S1E04 - Running a lean AppSec team

Welcome to the Boring AppSec Podcast! In Episode 4, we discuss how lean AppSec teams run and operate. We share our experiences of having worked in engineering heavy organizations where the "engineer : appsec-engineer" ratio is far from ideal and scaling the AppSec team becomes very important to be able to reasonably manage risk.

References:

We will try and add information about all the references we make here. Please enter rabbit holes at will :) 

1. Soft skills are important - ⁠⁠⁠https://www.softsideofcyber.com/
2. Bhadra, the vulnerability management platform built and open sourced by Razor Pay - https://github.com/razorpay/bhadra
3. Devin - https://www.cognition-labs.com/introd...
4. Seezo (Automating design reviews) - https://seezo.io/
   

Contacting Anshuman

1. LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/in/anshumanbhartiya/⁠⁠⁠⁠ 
2. Twitter: ⁠⁠⁠⁠https://twitter.com/anshuman_bh⁠⁠⁠⁠ 
3. Website: ⁠⁠⁠⁠https://anshumanbhartiya.com/⁠⁠⁠⁠
4. Instagram: ⁠⁠⁠https://www.instagram.com/anshuman.bhartiya/⁠⁠⁠ 
5. YouTube: ⁠⁠⁠https://www.youtube.com/@AnshumanBhartiya⁠⁠⁠   

Contacting Sandesh

1. LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/in/anandsandesh/⁠⁠⁠⁠ 
2. Twitter: ⁠⁠⁠⁠https://twitter.com/JubbaOnJeans/⁠⁠⁠⁠ 
3. Website: ⁠⁠⁠⁠https://boringappsec.substack.com/⁠⁠⁠⁠