The great overcorrection: shifting left probably left you vulnerable. Here’s how you can make it right. [CyberWire-X]

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 24 July 2022

⏱️ 27 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Shifting left has been a buzzword in the application security space for several years now, and with good reason – making security an integral part of development is the only practical approach for modern agile workflows. But in their drive to build security testing into development as early as possible, many organizations are neglecting application security in later phases and losing sight of the big picture. In this episode of CyberWire-X, the CyberWire's CSO, Chief Analyst, and Senior Fellow, Rick Howard, talks with two Hash Table members, Centene’s VP and CISO for Healthcare Enterprises, Rick Doten, and Akamai’s Advisory CISO, Steve Winterfeld. In the second half of the show, CyberWire podcast host Dave Bittner talks with our episode sponsor Invicti’s Chief Product Officer, Sonali Shah. They discuss the challenges and misunderstandings around shifting left, and provide tips on how organizations can implement web application security program without tradeoffs throughout the whole application security lifecycle.

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire X, a series of specials where we highlight important security topics affecting security professionals worldwide.
0:28.0	I'm Rick Howard, the chief security officer, chief analyst, and senior fellow at the CyberWire,
0:33.3	in today's episode, we are talking about shifting left.
0:37.0	A program note, each CyberWire X special features two segments.
0:41.0	In the first part, we'll hear from an industry expert on the topic at hand
0:44.4	and in the second part we'll hear from our show's sponsor from their point of view.
0:48.0	And since I brought it up here's a word from today's sponsor, Invicti. Your organization is building and updating business critical web applications
1:06.2	faster than ever.
1:07.8	And with so much pressure to move fast, you may find yourself making trade-offs between innovation and security.
1:14.7	Now you can build fast without sacrificing security with Invicti,
1:19.5	the application security platform that helps your Dev, Sec, and Ops teams work together to
1:25.4	secure every website, web app, and API with unparalleled accuracy, coverage and
1:31.7	automation, Invicti scales like no other world accuracy, coverage, and automation.
1:33.0	Invicti scales like no other AppSEC solution.
1:36.4	Discover why many of the world's largest organizations innovate securely
1:40.5	within Victi.
1:41.6	And we thank Invicti for sponsoring our show.
1:45.0	I'm joined by Rick Dot and the V.
1:50.0	So for Healthcare Enterprises and Centeen.
1:56.3	Rick, thanks for coming on the show.
1:58.3	Thanks Rick, happy to be here.
2:00.3	Today we're talking about application security testing and what I mean by that is extending our Zero Trust strategy beyond
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.