It didn’t all change in March 2020. Not really. The UK high street has been in the throes of a gradual revolution for decades. From the rise of ecommerce, to the birth of mobile, social commerce, and a growing emphasis on experience, change has been underway for a while. In fact for many, the pandemic has acted as a wake-up call. Digital transformation was no longer a ‘nice to have’ but a matter of survival. Necessity sparked innovation and customers are enjoying more flexibility and conveni ...
…
continue reading
Content provided by Tromzo. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Tromzo or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to Future of Application Security
A bootstrappers podcast for founders, entrepreneurs, visionaries and dreamers who are building businesses from the ground up without the taking on debt or selling equity. Here we cover marketing, sales, organization and mindset issues that matter to you
…
continue reading
The Moneycontrol Podcast is your daily source of business news, investment analysis and advice on stocks and the markets. Tune in to broaden your horizons with podcasts by journalists, experts and analysts giving you a head-start in the investment game.
…
continue reading
The Tai Lopez podcast brings you the best business education straight from the world's top entrepreneurs. I will also review the best books in health, wealth, love and happiness that will help you achieve your maximum potential and live the best life possible.
…
continue reading
Evan Davis hosts the business conversation show with insights from the people at the top.
…
continue reading
The Village Global podcast takes you inside the world of venture capital and technology, featuring enlightening interviews with entrepreneurs, investors and tech industry leaders. Learn more at www.villageglobal.vc.
…
continue reading
The Partnership Economy explores the power of partnerships through candid conversations and stories with industry leaders. Our hosts, David A. Yovanno, CEO and Todd Crawford, Co-founder, of impact.com, unpack the future of partnerships as a lever for scale and an opportunity to put the consumer first.
…
continue reading
Wharton faculty and industry leaders discuss their latest research, books, and relevant business topics. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Custom Manufacturing Industry podcast is an entrepreneurship and motivational podcast on all platforms, hosted by Aaron Clippinger. Being CEO of multiple companies including the signage industry and the software industry, Aaron has over 20 years of consulting and business management. His software has grown internationally and with over a billion dollars annually going through the software. Using his Accounting degree, Aaron will be talking about his organizational ways to get things done. Hi ...
…
continue reading
News and views on business and the world of personal finance. Plus the very latest from the financial markets around the globe
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
EP 49 — Semgrep’s Colleen Dai on Building Security Strategies and Relationships with Other Teams
Manage episode 381721298 series 3330694
Content provided by Tromzo. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Tromzo or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
In this special episode of the Future of Application Security, recorded at the Developers & Security are Friends Day, Eric speaks with Colleen Dai, Senior Security Researcher at Semgrep, an open source static analysis tool. They discuss strategies security teams can take to reduce false positives, use secure defaults to eliminate bug classes, and reduce complexity in security decision-making. They also talk about ways to build the relationships between security, developers, and engineers, which includes aligning on goals, communication, and recognition.
Topics discussed:
- Colleen's background and what her security research role at Semgrep entails.
- How to use secure defaults to eliminate bug classes and reduce the complexity in security decisions.
- How to reduce false positives by writing rules and checks, especially ones that are customized to your organization.
- How to better align the goals of security and developers by focusing on creating good software — and good software is secure software.
- How to build relationships with engineers through communication and recognition, not just talking through Jira tickets.
- Why security and developers still struggle with cross-site scripting and how it can be fixed.
59 episodes
Share
Manage episode 381721298 series 3330694
Content provided by Tromzo. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Tromzo or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
In this special episode of the Future of Application Security, recorded at the Developers & Security are Friends Day, Eric speaks with Colleen Dai, Senior Security Researcher at Semgrep, an open source static analysis tool. They discuss strategies security teams can take to reduce false positives, use secure defaults to eliminate bug classes, and reduce complexity in security decision-making. They also talk about ways to build the relationships between security, developers, and engineers, which includes aligning on goals, communication, and recognition.
Topics discussed:
- Colleen's background and what her security research role at Semgrep entails.
- How to use secure defaults to eliminate bug classes and reduce the complexity in security decisions.
- How to reduce false positives by writing rules and checks, especially ones that are customized to your organization.
- How to better align the goals of security and developers by focusing on creating good software — and good software is secure software.
- How to build relationships with engineers through communication and recognition, not just talking through Jira tickets.
- Why security and developers still struggle with cross-site scripting and how it can be fixed.
59 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to Future of Application Security
It didn’t all change in March 2020. Not really. The UK high street has been in the throes of a gradual revolution for decades. From the rise of ecommerce, to the birth of mobile, social commerce, and a growing emphasis on experience, change has been underway for a while. In fact for many, the pandemic has acted as a wake-up call. Digital transformation was no longer a ‘nice to have’ but a matter of survival. Necessity sparked innovation and customers are enjoying more flexibility and conveni ...
…
continue reading
A bootstrappers podcast for founders, entrepreneurs, visionaries and dreamers who are building businesses from the ground up without the taking on debt or selling equity. Here we cover marketing, sales, organization and mindset issues that matter to you
…
continue reading
The Moneycontrol Podcast is your daily source of business news, investment analysis and advice on stocks and the markets. Tune in to broaden your horizons with podcasts by journalists, experts and analysts giving you a head-start in the investment game.
…
continue reading
The Tai Lopez podcast brings you the best business education straight from the world's top entrepreneurs. I will also review the best books in health, wealth, love and happiness that will help you achieve your maximum potential and live the best life possible.
…
continue reading
Evan Davis hosts the business conversation show with insights from the people at the top.
…
continue reading
The Village Global podcast takes you inside the world of venture capital and technology, featuring enlightening interviews with entrepreneurs, investors and tech industry leaders. Learn more at www.villageglobal.vc.
…
continue reading
The Partnership Economy explores the power of partnerships through candid conversations and stories with industry leaders. Our hosts, David A. Yovanno, CEO and Todd Crawford, Co-founder, of impact.com, unpack the future of partnerships as a lever for scale and an opportunity to put the consumer first.
…
continue reading
Wharton faculty and industry leaders discuss their latest research, books, and relevant business topics. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Custom Manufacturing Industry podcast is an entrepreneurship and motivational podcast on all platforms, hosted by Aaron Clippinger. Being CEO of multiple companies including the signage industry and the software industry, Aaron has over 20 years of consulting and business management. His software has grown internationally and with over a billion dollars annually going through the software. Using his Accounting degree, Aaron will be talking about his organizational ways to get things done. Hi ...
…
continue reading
News and views on business and the world of personal finance. Plus the very latest from the financial markets around the globe
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
