Monday May 16, 2022
EP5 - Travis McPeak: Securing the Modern SDLC with Security Guardrails
Developers today go from code-to-cloud in a matter of hours and security teams are struggling to keep up. Legacy AppSec systems and processes are impeding their efforts to scale their AppSec program and the majority of security teams feel unprepared to govern and secure the modern SDLC.
To solve this problem, organizations must rethink their approach to AppSec. Instead of trying to force developers to learn another skill set (security), adopt new tools or slow down development, AppSec teams must focus on security policies in developer workflows. Our guest today will teach us exactly how to make that happen.
Travis McPeak is the co-founder and CEO of Resourcely.io which he founded after more than a decade of experience in cybersecurity, working at organizations including Netflix, IBM, and Symantec. In addition to his work as a practitioner, Travis is an active startup advisor and an angel investor, backing startups including Authzed, DevZero, Monad, Truffle Security, and more.
Topics discussed in this episode:
- How to make security easy for developers and the tangible benefits organizations see when they are able to do so.
- Lessons learned when developers make security part of the SDLC.
- How automating security policies and controls provides developers an easy path towards prioritizing security.
- What inspired Travis to move from a security leader to startup founder.
- Why teams with smaller budgets should avoid building and maintaining their own solutions and should instead look for solutions that solve 80% of their problem.
- Why software tools created by those who haven’t had first-hand experience with the problem their software solves fail to meet the needs of security teams.
Comments (0)
To leave or reply to comments, please download free Podbean or
No Comments
To leave or reply to comments,
please download free Podbean App.