The Cyber Ranch Podcast Application Security w/ Taylor Lehmann
Jun 16, 2021
29:04
With us today is Taylor Lehmann, former ciso several times over in the healthcare sector, and currently Americas leader for security, networking, identity, and compliance solution architecture at AWS.
Taylor and Allan talk about application security: why it's important, who are the personas, the value of threat modeling, infrastructure as code, how to get started, and relationships with developers.
Taylor, a Boston boy, starts the show trying to say, "Howdy!" correctly. Taylor started at PWC and grew into a healthcare CISO. He has now transitioned to AWS.
Key Takeaways
1:40 How Taylor got into Cyber
2:58 Taylor’s day job
4:30 Appsec Defined
5:49 Taylor's favorite appsec frameworks
7:48 Why appsec is important
8:55 The personas and roles
11:22 Security training in appsec
12:27 Threat modeling
15:11 Infrastructure as code
20:46 How to get started in appsec
24:12 Devs already know and care about security
25:38 Where does the trope come from that devs don't care?
26:52 Why "DevSecOps" is a bad term
28:00 What keeps Taylor going in cybersecurity
Links:
Learn more about Taylor on LinkedIn and Twitter Follow Allan Alford on LinkedIn and Twitter
Learn more about Hacker Valley Studio and The Cyber Ranch Podcast
Sponsored by our good friends at Axonius
Taylor and Allan talk about application security: why it's important, who are the personas, the value of threat modeling, infrastructure as code, how to get started, and relationships with developers.
Taylor, a Boston boy, starts the show trying to say, "Howdy!" correctly. Taylor started at PWC and grew into a healthcare CISO. He has now transitioned to AWS.
Key Takeaways
1:40 How Taylor got into Cyber
2:58 Taylor’s day job
4:30 Appsec Defined
5:49 Taylor's favorite appsec frameworks
7:48 Why appsec is important
8:55 The personas and roles
11:22 Security training in appsec
12:27 Threat modeling
15:11 Infrastructure as code
20:46 How to get started in appsec
24:12 Devs already know and care about security
25:38 Where does the trope come from that devs don't care?
26:52 Why "DevSecOps" is a bad term
28:00 What keeps Taylor going in cybersecurity
Links:
Learn more about Taylor on LinkedIn and Twitter Follow Allan Alford on LinkedIn and Twitter
Learn more about Hacker Valley Studio and The Cyber Ranch Podcast
Sponsored by our good friends at Axonius