Securing Sensitive Data in Code

7min Snip

00:00

Play full episode

Summary

Transcript

Episode notes

This chapter focuses on identifying code vulnerabilities related to the logging of Personally Identifiable Financial Information (PIFI) through practical examples and taint analysis. It explores the integration of AI and static analysis techniques to enhance detection of sensitive data, emphasizing the need for accuracy in complex coding scenarios.

Traditionally, security checks and testing are performed towards the end of the software development lifecycle. However, discovering vulnerabilities at that stage can be costly and time-consuming.

This observation has led to the shift-left movement, which advocates for implementing security testing earlier in the software development process.

HoundDog AI is a startup focused on software to enable shift-left security practices. Amjad Afanah and Sudipta Mukherjee are Co-Founders of HoundDog, and they join the show to talk about their company.

Gregor Vand is a security-focused technologist, and is the founder and CTO of Mailpass. Previously, Gregor was a CTO across cybersecurity, cyber insurance and general software engineering companies. He has been based in Asia Pacific for almost a decade and can be found via his profile at vand.hk.