Resilient Cyber

Resilient Cyber w/ Tyler Shields and James Berthoty - Is "Shift Left" Losing its Shine?

Nov 1, 2024

Tyler Shields, a cybersecurity expert with over 20 years in offensive security, and James Berthoty, founder of Latio Tech, delve into the evolution and challenges of the 'shift left' movement in cybersecurity. They reflect on its historical context and discuss how its relevance is fading in today’s fast-paced tech landscape. The conversation highlights the role of vendors and tools, while advocating for more comprehensive security approaches, questioning if 'secure by design' can truly address industry discrepancies. It's a thought-provoking discussion on the future of secure software development.

25:12

Episode guests

James Berthoti

Tyler Shields

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The shift left approach, originally intended to integrate security early in development, faces challenges due to insufficient empirical backing and overwhelming developer demands.

Emerging concepts like 'secure by design' aim to enhance security frameworks but risk becoming ineffective if treated merely as compliance checkboxes without actionable strategies.

Deep dives

The Evolution of Shift Left in Cybersecurity

The shift left approach emphasizes integrating security earlier in the software development lifecycle, theoretically aiming for cost efficiency in addressing vulnerabilities. However, recent discussions highlight that the foundational studies supporting this approach may lack empirical backing, questioning the true effectiveness and cost-savings claimed. Experts suggest that while the concept of moving security upfront makes sense, its practical execution in current development environments can lead to frustration among developers, who face overwhelming demands for security compliance alongside rapid deployment requirements. This misalignment has generated skepticism about the value of shifting left, indicating that more nuanced, data-driven strategies may be necessary.

Intro

6min

Evolving Perspectives on 'Shift Left' in Application Security

6min

Rethinking 'Shift Left' in Cybersecurity

6min

The Evolution of Security Practices in Software Development

3min

Debating the Efficacy of Secure by Design in Cybersecurity

4min

In this episode of Resilient Cyber I will be chatting with industry leaders Tyler Shields and James Berthoty on the topic of "Shift Left".

This includes the origins and early days of the shift left movement, as well as some of the current challenges, complaints and if the shift left movement is losing its shine.

We dive into a lot of topics such as:

Tyler and Jame’s high-level thoughts on shift left and where it may have went wrong or run into challenges
Tyler’s thoughts on the evolution of shift left over the last several decades from some of his early Pen Testing roles and working with early legacy applications before the age of Cloud, DevOps and Microservices
James’ perspective, having started in Cyber in the age of Cloud and how his entire career has come at shift left from a bit of a different perspective
The role that Vendors, VC’s and products play and why the industry only seems to come at this from the tool perspective
Where we think the industry is headed with similar efforts such as Secure-by-Design/Default and its potential as well as possible challenges

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Resilient Cyber

Resilient Cyber w/ Tyler Shields and James Berthoty - Is "Shift Left" Losing its Shine?

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Evolution of Shift Left in Cybersecurity

Challenges and Misconceptions of Shift Left

Rethinking Secure by Design Initiatives

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Resilient Cyber

Resilient Cyber w/ Tyler Shields and James Berthoty - Is "Shift Left" Losing its Shine?

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Evolution of Shift Left in Cybersecurity

Challenges and Misconceptions of Shift Left

Rethinking Secure by Design Initiatives

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights