Library Podcasts

Play icon: go to episode

Ep. #44, Year in Review with Guy Podjarny
December 26, 2019

with Guy Podjarny

In episode 44 of The Secure Developer, Guy Podjarny sits down with guest host Simon Maple of Snyk to reflect back on the numerous guests he’s had on the show throughout 2019, and the many security lessons and insights shared along the way.

Play icon: go to episode

Ep. #43, Combatting Security Burnout with Stu Hirst of Just Eat
December 12, 2019

with Stu Hirst

In episode 43 of The Secure Developer, Guy joins Stu Hirst, Principle Cloud Security Engineer at Just Eat. They discuss Stu’s journey into cloud security, avoiding burnout, cultivating better hiring practices, and the importance of failing fast.

Play icon: go to episode

Ep. #42, News Media Security with Kate Whalen of The Guardian
November 28, 2019

with Kate Whalen

In episode 42 of The Secure Developer, Guy speaks with Kate Whalen, a security engineer at The Guardian, to discuss news media security and advocating security across many teams within a large organization.

Play icon: go to episode

Ep. #41, Optimizing Team Communication with Sara Dunnack of InVision
November 14, 2019

with Sara Dunnack

In episode 41 of The Secure Developer, Guy talks with Sara Dunnack, a security engineer at InVision. They discuss methods for improving communication between DevSecOps, AppSec, and Engineering teams within an organization.

Play icon: go to episode

Ep. #40, Large-Scale Digital Transformation with Brian Sodano of Liberty Mutual
October 31, 2019

with Brian Sodano

In episode 40 of The Secure Developer, Guy speaks with Brian Sodano, Director of Engineering at Liberty Mutual Insurance. They unpack what happens to security when a company goes through a large-scale digital transformation, and ruminate on the future of the security industry.

Play icon: go to episode

Ep. #39, Build, Break, and Defend with Mohan Yelnadu of Prudential
October 17, 2019

with Mohan Yelnadu

In episode 39 of The Secure Developer, Guy is joined by Mohan Yelnadu, Head of AppSec at Prudential. They discuss Mohan’s journey from pen tester to DevSecOps consultant, security threat modeling, and his 6 principles of continuous security.

Play icon: go to episode

Ep. #38, You Own It, You Secure It with Andy Ellis of Akamai
October 3, 2019

with Andy Ellis

In episode 38 of The Secure Developer, Guy speaks with Andy Ellis, CSO of Akamai. They discuss streamlining customer assurance, the role of an incidents coordinator, and the value of transparency between a security company and their associates.

Play icon: go to episode

Ep. #37, Security Transformation with James Kaplan of McKinsey & Company
September 19, 2019

with James Kaplan

In episode 37 of The Secure Developer, Guy speaks with James Kaplan of McKinsey & Co. James describes his journey into the telecommunications industry, and how many longstanding companies must reevaluate security practices when going through a digital transformation.

Play icon: go to episode

Ep. #36, Holistic Security with Peter Oehlert of Smartsheet
September 5, 2019

with Peter Oehlert

In episode 36 of The Secure Developer, Guy is joined by Peter Oehlert of Smartsheet. They discuss holistic security approaches, understanding various categories of risk, and how the different teams in a large organization can work together to improve security.

Play icon: go to episode

Ep. #35, Secure Coding in C/C++ with Robert C. Seacord of NCC Group
July 25, 2019

with Robert C. Seacord

In episode 35 of The Secure Developer, Guy is joined by Robert C. Seacord of NCC Group, who champions the continued practice of coding security in C and C++, and offers practical advantages to using various programming languages in the Agile era.

Play icon: go to episode

Ep. #34, Positive Security with Siren Hofvander of Cybercom
July 11, 2019

with Siren Hofvander

In episode 34 of The Secure Developer, Guy speaks with Siren Hofvander of Cybercom about her enlightening journey from the digital medical space to running a secure developer consulting team, as well as her empathy-driven ethos in the one-size-fits-all security world.

Play icon: go to episode

Ep. #33, Engineering Teams with Leif Dreizler and Eric Ellett of Segment
June 28, 2019

with Leif Dreizler, Eric Ellett

In episode 33 of The Secure Developer, Guy is joined by Leif Dreizler and Eric Ellett of Segment. They discuss motivating security teams, the importance of investing time in your business relationships, and the longterm rewards of proper security training.

Play icon: go to episode

Ep. #32, Security and Compliance with Duncan Godfrey of Auth0
June 13, 2019

with Duncan Godfrey

In episode 32 of The Secure Developer, Duncan Godfrey from Auth0 speaks with Guy about his journey into security. Duncan also shares great insights into staying secure and compliant in a fast moving environment.

Play icon: go to episode

Ep. #31, Evangelizing Security with Tanya Janca of Microsoft
May 30, 2019

with Tanya Janca

In episode 31 of The Secure Developer, Guy is joined by Tanya Janca, Cloud Advocate at Microsoft. Tanya shares insights, from her early days leading software teams for the Canadian government, to evangelizing software security at Microsoft.

Play icon: go to episode

Ep. #30, Improving Security Culture with Justin Somaini
May 16, 2019

with Justin Somaini

In episode 30 of The Secure Developer, Guy speaks with Justin Somaini, a security industry leader and Founder of Somaini LLC. They discuss how security theory has changed over the past 25 years, and how AppSec can be improved by educating the developer community.

Play icon: go to episode

Ep. #29, The State of Open Source & Docker Security
May 2, 2019

with Liran Tal

In episode 29 of The Secure Developer, Guy sits down with Liran Tal, Developer Advocate at Snyk, to discuss the state of open source, Docker security, and developer infrastructure.

Play icon: go to episode

Ep. #28, Developer Empathy with Jason Chan of Netflix
April 18, 2019

with Jason Chan

In episode 28 of The Secure Developer, Guy is joined by Jason Chan of Netflix to discuss simplifying the security process for software developers, as well as some of the open source projects Netflix has shared with the community.

Play icon: go to episode

Ep. #27, Open Source Security with Jeff McAffer of Microsoft
April 4, 2019

with Jeff McAffer

In episode 27 of The Secure Developer, Guy is joined by Jeff McAffer, director of Microsoft’s Open Source Programs Office, who shares his insights on how to keep open source projects sustainable and secure for the whole community.

Play icon: go to episode

Ep. #26, Security Education with Jim Manico
March 21, 2019

with Jim Manico

In episode 26 of The Secure Developer, Guy is joined by Jim Manico, founder of Manicode Security, to discuss insights from his long career as a security educator, and to explore the importance of developer training in AppSec.

Play icon: go to episode

Ep. #25, Golden Images with Simon Bennett of Bitnami
March 14, 2019

with Simon Bennett

In episode 25 of The Secure Developer, Guy meets with Simon Bennett, VP Product at Bitnami, to discuss golden images, image layering, and how Bitnami helps accelerate application delivery across multiple clouds.

Play icon: go to episode

Ep. #24, Application Security with Omer Levi Hevroni
January 24, 2019

with Omer Levi Hevroni

In episode 24 of The Secure Developer, Guy is joined by Omer Levi Hevroni, DevSecOps Engineer at Soluto, to discuss application security, OWASP, security ‘mavens,’ and more.

Play icon: go to episode

Ep. #23, Automation with One Medical’s Zach Powers
November 20, 2018

with Zach Powers

In episode 23 of The Secure Developer, Guy speaks with Zach Powers, CISO of One Medical, to discuss the evolution of security at One Medical, what he looks for when hiring for his team, and why automation is a must.

Play icon: go to episode

Ep. #22, Authentication with Yubico’s Stina Ehrensvärd
November 1, 2018

with Stina Ehrensvärd

In episode 22 of The Secure Developer, Guy meets with Stina Ehrensvärd, founder and CEO of Yubico, to explore how hardware solutions like YubiKey can be an effective approach to authentication and security.

Play icon: go to episode

Ep. #21, Managing Security with Cybersecurity Leader and DevSecOps Practitioner Julie Tsai
October 16, 2018

with Julie Tsai

In episode 21 of The Secure Developer, Guy meets with Julie Tsai, Cybersecurity Leader and DevSecOps Practitioner Julie Tsai, to discuss ways to manage secure systems and bridge the gap between security and DevOps.

Play icon: go to episode

Ep. #20, Using ThreadFix with Dan Cornell of Denim Group
September 20, 2018

with Dan Cornell

In episode 20 of The Secure Developer, Guy speaks to Dan Cornell, CTO of Denim Group, the developer security firm behind ThreadFix, a vulnerability resolution platform.

Play icon: go to episode

Ep. #19, Measuring Security with Allison Miller
August 28, 2018

with Allison Miller

In episode 19 of The Secure Developer, Guy meets with Allison Miller to discuss the ways technology and security have intersected throughout her career.

Play icon: go to episode

Ep. #18, Collaborative Security with HackerOne’s Marten Mickos
June 21, 2018

with Marten Mickos

In episode 18 of The Secure Developer, Guy meets with Marten Mickos, CEO of HackerOne, a platform for vulnerability coordination and a bug bounty program that helps developers test and build more secure systems.

Play icon: go to episode

Ep. #17, Security Research with The Morning Paper’s Adrian Colyer
June 6, 2018

with Adrian Colyer

In episode 17 of The Secure Developer, Guy meets up with Adrian Colyer, Venture Partner at Accel and author of The Morning Paper, a daily recap of academic articles in computer science. The pair investigates how researchers are discovering new side-channel attacks and vulnerabilities that look, at first glance, like they’re out of a science fiction or spy novel.

Play icon: go to episode

Ep. #16, Security Training with Elevate’s Masha Sedova
May 15, 2018

with Masha Sedova

In episode 16 of The Secure Developer, Guy is joined by Masha Sedova, co-founder of Elevate Security, to discuss how training for employees (even developers) can help companies stay one step ahead of the pack when it comes to preventing a breach.

Play icon: go to episode

Ep. #15, Enterprise Security with RedMonk’s James Governor
May 1, 2018

with James Governor

In episode 15 of The Secure Developer, Guy is joined by James Governor, Analyst and Co-founder of RedMonk, a developer-focused industry analyst firm. The pair discusses multiple ways that companies can be incentivized, and how they can incentivize others, to invest in and improve security.

Play icon: go to episode

Ep. #14, How Slack Stays Secure During Hyper Growth
January 18, 2018

with Geoff Belknap

In the latest episode of The Secure Developer, Guy is joined by Geoff Belknap, Chief Security Officer at Slack. Geoff discusses what drew him into security and reveals why it’s critical for security teams to be recognized as a full-fledged member of engineering. He explains why it makes sense for companies to develop a track record of transparency and actively encourage community participation through bug bounty programs.

Play icon: go to episode

Ep. #13, How New Relic Does Security
October 3, 2017

with Shaun Gordon

In the latest episode of The Secure Developer, Guy is joined by Shaun Gordon, Chief Security Officer at New Relic. Shaun tells us how he got into a career in security and explains how the role of security has evolved at New Relic.

Play icon: go to episode

Ep. #12, Keeping Cloud Foundry Secure
September 19, 2017

with Molly Crowther

In the latest episode of The Secure Developer, Guy is joined by Molly Crowther from Pivotal. Molly discusses her role in managing security at Cloud Foundry, an open source cloud platform on which developers can build, deploy and run applications.

Play icon: go to episode

Ep. #11, Keeping PagerDuty Secure
June 14, 2017

with Arup Chakrabarti, Kevin Babcock, Rich Adams

In the latest episode of The Secure Developer, Guy is joined by Arup Chakrabarti, Kevin Babcock and Rich Adams from PagerDuty. They discuss how they put into practice their security vision of “making it easy to do the right thing”.

Play icon: go to episode

Ep. #10, Dynamic Authorization: The Evolution of Access Controls
April 28, 2017

with Aren Sandersen

In the latest episode of The Secure Developer, Guy is joined by Aren Sandersen. They examine the current state of access control systems and discuss the need for better education and tooling to support time-bound dynamic access control.

Play icon: go to episode

Ep. #9, Making Security More Inclusive
March 20, 2017

with Francois Raynaud

In the latest episode of The Secure Developer, Francois Raynaud joins Guy to discuss the current state of IT security, and steps to improve it at your startup.

Play icon: go to episode

Ep. #8, What’s In A Security Policy?
February 16, 2017

with Geva Solomonovich

In this episode of The Secure Developer, Geva Solomonovich, COO at Snyk and founder of Snowy Peak Security joins Guy to discuss security policies, and why you shouldn’t wait to implement your own.

Play icon: go to episode

Ep. #7, Understanding Container Security
January 30, 2017

with Ben Bernstein

In this episode of The Secure Developer, Ben Bernstein from Twistlock joins Guy to discuss container security. Are you currently using containers, or thinking about moving to containers in your stack? You won’t want to miss this episode.

Play icon: go to episode

Ep. #6, Developer War Games: Capture The Flag!
January 10, 2017

with Danny Grander

In episode #6 of The Secure Developer, Guy is joined by his Snyk.io co-founder Danny Grander for an in depth discussion on CTF (Capture The Flag) competitions in the security world. Learn about the differences between jeopardy style and attack-defense CTFs, the future of AI powered hacking (and defense!), and where you should start if you’re interested in playing.

Play icon: go to episode

Ep. #5, Continuous Security at Chef
November 15, 2016

with Adam Jacob

In the fifth installment of The Secure Developer, Guy talks with Chef CTO Adam Jacob about the role security can play in DevOps and continuous integration/deployment. They cover the differences between baked-in and bolted on security and how automation with Habitat can change the way developers approach secure coding.

Play icon: go to episode

Ep. #4, Getting Down To The Metal
November 5, 2016

with Eric Lawrence

In episode #4 of The Secure Developer, Guy is joined by Eric Lawrence of the Google Chrome security team. Eric and Guy begin with a discussion on what it takes to be a great security engineer – namely curiosity and a willingness to learn. Later they discuss the growing importance of the modern web browser, and how security previously only found in operating systems is now moving into browsers themselves. Finally they discuss the current state of HTTPS, including the carrots and the sticks that browser designers like Eric have at their disposal.

Play icon: go to episode

Ep. #3, Security From The Start
October 26, 2016

with Sabin Thomas

In episode 3 of The Secure Developer, Guy is joined by Sabin Thomas, VP of Engineering at Codiscope, where he creates tools that help developers build and deploy secure code faster. The two discuss the difficulties presented by the accelerating release of new tools and frameworks, the problem of too many sticks and not enough carrots, and the benefits of designing with security in mind from the start.

Play icon: go to episode

Ep. #2, Making Security A Requirement
October 10, 2016

with Gergely Nemeth

In this episode of The Secure Developer, Guy hosts RisingStack Founder and CEO Gergely Nemeth. The pair discuss the difficulties of selling security as a requirement, some of the most common attack vectors used on today’s web, and finally about the work Gergely is doing on Trace, a Node.js focused tool that makes debugging code simple.

Play icon: go to episode

Ep. #1, Prioritizing Secure Development
September 22, 2016

with Kyle Randolph

In our first episode, Guy is joined by Kyle Randolph, Principal Security Engineer at Optimizely. Kyle and Guy discuss the sometimes difficult but always important task of prioritizing security in your engineering organization. Kyle shares stories from his time at Optimizely, Adobe, and Twitter.