Rich has been the CISO at leading companies, including LendingClub, Twilio and GE. He got his start in security companies building vulnerability management products for companies like Qualys and Tripwire. He’s also the co-author of “How To Measure Anything In Cybersecurity Risk,” and the forthcoming “The Metrics Manifesto: Confronting Security With Data.”
In this episode, Rich interviews Clint Gibler, the head of security research for r2c who runs tl;dr sec. Learn more about the origin of Semgrep, and how it helps developers static test their code without being blocked by security.
InterVenn CISO Randy Barr talks about his career - from the Marines, to leading security for Webex when it was a small startup, to CISO for cloud security pioneer Qualys, to head of product and security ops at Zoom during the pandemic. Hear his thoughts on shifting security left for modern software development, and how to secure remote workers.
Security architect and open source contributor James Sörling talks about open source tools that make high velocity development more secure.
Scanning IaC should be a security mandate to reduce security risk for your organization. Learn how to get it done in a way that scales with modern software development.
Learn about iacbot – a free service making it easy for developers to secure their infrastructure as code - Terraform, Cloudformation, Kubernetes. Watch the demo, and give it a try.
Organizations need to modernize security for the software development lifecycle – automating security assessments throughout the SDLC. Soluble does this utilizing open source security solutions.
Rick Howard, CSO, Senior Fellow, Chief Analyst, The CyberWire, shares his thoughts on The SolarWinds Breach, Supply Chain Risk, Cloud Native Development, and security books we all must read.
Currently at PagerDuty, formerly at Twilio, Chad discusses how to manage cloud native security risk at organizations with high volume software development.
Need a way to assess the security impact of Terraform changes? Soluble helps customers understand the impact of code changes on their security posture.
Learn about three simple security checks that have a high impact on reducing cloud native security risk, and how to easily perform these checks within developer workflows.