Why Your Security Program Might Be Failing Before It Even Starts with Sean Finley

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/ab/b0/da/abb0dac0-046c-0dcf-9ed2-3608f7da6605/mza_7681932657336190582.jpg/600x600bb.jpg

The Elephant in AppSec

77 episodes

3 days ago

Time to discuss AppSec issues no one talks about.

All content for The Elephant in AppSec is the property of The Elephant in AppSec and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Time to discuss AppSec issues no one talks about.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_episode/39783987/39783987-1754647534471-9c5a74b752855.jpg

Why Your Security Program Might Be Failing Before It Even Starts with Sean Finley

The Elephant in AppSec

39 minutes 29 seconds

2 months ago

Why Your Security Program Might Be Failing Before It Even Starts with Sean Finley

Today, I’m joined by Sean Finley, an experienced Information and Application Security leader with deep expertise in AppSec, security operations, vulnerability management, and governance.Sean’s AppSec career started at GEICO, one of the most recognizable names in U.S. insurance. He made the leap from business analyst to the company’s very first AppSec engineer, teaching himself everything along the way.

In this episode, we explore what inspired that transition, how to spot red flags that doom security programs before they start, and why Sean believes there are far better investments than SAST.We also dive into his approach for working with engineering teams, especially when their initial designs could put the organization at risk, and how to turn “no” into a “secure yes.”Dive right in!