Listen as Taylor Armerding and Gary discuss the early years and evolution of Cigital and software security, Gary’s software security touchpoints, the BSIMM, the CISO report, the Silver Bullet podcast, and what the future holds.
Listen as Gary and Elias discuss the progress we’ve made in software security over the last 25 years, programming languages, full disclosure, the relationship between technology inventory and software security, and more.
Listen as Gary and Meera discuss how to deal with design flaws; touchpoints such as architecture risk analysis and threat modeling; CI/CD, DevOps, automation, and orchestration; the importance of mentorship; and more.
Listen as Gary and Filippo discuss programming languages and the role they play in software security, getting started in cryptography, open source security, blockchain and cryptocurrency, and more.
Listen as Gary and Brittany discuss robotics, maker culture, the hands-on nature of learning, the security and privacy problems that robots introduce, robot vulnerability, and more.
Listen as Gary and Gøran discuss what it’s like to work for a city government and how to align the city’s goals with software security. They also examine how to get the city to pay attention to security along with all other focus areas, including GDPR, the challenges of digitalization, and how to work with the city to ... more
Listen as Gary and Kathleen discuss scientific research versus hacking "research," programming languages and software security, hacking (or not hacking) autonomous helicopters at DARPA, why machine learning looks pretty similar to how it looked 25 years ago, and more.
Listen as Gary and Nicholas discuss the Spectre vulnerability, botnet attacks, research tech transfer, cryptocurrencies and blockchain technology, and more.
Listen as Gary and Elena discuss security policy, security technology, the role of a CIO, holistic security tactics, the economics of a security breach, and more.
Listen as Gary and Bruce discuss ShmooCon, the state of software security books, network security trends, hacking back, the relationship between preventative security engineering and operational security, DevOps, the CISO role, and more.
Listen as Gary and Nicole talk about life as a cyber security journalist, being a woman in the security industry, and playing up the sex appeal of cyber security.
Wafaa Mamilli is Vice President, Chief Information Security Officer (CISO) at Eli Lilly and Company where she leads a global, enterprise-wide information and product security organization. She started her career consulting in Paris prior to joining Lilly France in 1995. Before being named CISO, Wafaa held several inter... more
Listen as Pavi and Gary discuss whether a background in development makes you a better software security resource, CI/CD, security testing, the role that office hours play in software security awareness, and more.
Pavi Ramamurthy manages the security ecosystem at LinkedIn as a Senior Information Security Manager. The Security Ecosystem team holds much of the responsibility for software security at the firm, including: software security training, awareness, bug herding, application vulnerability response, program management, and ... more
Ksenia Dmitrieva-Peguero is a Principal Consultant within Synopsys’ Software Integrity Group. She is a subject matter expert in a variety of software security practices including static analysis tool design and execution, customization, and deployment. She is also an expert in the areas of penetration testing and threa... more
Kelly Jackson Higgins is the Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with over 20 years of experience as a reporter and editor. Publications that Kelly has been associated with include Network Computing, Secure Enterprise Magazine, Communications Week, and... more
Cheryl Biswas is a Cyber Security Consultant focusing on threat intelligence at KPMG Canada. Her IT career began over 20 years ago at CP Rail’s helpdesk, with further roles in vendor management and change management. She went on to work as an InfoSec researcher at JIG Technologies where she advised her team and clients... more
Dr. Chenxi Wang is the founder of the Jane Bond Project. She has built an illustrious security career with experience at Forrester Research, Intel Security, CipherCloud, and Twistlock. Dr. Wang started her career as a computer security faculty member at Carnegie Mellon University. She holds a Ph.D. in Computer Science ... more