Chris Romeo and Robert Hurlbut dig into the tips, tricks, projects, and tactics that make various application security professionals successful. They cover all facets of application security, from threat modeling and OWASP to DevOps+security and security champions. They approach these stories in an educational light, explaining the details in a way those new to the discipline can understand. Chris Romeo is the CEO of Devici and a General Partner at Kerr Ventures, and Robert Hurlbut is a Prin ...
…
continue reading
Chris Andrae Podcasts
Join Columbia MBA grad, writer, and former actor Jane Bernhard as she interviews business leaders and rising professionals on their career paths. She shares stories and advice to inspire you to build a career on your terms, and not anyone else's. @janebernhard
…
continue reading
Mike Thayer is Money Man Mike!
…
continue reading
Welcome to Powering Procurement, a podcast by Atamis, where we delve into the rapidly evolving world of procurement. In each episode, we feature in-depth conversations with industry leaders, technology innovators, and procurement professionals who share their insights on how digital technologies, AI, and data-driven decision-making are shaping the procurement landscape. Join us to gain actionable strategies and tools to enhance your procurement processes, reduce costs, and drive better decis ...
…
continue reading
1
Francesco Cipollone - Agentic AI Manifesto
33:19
33:19
Play later
Play later
Lists
Like
Liked
33:19
Francesco Cipollone, the CEO of Phoenix Security, shares his extensive experience in AI and security, discussing the crucial difference between true AI agents and glorified chatbots. Learn why Phoenix Security utilizes six different LLMs instead of a single super agent. Understand the sobering economics behind AI implementation and the importance o…
…
continue reading
1
Simon Gibbs & Devika Gibbs -- Building Bridges with Games
36:03
36:03
Play later
Play later
Lists
Like
Liked
36:03
Simon and Devika Gibbs, the innovative minds behind Cybersec Games, join us on the episode today. Discover how the Gibbs duo are revolutionizing the way we teach and learn security concepts through interactive gaming. Learn about their journey from developing stationary for agile teams to delving into the world of threat modeling games like Elevati…
…
continue reading
1
Jill Furman - Theatrical Producer - I was in the room where it happened
47:58
47:58
Play later
Play later
Lists
Like
Liked
47:58
Hamilton hits theaters this Friday! On this week’s episode of Your Career, Unscripted, I spoke with Broadway Producer Jill Furman, who was there from the very early days of Hamilton. She shared what it was like recognizing Lin-Manuel Miranda’s genius early on in 2003 when she saw an early version of In the Heights for the first time, to the beginni…
…
continue reading
1
Akansha Shukla - Modern AppSec: Securing APIs with Threat Modeling and DevSecOps
35:35
35:35
Play later
Play later
Lists
Like
Liked
35:35
Our guest today is Akansha Shukla, an information security professional with over 10 years of experience in application security, DevSecOps, and API security. We’re discussing why API security remains one of the least mature areas of AppSec today and exploring the challenges developers face when securing APIs. Akansha shares her insights on incorpo…
…
continue reading
The European Union's Cyber Resilience Act is set to revolutionize how we approach product security worldwide. In this episode, we sit down with application security expert Nariman Aga-Tagiyev to break down everything you need to know about this legislation. Nariman has over 20 years of software development experience and today he’s sharing his expe…
…
continue reading
1
Marisa Fagan - Measuring Security Culture
50:05
50:05
Play later
Play later
Lists
Like
Liked
50:05
Marisa Fagan, Head of Product at Katilyst and veteran security culture expert joins us today to share practical strategies for building and scaling security champions programs that actually work, from designing effective pilots to avoiding common pitfalls that can derail your initiatives. Learn how to motivate developers using the SAPs model (Statu…
…
continue reading
1
Suba Vasudevan - Mozilla.org & Mozilla Corp - The best leadership is deeply human
47:19
47:19
Play later
Play later
Lists
Like
Liked
47:19
Suba Vasudevan is COO of Mozilla.org and SVP at Mozilla Corp - and I am honored to have interviewed her for Episode 16 of Your Career, Unscripted and to share her story and career advice! With 22+ years of global leadership across technology, AI, trust & safety, and advertising, Suba Vasudevan is responsible for leading Mozilla’s operational strate…
…
continue reading
1
Aram Hovsepyan -- Your Security Dashboard is Lying to You: The Science of Metrics
40:52
40:52
Play later
Play later
Lists
Like
Liked
40:52
Aram Hovsepyan joins the podcast today to chat about the misconceptions behind common security metrics. Aram tells us how total vulnerability counts and CVSS scores can be misleading and he introduces us to the Goal Question Metric framework, this framework is a better approach to building truly effective security dashboards. Learn about the critic…
…
continue reading
1
Sean Varga -- OWASP Top 10 for AppSec Sales
47:13
47:13
Play later
Play later
Lists
Like
Liked
47:13
We’re discussing the intersections of application security (AppSec) and sales strategy with our guest, Sean Varga. Sean shares the unique challenges and best practices in AppSec sales, like the importance of empathy, understanding customer needs, and community participation. Learn about the OWASP top 10 for AppSec Sales and discover how to achieve …
…
continue reading
1
Sarah-Jane Madden -- What AI means for AppSec
37:59
37:59
Play later
Play later
Lists
Like
Liked
37:59
Sarah Jane Madden joins us to discuss the evolving role of AI in software development. We reflect on the changes and challenges posed by AI, including the potential for over-reliance and the misconception that traditional software engineering practices like the SDLC are obsolete. The conversation explores the nuances of AI-generated code, emphasizi…
…
continue reading
1
Dag Flachet -- Kaizen for your Appsec Program
35:54
35:54
Play later
Play later
Lists
Like
Liked
35:54
Dag Flachet joins us to discuss the concept of Kaizen and its application in improving application security. Dag shares his journey into the world of security, emphasizing the importance of iterative, small-step improvements. The conversation delves into how organizations can effectively implement maturity models to enhance their security programs,…
…
continue reading
1
Chris Melissinos - AWS - Nobody builds anything great by themselves
51:09
51:09
Play later
Play later
Lists
Like
Liked
51:09
Chris Melissinos is the Principal Evangelist for Video Games and Immersive Technologies at AWS, where he helps influence the next generation of game technology and offerings from AWS while also acting as a developer advocate, ensuring that the needs of game developers are met. Prior to AWS, he was the Chief Gaming Officer at Sun Microsystems, Inc.,…
…
continue reading
1
Yvoire S. Whittaker - Nike - I’m chasing my own happiness
38:44
38:44
Play later
Play later
Lists
Like
Liked
38:44
Very excited to share my interview with Yvoire S. Whittaker on this week’s episode of Your Career, Unscripted! Yvoire is a Brand Marketing Lead at Nike. I met Yvoire when we were classmates at Columbia Business School - and I have always been inspired by her authenticity, kindness, creativity, generosity, and drive to learn and connect. Born in Pla…
…
continue reading
1
How Admiral Transformed Procurement Into a Strategic Powerhouse with Chris McLellan
46:24
46:24
Play later
Play later
Lists
Like
Liked
46:24
In this episode of Powering Procurement, hosts Sian Lloyd and Gareth Burch sit down with Chris McLellan, Group Head of Procurement at Admiral Group, Wales’ only FTSE 100 company. Together, they explore critical challenges in modern procurement risk management. What You’ll Learn How to balance speed and due diligence through effective supplier segme…
…
continue reading
1
The 4 Ps That Will Future-Proof Your Procurement with Milind Tailor
43:32
43:32
Play later
Play later
Lists
Like
Liked
43:32
In this episode of Powering Procurement, hosts Sian Lloyd and Travis Crouch sit down with Milind Tailor, Global Head of Resale Products and Services Procurement at Diebold Nixdorf. Together, they navigate "The 4 P's of Procurement" framework: Purpose, People, Planet, and Performance, as well as how AI, sustainability, and skill transformation are r…
…
continue reading
1
Andra London - BCG BrightHouse - The most transformative moments were the moments of transition
42:39
42:39
Play later
Play later
Lists
Like
Liked
42:39
“The most transformative moments were the moments of transition.” Andra London is a Managing Director at BCG BrightHouse, where she harnesses the power of purpose and strategic storytelling to help organizations grow their people, profits, and impact. I am honored to have interviewed her on this week’s episode of Your Career, Unscripted! Her career…
…
continue reading
1
The Truth About Supplier Relationships in Procurement with Sabrina Kelly
32:24
32:24
Play later
Play later
Lists
Like
Liked
32:24
In this episode of Powering Procurement, hosts Sian Lloyd and Travis Crouch sit down with Sabrina Kelly, Contracts Management Specialist and Founder and Managing Director of B Plus Management Consultancy. Together, they explore the delicate balance between supplier collaboration and performance accountability, the transformative potential of AI in …
…
continue reading
1
Javan Rasokat and Andra Lezza -- When Chatbots Go Rogue - Lessons Learned from Building and Defending LLM Applications
47:31
47:31
Play later
Play later
Lists
Like
Liked
47:31
Andra Lezza and Javan Rasokat discuss the complexities of securing AI and LLM applications. With years of experience in Application Security (AppSec), Andra and Javan share their journey and lessons from their DEF CON talk on building and defending LLMs. They explore critical vulnerabilities, prompt injection, hallucinations, and the importance of …
…
continue reading
1
Jim Routh -- The CISO Transition to the rest of life
49:36
49:36
Play later
Play later
Lists
Like
Liked
49:36
Former CISO Jim Routh discusses his perspective on retirement and career fulfillment in cybersecurity. Rather than viewing retirement as simply stopping work, Routh describes his three-filter approach: working only with people he respects and admires, doing only work he finds fulfilling, and controlling when he works. He shares valuable lessons lea…
…
continue reading
1
Building Net Zero Supply Chains with Collaboration: Insights from Oliver Hurrey
49:57
49:57
Play later
Play later
Lists
Like
Liked
49:57
In this episode of Powering Procurement, hosts Sian Lloyd and Gareth Burch sit down with sustainability expert Oliver Hurrey to explore the intersection of procurement and environmental responsibility. They discuss supplier engagement, data-driven solutions for scope three emissions, AI’s role in sustainability, and the importance of biodiversity. …
…
continue reading
1
Henrik Plate -- OWASP Top 10 Open Source Risks
38:26
38:26
Play later
Play later
Lists
Like
Liked
38:26
Henrik Plate joins us to discuss the OWASP Top 10 Open Source Risks, a guide highlighting critical security and operational challenges in using open source dependencies. The list includes risks like known vulnerabilities, compromised legitimate packages, name confusion attacks, and unmaintained software, providing developers and organizations a fra…
…
continue reading
1
Tanya Janca -- A Secure SDLC from a Developer's Perspective
48:54
48:54
Play later
Play later
Lists
Like
Liked
48:54
Security expert Tanya Janca discusses her new book "Alice and Bob Learn Secure Coding" and shares insights on making security accessible to developers. In this engaging conversation, she explores how security professionals can better connect with developers through threat modeling, maintaining empathy, and creating inclusive learning environments. …
…
continue reading
1
Michele Catano - Electronic Arts - If I don’t try, then I’ll never know
44:08
44:08
Play later
Play later
Lists
Like
Liked
44:08
“If I don’t try then I’ll never know. ” Originally from Italy, Michele Catano is currently a Senior Product Manager at Electronic Arts, where he's working on a new game based on the famous The Sims IP. Michele came to the US in 2021, when he started his MBA at the University of Chicago Booth School of Business. Previously, he has had a diverse set …
…
continue reading
1
Why Procurement Deserves a Seat at the Strategic Table with Nadia Stoykov
51:50
51:50
Play later
Play later
Lists
Like
Liked
51:50
In this episode of Powering Procurement, hosts Sian Lloyd and Gareth Burch are joined by Nadia Stoykov, Chief Procurement and Supply Chain Officer at Tesca Group, to share her unconventional journey from law to procurement, why procurement deserves a seat at the strategic table, and how companies can unlock massive value by rethinking their procure…
…
continue reading
