Chris Romeo and Robert Hurlbut dig into the tips, tricks, projects, and tactics that make various application security professionals successful. They cover all facets of application security, from threat modeling and OWASP to DevOps+security and security champions. They approach these stories in an educational light, explaining the details in a way those new to the discipline can understand. Chris Romeo is the CEO of Devici and a General Partner at Kerr Ventures, and Robert Hurlbut is a Prin ...
…
continue reading
Software engineers, architects and team leads have found inspiration to drive change and innovation in their team by listening to the weekly InfoQ Podcast. They have received essential information that helped them validate their software development map. We have achieved that by interviewing some of the top CTOs, engineers and technology directors from companies like Uber, Netflix and more. Over 1,200,000 downloads in the last 3 years.
…
continue reading
Many women feel overwhelmed with the chaos of life, struggle with the fact that life, relationships and marriage are hard, and lack what they need to truly thrive. The Thriving Beyond Belief podcast, with host, Cheryl Scruggs, and online community provide women with encouragement & support, to better manage their stress, create healthy relationships, and build a life that thrives beyond belief.
…
continue reading
You can thrive and live an abundant life in every area and in every season. You can practice the lost arts of being a vibrant human being. And you can be energized and enjoy more of what matters most spiritually, emotionally, physically, mentally, and relationally. The closer a courageous, rooted, and thriving woman gets to realizing her life’s pur…
…
continue reading
1
David Quisenberry -- Building Security, People, and Programs
56:54
56:54
Play later
Play later
Lists
Like
Liked
56:54
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut engage in a deep discussion with guest David Quisenberry about various aspects of application security. They cover David's journey into the security world, insights on building AppSec programs in small to mid-sized companies, and the importance of data-driven …
…
continue reading
51
Decentralizing Decision Making with Shawna Martell & Dan Fike
38:43
38:43
Play later
Play later
Lists
Like
Liked
38:43
In this episode, Thomas Betts talks with Shawna Martell and Dan Fike, about the Navigators program at Carta and how they are finding ways to decentralize decisions and empower individual contributors. The quality of technical decisions is improved, and decisions are reached more quickly because the people involved are close to the relevant context.…
…
continue reading
Jessica and her husband Greg are herald as adoption advocates across New York State. After adopting a sibling group of two from foster care in 2015, they discovered the massive need for foster and adoptive parents. They founded All 4 One Adoption Awareness, an organization focused on highlighting the 110,000 children in foster care who are freed to…
…
continue reading
1
Matt Rose -- Software Supply Chain Security Means Many Different Things to Different People
46:14
46:14
Play later
Play later
Lists
Like
Liked
46:14
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut welcome Matt Rose, an experienced technical AppSec testing leader. Matt discusses his career journey and significant contributions in AppSec. The conversation delves into the nuances of software supply chain security, exploring how different perceptions affect…
…
continue reading
101
Meryem Arik on LLM Deployment, State-of-the-art RAG Apps, and Inference Architecture Stack
37:56
37:56
Play later
Play later
Lists
Like
Liked
37:56
In this podcast, Meryem Arik, Co-founder/CEO at TitanML, discusses the innovations in Generative AI and Large Language Model (LLM) technologies including current state of large language models, LLM Deployment, state-of-the-art Retrieval Augmented Generation (RAG) apps, and inference architecture stack for LLM applications.Read a transcript of this …
…
continue reading
151
Edo Liberty on Vector Databases for Successful Adoption of Generative AI and LLM based Applications
34:29
34:29
Play later
Play later
Lists
Like
Liked
34:29
In this podcast, Edo Liberty, Founder and CEO at Pinecone, discusses the importance of vector databases in the successful adoption of Generative AI and LLM based applications and how vector databases are different from traditional data stores.Read a transcript of this interview: https://bit.ly/4aHaVGi Subscribe to the Software Architects’ Newslette…
…
continue reading
1
James Berthoty -- Is DAST Dead? And the future of API security
44:56
44:56
Play later
Play later
Lists
Like
Liked
44:56
In this episode of the Application Security Podcast, host Chris Romeo welcomes James Berthoty, a cloud security engineer with a diverse IT background, to discuss his journey into application and product security. The conversation spans James's career trajectory from IT operations to cloud security, his experiences with security tools like Snyk and …
…
continue reading
1
Architecture Modernization with Nick Tune
33:20
33:20
Play later
Play later
Lists
Like
Liked
33:20
In this episode, Thomas Betts talks with Nick Tune, co-author of the book Architecture Modernization - Socio-technical Alignment of Software, Strategy, and Structure. The discussion includes how to know if it makes sense to invest in an architecture modernization journey, how to get started, what benefits you can expect to achieve and how to measur…
…
continue reading
1
Mark Curphey and Simon Bennetts -- Riding the Coat Tails of ZAP, without Open Source Funding
42:32
42:32
Play later
Play later
Lists
Like
Liked
42:32
Mark Curphey and Simon Bennetts, join Chris on the podcast to discuss the challenges of funding and sustaining major open source security projects like ZAP. Curphey shares about going fully independent and building a non-profit sustainable model for ZAP. The key is getting companies in the industry, especially companies commercializing ZAP, to prop…
…
continue reading
1
Deepthi Sigireddi on Distributed Database Architecture in the Cloud Native Era
37:24
37:24
Play later
Play later
Lists
Like
Liked
37:24
In this podcast, Vitess CNCF project technical lead Deepthi Sigireddi discusses the architecture of cloud native distributed databases, sharding, replication, and failover. She also talks about what DB developers should consider when choosing distributed databases.Read a transcript of this interview: https://bit.ly/3JWNJbTSubscribe to the Software …
…
continue reading
1
Cheryl Scruggs: Courageous, Rooted, Thriving Women
35:02
35:02
Play later
Play later
Lists
Like
Liked
35:02
You can thrive and live an abundant life in every area and in every season. You can practice the lost arts of being a vibrant human being. And you can be energized and enjoy more of what matters most spiritually, emotionally, physically, mentally, and relationally. The closer a courageous, rooted, and thriving woman gets to realizing her life’s pur…
…
continue reading
Melissa L. Johnson is a celebrated author renowned for her evocative storytelling and deep exploration of human emotions. Her latest work, "Soul-Deep Beauty," delves into the intricate ways beauty manifests both within and beyond the physical realm, captivating readers with its profound insights. With a background in psychology, Melissa skillfully …
…
continue reading
Devon Rudnicki, the Chief Information Security Officer at Fitch Group, shares her journey of developing an application security program from scratch and advancing to the CISO role. She emphasizes the importance of collaboration, understanding the organization's business, and using metrics to drive positive change in the security program. Elon Musk …
…
continue reading
1
If LLMs Do the Easy Programming Tasks - How are Junior Developers Trained? What Have We Done?
51:27
51:27
Play later
Play later
Lists
Like
Liked
51:27
In this podcast Michael Stiefel spoke to Anthony Alford and Roland Meertens about the future of software development and the training of new developers, in a world where Large Language Models heavily contribute to software development.Read a transcript of this interview: https://bit.ly/3ycggYv Subscribe to the Software Architects’ Newsletter for yo…
…
continue reading
1
Object-Oriented UX (OOUX) with Sophia Prater
44:04
44:04
Play later
Play later
Lists
Like
Liked
44:04
In this episode, Thomas Betts talks with Sophia Prater about Object-Oriented UX (OOUX). OOUX focuses on identifying the objects and relationships within a system, allowing for better communication and collaboration among designers, product owners, engineers, and architects. Prater explains the process of OOUX, which involves multiple rounds of disc…
…
continue reading
Jane Lee Rankin is a farmer and founder of Apple Hill Farm, an award-winning first-generation farm in the Appalachian Mountains of North Carolina. She is an advocate for farmers through her leadership and involvement in the North Carolina Agritourism Networking Association, Watauga County Farm Bureau, the Watauga County Economic Development Commiss…
…
continue reading
1
Security Requires Traveling the Unhappy Path - A Conversation with Robert Hurlbut
55:32
55:32
Play later
Play later
Lists
Like
Liked
55:32
In this podcast Michael Stiefel spoke to Robert Hurlbut about what it means to make an application, not just the code, secure. Robert is a Principal Application Security Architect and Threat Modeling Lead at Aquia, a PhD student at Cap TechU and co-host of the Application Security Podcast.Read a transcript of this interview: https://bit.ly/4dha4yx …
…
continue reading
1
Navigating AI, Platform Engineering, and Staff-Plus: InfoQ Dev Summit Boston Preview
42:57
42:57
Play later
Play later
Lists
Like
Liked
42:57
In this InfoQ podcast, host Daniel Bryant sat down with speakers from the InfoQ Dev Summit Boston (June 24-25) and discussed the critical challenges and decisions developers are currently facing. Topics covered include platform engineering, the evolution of senior software developer roles into Staff-Plus positions, AI's impact on the SDLC, and the …
…
continue reading
1
Courtney Nash Discusses Incident Management, Automation, and the VOID Report
42:50
42:50
Play later
Play later
Lists
Like
Liked
42:50
In this episode, Courtney Nash, a researcher focused on system safety and failures in complex sociotechnical systems, discussed the latest edition of the VOID report. Topics covered included: incident management and the role of automation, working effectively within socio-technical systems, and the value of collecting and analyzing system metrics i…
…
continue reading
Stephanie May Wilson: An experienced guide for women navigating life transitions, Stephanie empowers her audience through books, courses, and podcasts, helping them build lives that resonate with authenticity and joy. Fluent in Spanish with a touch of French, she fosters deep connections and enjoys sharing meals with friends. Based in Nashville, or…
…
continue reading
1
Dustin Lehr -- Culture Change through Champions and Gamification
45:10
45:10
Play later
Play later
Lists
Like
Liked
45:10
Dustin Lehr, Senior Director of Platform Security/Deputy CISO at Fivetran and Chief Solutions Officer at Katilyst Security, joins Robert and Chris to discuss security champions. Dustin explains the concept of security champions within the developer community, exploring the unique qualities and motivations behind developers becoming security advocat…
…
continue reading
Robert J. Morgan recently transitioned to serve full time as leader of Robert J. Morgan Ministries, a 501(c)3 nonprofit whose goal is to energize God’s people with a greater understanding and appreciation of the Bible and Christian heritage. Preceding this transition, Rob was involved in pastoral ministry for over 40 years in Nashville Tennessee. H…
…
continue reading
1
Francesco Cipollone -- Application Security Posture Management and the Power of Working with the Business
38:11
38:11
Play later
Play later
Lists
Like
Liked
38:11
Francesco Cipollone, CEO of Phoenix Security, joins Chris and Robert to discuss security and explain Application Security Posture Management (ASPM). Francesco shares his journey from developer to cybersecurity leader, revealing the origins and importance of ASPM. The discussion covers the distinction between application security and product securit…
…
continue reading
1
Architecture Does Not Emerge - A Conversation with Tracy Bannon
50:50
50:50
Play later
Play later
Lists
Like
Liked
50:50
In this podcast Michael Stiefel spoke to Tracy Bannon about what software architecture really is, and what an architect needs to be able to do. She is senior principal at MITRE. She sees herself as a passionate software architect and change agent who also puts out the Real Technologists podcast.Read a transcript of this interview: https://www.infoq…
…
continue reading