
The Secure Developer
Securing the future of DevOps and AI: real talk with industry leaders.
Latest episodes

May 15, 2018 • 37min
Security Training With Masha Sedova
In episode 16 of The Secure Developer, Guy is joined by Masha Sedova, co-founder of Elevate Security, to discuss how training for employees (even developers) can help companies stay one step ahead of the pack when it comes to preventing a breach.
The post Ep. #16, Security Training with Elevate’s Masha Sedova appeared first on Heavybit.
Follow UsOur WebsiteOur LinkedIn

May 1, 2018 • 37min
Enterprise Security With James Governor
In episode 15 of The Secure Developer, Guy is joined by James Governor, Analyst and Co-founder of RedMonk, a developer-focused industry analyst firm. The pair discusses multiple ways that companies can be incentivized, and how they can incentivize others, to invest in and improve security.
The post Ep. #15, Enterprise Security with RedMonk’s James Governor appeared first on Heavybit.
Follow UsOur WebsiteOur LinkedIn

Jan 18, 2018 • 39min
How Slack Stays Secure During Hyper Growth With Geoff Belknap
In the latest episode of The Secure Developer, Guy is joined by Geoff Belknap, Chief Security Officer at Slack. Geoff discusses what drew him into security and reveals why it’s critical for security teams to be recognized as a full-fledged member of engineering. He explains why it makes sense for companies to develop a track record of transparency and actively encourage community participation through bug bounty programs. Geoff also concludes that companies should encourage basic security hygiene rather than seek a silver bullet that does not exist.
The post Ep. #14, How Slack Stays Secure During Hyper Growth appeared first on Heavybit.
Follow UsOur WebsiteOur LinkedIn

Oct 3, 2017 • 34min
How New Relic Does Security With Shaun Gordon
In the latest episode of The Secure Developer, Guy is joined by Shaun Gordon, Chief Security Officer at New Relic. Shaun tells us how he got into a career in security and explains how the role of security has evolved at New Relic. He reveals their philosophy of adapting security processes to fit the way developers do their job and emphasizes the importance of exception alerts, scorecards, and automation to support a rapidly scaling organization.
The post Ep. #13, How New Relic Does Security appeared first on Heavybit.
Follow UsOur WebsiteOur LinkedIn

Sep 19, 2017 • 32min
Keeping Cloud Foundry Secure With Molly Crowther
In the latest episode of The Secure Developer, Guy is joined by Molly Crowther from Pivotal. Molly discusses her role in managing security at Cloud Foundry, an open source cloud platform on which developers can build, deploy and run applications.
She explains their security triage and CVE process and reveals some of the challenges of working within the large ecosystem of diverse companies that make up the Cloud Foundry Foundation. Molly also talks about how she fulfills her role of wearing many hats as a representative of both Pivotal and the open source foundation.
The post Ep. #12, Keeping Cloud Foundry Secure appeared first on Heavybit.
Follow UsOur WebsiteOur LinkedIn

Jun 14, 2017 • 41min
Keeping PagerDuty Secure With Arup Chakrabarti, Kevin Babcock, And Rich Adams
In the latest episode of The Secure Developer, Guy is joined by Arup Chakrabarti, Kevin Babcock and Rich Adams from PagerDuty. They discuss how they put into practice their security vision of “making it easy to do the right thing”.
This involves picking the right tooling and designing a security experience that doesn’t force people to do things, but rather provides insight into how vulnerabilities can be exposed. Giving people the opportunity to break things also creates a strong desire to want to then protect those things.
The post Ep. #11, Keeping PagerDuty Secure appeared first on Heavybit.
Follow UsOur WebsiteOur LinkedIn

Apr 28, 2017 • 27min
Dynamic Authorization - The Evolution of Access Controls With Aren Sandersen
In the latest episode of The Secure Developer, Guy is joined by Aren Sandersen. They examine the current state of access control systems and discuss the need for better education and tooling to support time-bound dynamic access control.
Aren also explains why most startups consider security too late and reveals the minimum mindset that all early stage startups need to adopt to manage their attack surface.
The post Ep. #10, Dynamic Authorization: The Evolution of Access Controls appeared first on Heavybit.
Follow UsOur WebsiteOur LinkedIn

Mar 20, 2017 • 30min
Making Security More Inclusive With Francois Raynaud
In the latest episode of The Secure Developer, Francois Raynaud joins Guy to discuss the current state of IT security.
Francois explains why a cultural shift is needed to make security more inclusive, with security professionals taking on a greater mentoring and guiding role. Francois discusses why he created DevSecCon, a Development Security Conference aimed at fostering inclusion. He also shares approaches for DevOps and Security teams to better understand what other teams are trying to achieve so they can work collaboratively and improve business security.
The post Ep. #9, Making Security More Inclusive appeared first on Heavybit.
Follow UsOur WebsiteOur LinkedIn

Feb 16, 2017 • 32min
What’s In A Security Policy With Geva Solomonovich
In this episode of The Secure Developer, Geva Solomonovich, COO at Snyk and founder of Snowy Peak Security joins Guy to discuss security policies, and why you shouldn’t wait to implement your own.
Geva shares the 3 categories of security policies he developed with his clients and emphasizes that it’s not enough to create a set of documents or processes. You need to establish a security mindset and integrate it into everything you do. Don’t miss this episode for practical tips on reducing your company’s risk surface.
The post Ep. #8, What’s In A Security Policy? appeared first on Heavybit.
Follow UsOur WebsiteOur LinkedIn

Jan 30, 2017 • 29min
Understanding Container Security With Ben Bernstein
In this episode of The Secure Developer, Ben Bernstein from Twistlock joins Guy to discuss container security. Are you currently using containers, or thinking about moving to containers in your stack? You won’t want to miss this episode.
With containers, developers control the entire stack. While empowering to developers, this can also open up new security vulnerabilities. Ben and Guy discuss the tools and processes you’ll need to put in place to ensure your containers are compliant and secure.
The post Ep. #7, Understanding Container Security appeared first on Heavybit.
Follow UsOur WebsiteOur LinkedIn