Security has long been about building walls and keeping ‘bad guys’ on the other side of them. No longer. With the embrace of DEVOPS methodologies, security is “shifting left” – into the development pipeline. What does that mean for the information security industry and the practice of cyber security? We explore those questions in this ongoing podcast series.
In this episode of the Security Ledger Podcast, Paul speaks with Jill Moné-Corallo, the Director of Product Security Engineering Response at GitHub. Jill talks about her journey from a college stint working at Apple’s Genius bar, to the information security space – first at product security at Apple and now at GitHub, a massive development platform that is increasingly in the crosshairs of sophisticated cyber criminals and nation-state actors.
I interview Jack Naglieri, CEO of Panther about the failures of the current SIEM technology and the need for what Naglieri terms “detection engineers.”
In this episode of the podcast (#240) Lauren Zabierek, the Executive Director for the Cyber Project at the Belfer Center at Harvard’s Kennedy School joins us to talk about the need for a re-think of national cybersecurity preparedness, as major hacks like the attack on Colonial Pipeline put the focus on resilience and public safety.
Andrew Sellers, the Chief Technology Officer at QOMPLX joins us to unpack the revelations this week about APT 40, the Chinese group that the US has accused of a string of attacks aimed at stealing sensitive trade secrets. Also: is Salesforce the next SolarWinds
Galen Emery of Chef comes into the Security Ledger studios to talk about how security and compliance are “shifting left” with DEVSECOPS.
