Wednesday Aug 03, 2022
EP 10 - Dustin Lehr: How Fivetran Builds Empathy Between Developers and Security
The resounding sentiment from organizations is that there’s major tension between development and security teams. This tension makes it nearly impossible for any AppSec program to scale, making reducing this friction mission critical.
To learn how to improve the relationship between developers and security, on today’s episode of the Future of AppSec Harshil speaks with Dustin Lehr, Director of Application Security at Fivetran, a Forbes Cloud 100 company that helps companies improve the accuracy of data-driven decisions by continuously synchronizing data from source applications to any destination, allowing analysts to work with the freshest possible data.
Dustin is an accomplished software engineer turned information security leader. Having spent more than a decade as a software engineer, his diverse background and experience has helped him forge close partnerships with development teams, engineering teams, and software security advocates while pursuing the organizational culture shift of building good security habits into daily work.
His approach focuses on communicating the importance of security, instilling a sense of urgency, and motivating the organization to shift their mindset toward “Security by Design” best practices, quality focus, and technical responsibility.
Topics:
- How Dustin’s background in software engineering influenced how he approached building Fivetrans AppSec program.
- Why empathy is critical to improving the relationship between developers and security teams.
- The importance of having an engaged and gamified Security Champions program.
- Key challenges AppSec teams will face in the coming years and how they can prepare for the future.
- Why Dustin created the “Let's Talk Software Security” community.
Resources:
Dustin’s “Let's Talk Software Security” Slack community: https://join.slack.com/t/letstalksoftw-64x2506/shared_invite/zt-t3e59aj9-5zNThhcrj4TCd4HJwAoDZA
Dustin’s current book recommendation: Actionable Gamification: Beyond Points, Badges, and Leaderboards
Harshil’s conference talk: Democratizing Security: A Story of Security Decentralization
Comments (0)
To leave or reply to comments, please download free Podbean or
No Comments
To leave or reply to comments,
please download free Podbean App.