In episode 26 of Software Security Gurus, Matias Madou chats to Sven Schran, Program Manager Security Engineering, at Robert Bosch.

They discuss the rapidly growing embedded systems software industry, including the general security considerations during the development lifecycle. They also go in-depth on automotive security, where technological advancements and global demand shape an ever-evolving threat landscape. 

Finally, Sven gives us insight into ASRG, the community of automotive security enthusiasts that are making a splash all over the world.

‍--

Want to nominate a guru? Get in touch! www.softwaresecuritygurus.com

Visit ASRG

In episode 25 of Software Security Gurus, Matias Madou chats to Simon Cole, Global Security Architecture & Engineering Director at dentsu. They discuss his multi-faceted experience in security architecture, including his views on what constitutes "secure by design". They also discuss threat modeling and empathy with developers, in addition to welcoming diversity of thought into a team for best results.

Want to nominate a guru? Get in touch! www.softwaresecuritygurus.com.

In episode 24 of Software Security Gurus, Matias Madou chats to John Heldreth, founder of the automotive security organization, ASRG. They discuss taking the plunge with self-driving cars, the complexities of automotive security modeling, digital twins, and integrated software.

Want to nominate a guru? Get in touch with us! www.softwaresecuritygurus.com

In episode 23 of the Software Security Gurus webcast, Matias sits down with Tanvi Bali, a security expert and DevSecOps specialist. They discuss her background in engineering, and the state of DevSecOps in the APAC region (including why it trails behind Europe and US). She also treats us to her personal five steps to building a positive security culture within an organization.

Want to nominate a guru? Get in touch! www.softwaresecuritygurus.com. Don't forget, you can also leave us a voice message: www.anchor.fm/softwaresecuritygurus

In episode 22 of Software Security Gurus, Matias Madou chats to Julie Tsai, Head of Information Security at Roblox. 

They discuss how to implement the right internal security structure, how to measure its success and quantify security risk, as well as how DevOps has evolved tactically to expand beyond tooling.  

Want to nominate a Guru? Get in touch: www.softwaresecuritygurus.com.

In episode 21 of Software Security Gurus, Matias Madou chats to Brian Levine, Senior Director, Product & Cloud Security at Axway. They discuss scaling a positive security culture and getting executive buy-in, adding security champions to enhance a program, as well as navigating an SSDLC the right way.

Want to nominate a guru? Get in touch! www.softwaresecuritygurus.com

In episode 20 of the Software Security Gurus webcast, Matias chats to Larry Maccherone, distinguished engineer and DevSecOps transformation lead at Comcast.

They discuss the impact of people and culture on a successful DevSecOps adoption, why more security tools aren't a cure-all for finding and fixing vulnerabilities, as well as a deep dive into Larry's experience in pioneering the Build Security In initiative.

Want to nominate a Guru? Get in touch with us! www.softwaresecuritygurus.com

Welcome to Software Security Gurus with Matias Madou.

In episode 19, he chats to Bankim Tejani, Chief Security Architect and Distinguished Engineer at the Charles Schwab Corporation. They discuss his experience with big data breaches, as well as how secure coding can speed up remediation, and drive quality, performance, and scalability.

Want to nominate a guru? Get in touch! www.softwaresecuritygurus.com.

Welcome to Software Security Gurus with Matias Madou.

In episode 18, he chats with Brad Senetza, Security Assurance Architect at Oracle.

They discuss his distributed security culture strategy, why it works, and how everyone in the SDLC can and should own security.  Want to nominate a guru? Head to www.softwaresecuritygurus.com.

Welcome to episode 17 of the Software Security Gurus webcast.

In this interview, he chats with Mike Shema, Product Security at Square. They discuss his take on proactive security, and the how the relationship between deveopers and the security team impacts this approach. They also unpack the collaborative role these teams can play, and the secret ingredient to a successful shift left.

Have you got a topic idea in mind, or want to nominate a guru? Get in touch! www.softwaresecuritygurus.com

Welcome to episode 14 of Software Security Gurus, with Matias Madou.  

This episode features a discussion with John Melton, Director of Product Security at NetSuite. He is also the co-leader of the visionary OWASP AppSensor Project.  

For more information, or to nominate a guest, please visit www.softwaresecuritygurus.com. 

Welcome to episode 16 of the Software Security Gurus podcast.

In this interview, he chats with Leif Dreizler, Product Security Manager at Segment.

They discuss his "people over tools" security approach, his team structure, as well as the fact that at Segment, cross-site scripting and SQL injection are extinct.

Want to nominate a guru? Check out www.softwaresecuritygurus.com and get in touch.

Welcome to episode 15 of the Software Security Gurus webcast.  

In this episode, Matias chats to Astha Singhal, Director of AppSec at Netflix. 

They discuss Netflix's enviable culture of freedom and responsibility, and what this means for application security in her team. They also dive into the world of self-service, and the impact this can have on reducing cyber risk. Finally, Astha talks about her unique experience as the leader of Salesforce's AppSec security program.‍  

Want to nominate a speaker? Get in touch! Visit www.softwaresecuritygurus.com.

Welcome to episode 13 of Software Security Gurus, with Matias Madou. 

In this interview, he chats with Florence Mottay, security expert and Global CISO at Ahold Delhaize.  

They discuss her recent win of a prestigious industry award, and how this could positively influence cybersecurity transparency at the company level, as well as her experience in security training software and how the approach has changed over the years. Finally, Matias quizzes Flo on which of four CISO 'tribes' resonates with her way of working.‍

Want to hear more? Head to www.softwaresecuritygurus.com.

In this interview, Matias chats to Tanya Janca, security rockstar and CEO of We Hack Purple.

They talk about how to inspire security awareness in developers, the complexities of the AppSec space, and how we could do a tech industry detox.  

For more information, visit www.softwaresecuritygurus.com.  
We Hack Purple: https://wehackpurple.com/

In episode 11 of Software Security Gurus, Matias chats to Patrick Debois, affectionately referred to as, "the Godfather of DevOps". He is also the creator of the global conference series, DevOpsDays. 

For more information, visit www.softwaresecuritygurus.com.
Visit DevOpsDays: https://devopsdays.org/about/

In this interview, he chats with Rami Sass, co-founder and CEO at WhiteSource.

Unsurprisingly, they discuss all things open source security. They reflect on how open source has changed in the past ten years, the compliance implications of using open source components in software, and the disconnect that can often happen between the tech and legal departments. Finally, Rami shares his thoughts on who should take responsibility for open source security.

For more information, check out www.softwaresecuritygurus.com

Visit WhiteSource: www.whitesourcesoftware.com

In episode 9 of the Software Security Gurus webcast, Matias sits down with John Stewart, former SVP and Chief Trust & Safety Officer at Cisco. 

They discuss security issues at the SVP level of a large organization, as well as the role diversity plays in building an amazing team that drives businesses forward.  

For more information, or to nominate a guest, visit www.softwaresecuritygurus.com.

Hello and welcome to episode 8 of Software Security Gurus, with Matias Madou. In this interview, he chats with Guy Podjarny, Co-Founder and President at Snyk Security.

They discuss scanning tools, and the rise of the developer in security programs. He also reveals his experiences in startup, and what he looks for in a great company.

For more information, visit www.softwaresecuritygurus.com.

Hello and welcome to episode 7 of Software Security Gurus, with Matias Madou. In this interview, he chats with Clint Gibler, security consultant, and owner of the TL;DR Sec blog.

They discuss his love/hate relationship with static analysis and the available solutions, as well as what he learned from attending 50 conference talks. Also tune in for deep dives into threat modeling as code, and good examples of security defaults.

For more information, visit www.softwaresecuritygurus.com.