Summary

Paul McCarty is CEO and founder of SecureStack, a DevSecOps visibility & automation company, and GitLab's Red Team leader. Paul's been involved in software security in Australia for decades. In his conversation with Cole Cornford, Paul discusses how Australia's software security industry has changed since the early 2000's, whether security professionals aught to know how to code, and plenty more.

Timestamps

2:50 - Paul's career background

7:00 - Spicy take: people on LinkedIn are too blindly positive

10:00 - Understanding what went wrong when there's a breach

13:00 - Cole doesn't think "zero trust" is feasible

14:10 - Cole: maturity of cybersecurity in Aus is weak generally

16:00 - Cole hires for dev experience, not sec ops, because dev is harder to teach

18:30 - Aus market different to US, which has lots of software companies

21:50 - Paul: we've devalued the importance of operations

22:20 - The "holy trinity" of offensive security

26:30 - What percentage of ASX companies have a bug bounty program?

28:50 - Cole's free pizza exploit

31:00 - Got to be in security for the long haul

31:40 - The book that changed Paul's life

Mentioned in this episode:

Call for Feedback