Listen as Taylor Armerding and Gary discuss the early years and evolution of Cigital and software security, Gary’s software security touchpoints, the BSIMM, the CISO report, the Silver Bullet podcast, and what the future holds.
Listen as Gary and Elias discuss the progress we’ve made in software security over the last 25 years, programming languages, full disclosure, the relationship between technology inventory and software security, and more.
Listen as Gary and Meera discuss how to deal with design flaws; touchpoints such as architecture risk analysis and threat modeling; CI/CD, DevOps, automation, and orchestration; the importance of mentorship; and more.
Listen as Gary and Filippo discuss programming languages and the role they play in software security, getting started in cryptography, open source security, blockchain and cryptocurrency, and more.
Listen as Gary and Brittany discuss robotics, maker culture, the hands-on nature of learning, the security and privacy problems that robots introduce, robot vulnerability, and more.
Listen as Gary and Gøran discuss what it’s like to work for a city government and how to align the city’s goals with software security. They also examine how to get the city to pay attention to security along with all other focus areas, includi
Listen as Gary and Kathleen discuss scientific research versus hacking "research," programming languages and software security, hacking (or not hacking) autonomous helicopters at DARPA, why machine learning looks pretty similar to how it looke
Listen as Gary and Nicholas discuss the Spectre vulnerability, botnet attacks, research tech transfer, cryptocurrencies and blockchain technology, and more.
Listen as Gary and Elena discuss security policy, security technology, the role of a CIO, holistic security tactics, the economics of a security breach, and more.
Listen as Gary and Bruce discuss ShmooCon, the state of software security books, network security trends, hacking back, the relationship between preventative security engineering and operational security, DevOps, the CISO role, and more.
Listen as Gary and Nicole talk about life as a cyber security journalist, being a woman in the security industry, and playing up the sex appeal of cyber security.
Wafaa Mamilli is Vice President, Chief Information Security Officer (CISO) at Eli Lilly and Company where she leads a global, enterprise-wide information and product security organization. She started her career consulting in Paris prior to joi
Listen as Pavi and Gary discuss whether a background in development makes you a better software security resource, CI/CD, security testing, the role that office hours play in software security awareness, and more.
Pavi Ramamurthy manages the security ecosystem at LinkedIn as a Senior Information Security Manager. The Security Ecosystem team holds much of the responsibility for software security at the firm, including: software security training, awarenes
Ksenia Dmitrieva-Peguero is a Principal Consultant within Synopsys’ Software Integrity Group. She is a subject matter expert in a variety of software security practices including static analysis tool design and execution, customization, and dep
Kelly Jackson Higgins is the Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with over 20 years of experience as a reporter and editor. Publications that Kelly has been associated with inc
Cheryl Biswas is a Cyber Security Consultant focusing on threat intelligence at KPMG Canada. Her IT career began over 20 years ago at CP Rail’s helpdesk, with further roles in vendor management and change management. She went on to work as an I
Dr. Chenxi Wang is the founder of the Jane Bond Project. She has built an illustrious security career with experience at Forrester Research, Intel Security, CipherCloud, and Twistlock. Dr. Wang started her career as a computer security faculty