to his passion for security. We debate whether a background in pentesting is a must for app sec success or if one can climb the ranks from the blue team, all while emphasizing the significance of team diversity over homogeneity. The episode is brought to you by Phoenix Security; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the most important vulnerabilities and reduce your exposure to modern attacks. See it for yourself. Go to https://phoenix.security/request-a-demo/ for a free 14-day licence. Venture into the world of risk assessment and pen testing with us, where we unpack the complexities of cybersecurity through the lens of protective controls and real-world testing experiences. Hear about my time at leading companies like Etsy, Squarespace, and Spotify, where I tackled the balancing act of risk, remediation, and resource allocation. This chapter casts a spotlight on the intricate dance between security leaders and CISOs, underlining the necessity of clear communication and the advantage of technical savvy in these pivotal roles. Finally, tune in as we discuss the ever-evolving role of the CISO and the rise of the DevSecOps culture within the tech industry. Reflect with us on the historical context of software development and how it’s transformed into an ongoing nurturing process, necessitating a fusion of development, operations, and security expertise. We also navigate the challenges of regulatory frameworks in the wake of monumental security breaches, fostering a conversation on how industry leaders and regulatory bodies can work together towards safer development practices. Don’t miss out on these captivating insights with Raj Umadas as we navigate the ever-changing cybersecurity landscape.