StackHawk and Shift-Left API Security with Scott Gerlach

Software Engineering Daily

Technology, News, Tech News

4.2 • 653 Ratings

🗓️ 6 March 2025

⏱️ 46 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

APIs are a fundamental part of modern software systems and enable communication between services, applications, and third-party integrations. However, their openness and accessibility also make them a prime target for security threats, and this makes APIs a growing focus on software teams. StackHawk is a company that scans and monitors source code to obtain the

Transcript

Click on a timestamp to play from that location

0:00.0	APIs are a fundamental part of modern software systems and enable communication between services,
0:06.0	applications, and third-party integrations.
0:09.0	However, their openness and accessibility also make them a prime target for security threats,
0:14.0	and this makes APIs a growing focus on software teams.
0:18.0	StackHawk is a company that scans and monitor source code to obtain the full scope of an
0:23.1	organization's APIs and applications, and runs tests to identify vulnerabilities and address
0:28.9	them pre-production.
0:30.5	Scott Gerlach is the co-founder and chief security officer at Stackhawk and previously worked
0:36.0	at Sendgrid and GoDaddy. He has an extensive background
0:39.5	running security operations and engineering, and in this episode, he joins the show to talk about
0:45.0	the challenges around API security and leading edge strategies to address them. Gregor Vand is a security
0:51.9	focused technologist and is the founder and CTO of MailPass.
0:56.5	Previously, Gregor was a CTO across cybersecurity, cyber insurance, and general software engineering companies.
1:03.1	He has been based in Asia Pacific for almost a decade and can be found via his profile at vand.hk. Hi, Scott. Welcome to Software Engineering Daily.
1:25.6	Hey Gregor. Thanks for having me. It's super awesome to be here on Software Engineering Daily. Yeah, great to Software Engineering Daily. Hey, Gregor, thanks for having me. It's super awesome to be here
1:28.3	on Software Engineering Daily. Yeah, great to have you here and you're here on behalf of Stackhawk as a co-founder.
1:35.5	And we're going to be hearing all about Stackhawk and what the platform does. I mean, it's all sort of,
1:40.6	without any spoilers here. It's all about security. security it's about API security so this is a topic
1:45.1	I I love to to dive into and I think API security especially is always something that I've always
1:51.0	wondered how how best to do to do this so we're going to be going into that today but in true
1:57.3	SE daily fashion be great just to just to hear a little bit about yourself,
2:01.6	kind of what was your, just a brief, kind of what was your path to co-founding and you're also
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from Software Engineering Daily, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of Software Engineering Daily and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.