• The Secure Developer

  • By: Snyk
  • Podcast

The Secure Developer

By: Snyk
Listen for free

  • Summary

  • Securing the future of DevOps and AI: real talk with industry leaders.
    2016 - 2024 Snyk
    Show more Show less
Economics Management Management & Leadership Personal Development Personal Success
Show more Show less
Episodes
  • Building Security Culture With Dustin Lehr

    Building Security Culture With Dustin Lehr
    Feb 18 2025

    Episode Summary

    Security is more than just a checklist—it’s a cultural movement. In this episode, Dustin Lehr, Co-founder of Katilyst, joins Danny Allan to explore the intersection of security, engineering, and culture. They discuss how to foster security champions, scale security programs, and build a culture where developers naturally integrate security into their workflows. Dustin shares insights from his extensive career, offering practical strategies for creating lasting change in security practices.

    Show Notes

    Security isn’t just about tools—it’s about people. In this episode of The Secure Developer, Dustin Lehr, Co-founder of Katilyst, joins Danny Allan to discuss the importance of building a strong security culture within engineering teams.

    Dustin shares his journey from software engineering to security leadership, emphasizing how security should be an extension of software quality. He highlights how security champions programs can empower developers to take ownership of security without disrupting their workflow.

    Key topics include:

    • The evolution of software development and how security fits in
    • Best practices for launching and sustaining a security champions program
    • The psychology of change and how to influence developer behavior
    • The role of AI in security culture—what works and what doesn’t
    • Metrics and strategies for measuring the success of security initiatives

    With real-world insights and actionable advice, this episode is a must-listen for security and engineering leaders looking to scale security through culture, not just technology.

    Links

    • Katilyst – Dustin Lehr’s company focused on security culture
    • Security Champion Program Success Guide – A free resource for building effective security champion programs
    • Snyk - The Developer Security Company

    Follow Us

    • Our Website
    • Our LinkedIn
    Show more Show less
    38 mins
  • Securing And Defending Like Brazilian Jiu-Jitsu With Jeremiah Grossman

    Securing And Defending Like Brazilian Jiu-Jitsu With Jeremiah Grossman
    Feb 4 2025

    Episode Summary

    Join Jeremiah Grossman, application security pioneer and former CEO of WhiteHat Security, as he reflects on decades of innovation in the industry, from the early days of OWASP to today’s AI-driven development landscape. Explore critical discussions about the escalating costs of security, aligning developer incentives, and the future challenges posed by AI-generated vulnerabilities. Packed with insights, this episode dives deep into the strategies and frameworks shaping the way we build and secure modern software.

    Show Notes

    In this episode of The Secure Developer, we sit down with Jeremiah Grossman, a pioneer in application security and former CEO of WhiteHat Security. Jeremiah shares fascinating insights from his decades of experience shaping the security landscape, including the origins of the OWASP project and his role in raising awareness about critical vulnerabilities like SQL injection and cross-site scripting.

    The conversation delves into how the industry has evolved over the past two decades, from the early days when nearly every application was riddled with vulnerabilities to today’s more robust frameworks and heightened security awareness. Despite these advancements, Jeremiah and Danny discuss why security spending remains high while organizations continue to struggle with improving their overall security posture.

    Key topics include:

    • The misalignment of incentives in software development that prioritizes speed over security.
    • The emerging role of cyber insurance in shaping organizational security practices.
    • The challenges of unknown assets and their contribution to breaches, highlighting the importance of asset inventory and attack surface management.
    • The impact of AI on software development, particularly the risks and opportunities presented by AI-generated code and new attack surfaces.

    Jeremiah also shares his thoughts on aligning incentives for secure development, including innovative approaches like developer performance metrics and reward structures for secure coding. The episode concludes with a look at Jeremiah’s current focus on venture capital and fostering innovation in security, as well as his personal passion for Brazilian jiu-jitsu and its parallels with the security industry.

    This episode is a deep dive into the critical challenges and opportunities facing modern security professionals, offering actionable insights and thought-provoking discussions for developers, CISOs, and security practitioners alike.

    Links

    • OWASP (Open Web Application Security Project)
    • Black Hat
    • Node.js
    • Brave Browser
    • Chromium
    • Cornell Study on AI Code Vulnerabilities
    • Snyk - The Developer Security Company

    Follow Us

    • Our Website
    • Our LinkedIn
    Show more Show less
    37 mins
  • The Development Of Security With David Mytton

    The Development Of Security With David Mytton
    Jan 21 2025
    Episode SummaryIn this episode of The Secure Developer, host Danny Allan sits down with David Mytton, founder and CEO of Arcjet, former CEO of Server Density, and co-founder of Console.dev. David shares his insights into bridging the “developer-security gap” with Arcjet, a cutting-edge middleware SDK designed to empower developers with advanced security tools like rate limiting and bot protection. The conversation dives into the evolution of developer tools, the growing role of AI in coding, and the future of secure software development in modern environments. David also offers a fascinating perspective on sustainable computing and the impact of clean energy in the tech industry.Show NotesIn this thought-provoking episode of The Secure Developer, host Danny Allan sits down with David Mytton, founder and CEO of Arcjet, to explore the evolving intersection of development, security, and AI. David, a serial entrepreneur with deep roots in cloud monitoring and developer tools, shares his journey from co-founding Server Density to building Arcjet, a groundbreaking solution for developers managing runtime security.The conversation begins with David’s take on why developers should prioritize security early in the development lifecycle. He highlights the challenges developers face in modern environments, where traditional security tools often fail to integrate seamlessly with serverless and edge computing platforms. David introduces Arcjet as an innovative SDK that empowers developers to implement rate-limiting, bot detection, and other security measures directly in their applications, offering a developer-first approach to runtime protection.Delving deeper, the discussion shifts to the rise of WebAssembly as a transformative technology. David explains how WebAssembly enables near-native performance across platforms while providing unparalleled isolation—making it a perfect fit for modern security needs. He contrasts this with traditional intrusion detection systems and outlines how Arcjet leverages WebAssembly to fill the gaps left by legacy tools.The episode also explores the broader evolution of the developer ecosystem. From the increasing adoption of AI-powered coding tools to the growing interest in languages like Rust, David shares his perspective on how these trends are reshaping software development. He also discusses the challenges of balancing AI-generated code with the need for security and the potential for AI to exacerbate vulnerabilities if not carefully managed.As the conversation wraps up, David touches on his research in sustainable computing and its implications for the tech industry. He highlights the positive strides being made toward greener computing practices and how developers can contribute to a more sustainable future.This episode offers a rich blend of technical insights, forward-thinking ideas, and practical advice for developers and security professionals navigating the ever-changing landscape of software security and development.LinksArcjetConsoleAcquiaRust Programming LanguageUniversity of OxfordSnyk - The Developer Security Company Follow UsOur WebsiteOur LinkedIn
    Show more Show less
    34 mins

What listeners say about The Secure Developer

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.com reviews

Amazon reviews
No Reviews are Available