Cyber Security & Cloud Podcast artwork

CSCP S03EP 26 - Nathan - From music to cybersecurity - the appsec symphony

Cyber Security & Cloud Podcast

English - June 11, 2023 19:13 - 41 minutes - 73.5 MB
Technology News Tech News Homepage Download Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: CSCP S03EP25 - Kevin Davis - Cloud Security Migrations Pitfalls and gotchas
Next Episode: CSCP S4EP01 - Travis McPeak - Paved Road from Netflix to modern startups


 



Nathan is the manager of the application security team at Intuit Mailchimp. He has over 7 years of experience in application security working at both startups and Fortune 500 companies. In that time, Nathan has been both an engineer and a leader. His primary focus has been on building out application security programs by implementing scalable processes and efficient methodologies. Nathan holds a Master’s in Digital Forensics and CyberSecurity from John Jay College of Criminal Justice and a Bachelor’s in Music Composition from University of the Arts.


 


In this show, Nathan and Francesco discuss the start in application security, how to mentor new interns and bridge the skillgap and how to measure application security progress when deploying shift left methodologies in devsecops 


 


The episode is brought to you by Phoenix Security; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the most important vulnerabilities and reduce your exposure to modern attacks. See it for yourself. Go to https://www.phoenix.security for a free 14-day licence.


 


 


2:00 - Nathan's Intro


7:30 – from music to cybersecurity and new generation


11:00 – State of application security


14:00 – Vulnerability – What is a vulnerability in software


18:00 – How do you bring in the business in appsec – Product security


12:00 - Cybersecurity technicalities - Pen-tests  and regulation


16:00 - Cybersecurity and regulation in USA


19:00 - SBOM, Digital Software supply chain


20:00 – Risk for application security and business perspective


22:00 – Business categories of risk for application security


24:00 – Business criticality vs low criticality – how to talk about risk


26:00 – Prioritize work based on risk in application security   


27:00 – Avoiding burnout and preventing risk – Mailchimp program of work – SPIDER


31:00 – Doing more with less in application security


33:00 – Measuring shift left effectiveness – Dentist story


37:00 – Positive message and conclusion


 


Nathan


 


Blog: https://nathancooke.com/ 


Linkedin: https://www.linkedin.com/in/nathancooke7/


 


 


Cyber Security and Cloud Podcast hosted by Francesco Cipollone


Twitter @FrankSEC42


Linkedin: linkedin.com/in/fracipo 


#CSCP #cybermentoringmonday cybercloudpodcast.com 


 


Social Media Links 
Follow us on social media to get the latest episodes:
Website: http://www.cybercloudpodcast.com/
You can listen to this podcast on your favourite player:
Itunes: https://podcasts.apple.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463  
Spotify: https://open.spotify.com/show/3fg8AqP4vEi5Im8YKxazUQ 
Linkedin: https://www.linkedin.com/company/35703565/admin/  



Twitter: https://twitter.com/podcast_cyber   



Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/ 


 

Twitter Mentions