EP 32 — Leading with Context - Where Institutional Knowledge Cannot Scale

In the ever-evolving landscape of application security, organizations face the challenge of effectively scaling and growing their AppSec programs. On this episode of the Future of Application Security podcast, Harshil Parikh interviews Ty Sbano, the CISO of Vercel, who brings years of experience and expertise in the field of cybersecurity. During their conversation, Ty and Harshil shared their valuable experiences and learnings from scaling AppSec programs in small and large organizations. They also address topics such as gaining visibility into software artifacts, asset ownership and responsibility, and identifying critical tools for the business. 

Topics discussed:

• The importance of having a comprehensive understanding of software artifacts to ensure their security
• How collaboration between development teams, security teams, and asset owners can help foster a proactive approach to addressing vulnerabilities and mitigating risks.
• The shift from first-party code to third-party code
• Who owns the code and how are they taking accountability for what is shipped
• How organizations can conduct regular assessments and evaluations to identify which tools are truly important to the business and prioritize their investments accordingly

To learn more about scaling and growing AppSec programs, we highly recommend listening to the full episode.