by Tromzo
The Future of Application Security is a podcast for ambitious leaders who want to build a modern and effective AppSec program. Doing application security right is really hard and we want to help other experts build the future of AppSec by curating the best industry insights, tips and resources. What’s the most important security metric to measure in 2024? It’s Mean Time to Remediate (MTTR). Download our new MTTR guide: https://lnkd.in/evjcf4Vt
Language
🇺🇲
Publishing Since
3/23/2022
Pitch yourself as a guest, propose sponsorships, or reach out directly to the host.
May 22, 2024
<p>In this episode of the Future of Application Security podcast, Harshil speaks with <a href='https://www.linkedin.com/in/abdullah-munawar-6a670713/'>Abdullah Munawar</a>, Director of Product Security at <a href='https://www.linkedin.com/in/abdullah-munawar-6a670713/'>Appian</a>. Abdullah shares valuable insights into his journey from security assessments and consulting to leading product security efforts, discussing the evolving challenges and strategies for building effective security programs in modern development environments. </p> <p>He discussed the importance of evolving security practices beyond identification to implementation within organizations, including the need for a holistic approach to product security and focusing on high-priority vulnerabilities. Abdullah also explains the challenges of maintaining data quality in AI companies. </p> <p>Topics discussed:</p> <ul><li style="font-weight:400;">The transition from consulting to in-house product security and the importance of hands-on experience in understanding the challenges of implementing security fixes and mechanisms.</li> <li style="font-weight:400;">Defining the scope of product security in the context of decentralized development practices and the shift towards "you build it, you manage it" approaches.</li> <li style="font-weight:400;">The changing role and structure of product security teams to address the full stack of security concerns, from architecture and automation to traditional AppSec tasks.</li> <li style="font-weight:400;">Strategies for driving remediation and adoption of security practices, including leadership buy-in, targeted automation, and empathy-building initiatives like security champion programs.</li> <li style="font-weight:400;">Emerging challenges in product security related to AI and data management, such as data poisoning, segregation, and unintended leakage.</li> </ul>
April 24, 2024
<p>In our latest episode of the Future of Application Security podcast, <a href='https://www.linkedin.com/in/natmokry/'>Nat Mokry</a>, VP of Application & Product Security at <a href='https://www.xbox.com/en-US'>Xbox</a> (formerly of Activision Blizzard at the time of recording), shares valuable insights into the world of application security, from the mission of defending player trust to emphasizing the importance of technical skills in cybersecurity. </p> <p>Nat provides guidance on building effective security teams and navigating the evolving challenges in the industry.</p> <p>Topics discussed:</p> <ul><li style="font-weight:400;">Earning and defending player trust as a guiding principle of business and strategies for making mission statements actionable.</li> <li style="font-weight:400;">Building and structuring a diverse security team, and the challenges faced by appsec teams in the current landscape.</li> <li style="font-weight:400;">The concept of the "piggy bank of trust" in security relationships that Nat says helps him and his team remember that people skills are important too.</li> <li style="font-weight:400;">Balancing technical expertise and security knowledge, depending on what your data is telling you. </li> <li style="font-weight:400;">Having the humility to ask questions and not have all the answers.</li> <li style="font-weight:400;">The difference between solving problems for people and minimizing the chances of them doing something wrong. </li> </ul>
April 10, 2024
<p>In this episode of the Future of Application Security podcast, Harshil interviews <a href='https://www.linkedin.com/in/felix-matenaar-99ab8559/'>Felix Matenaar</a>, Head of Product Security at <a href='https://asana.com/'>Asana</a>. Felix shares insights into his journey from Germany to Silicon Valley, where he transitioned from mobile security to leading Asana's product security efforts.</p> <p>The conversation highlights Felix's experience in creating security frameworks that eliminate vulnerabilities by building secure product lifecycles and ensuring alignment with business objectives. His approach integrates rigorous security measures directly into the development process, reflecting Asana's commitment to robust, proactive security.</p> <p>Topics Discussed:</p> <ul><li style="font-weight:400;">Felix discusses his transition from software engineering to product security and his strategic move from Google to Asana.</li> <li style="font-weight:400;">Strategies for integrating security seamlessly into product development to enhance safety without compromising functionality.</li> <li style="font-weight:400;">How effective security practices can accelerate business processes and foster trust with users.</li> <li style="font-weight:400;">The importance of collaboration across different organizational functions to ensure comprehensive security coverage.</li> <li style="font-weight:400;">The role of leadership in fostering a security-centric culture within tech companies.</li> <li style="font-weight:400;">Insights into upcoming challenges and innovations in the field of application security.</li> </ul>
Have a different question and can't find the answer you're looking for? Reach out to our support team by sending us an email and we'll get back to you as soon as we can.
The Future of Application Security is a podcast for ambitious leaders who want to build a modern and effective AppSec program. Doing application security right is really hard and we want to help other experts build the future of AppSec by curating the best industry insights, tips and resources.
What’s the most important security metric to measure in 2024? It’s Mean Time to Remediate (MTTR).
Download our new MTTR guide: https://lnkd.in/evjcf4Vt
This podcast updates weekly.
This podcast is available on 10 platforms including Apple Podcasts, Spotify, and more. You can also use the RSS feed directly.
Yes, this podcast regularly features guests.
Pod Engine is not affiliated with, endorsed by, or officially connected with any of the podcasts displayed on this platform. We operate independently as a podcast discovery and analytics service.
All podcast artwork, thumbnails, and content displayed on this page are the property of their respective owners and are protected by applicable copyright laws. This includes, but is not limited to, podcast cover art, episode artwork, show descriptions, episode titles, transcripts, audio snippets, and any other content originating from the podcast creators or their licensors.
We display this content under fair use principles and/or implied license for the purpose of podcast discovery, information, and commentary. We make no claim of ownership over any podcast content, artwork, or related materials shown on this platform. All trademarks, service marks, and trade names are the property of their respective owners.
While we strive to ensure all content usage is properly authorized, if you are a rights holder and believe your content is being used inappropriately or without proper authorization, please contact us immediately at hey@podengine.ai for prompt review and appropriate action, which may include content removal or proper attribution.
By accessing and using this platform, you acknowledge and agree to respect all applicable copyright laws and intellectual property rights of content owners. Any unauthorized reproduction, distribution, or commercial use of the content displayed on this platform is strictly prohibited.