CSCP S03EP26 - Nathan - From music to cybersecurity - the appsec symphony

Jun 11, 2023

41:00

forum

Ask episode

view_agenda

Chapters

auto_awesome

Transcript

info_circle

Episode notes

Nathan is the manager of the application security team at Intuit Mailchimp. He has over 7 years of experience in application security working at both startups and Fortune 500 companies. In that time, Nathan has been both an engineer and a leader. His primary focus has been on building out application security programs by implementing scalable processes and efficient methodologies. Nathan holds a Master’s in Digital Forensics and CyberSecurity from John Jay College of Criminal Justice and a Bachelor’s in Music Composition from University of the Arts.

In this show, Nathan and Francesco discuss the start in application security, how to mentor new interns and bridge the skillgap and how to measure application security progress when deploying shift left methodologies in devsecops

The episode is brought to you by Phoenix Security; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the most important vulnerabilities and reduce your exposure to modern attacks. See it for yourself. Go to https://www.phoenix.security for a free 14-day licence.

2:00 - Nathan's Intro

7:30 – from music to cybersecurity and new generation

11:00 – State of application security

14:00 – Vulnerability – What is a vulnerability in software

18:00 – How do you bring in the business in appsec – Product security

12:00 - Cybersecurity technicalities - Pen-tests and regulation

16:00 - Cybersecurity and regulation in USA

19:00 - SBOM, Digital Software supply chain

20:00 – Risk for application security and business perspective

22:00 – Business categories of risk for application security

24:00 – Business criticality vs low criticality – how to talk about risk

26:00 – Prioritize work based on risk in application security