Detection at Scale
86 episodes - English - Latest episode: 8 days ago - ★★★★★ - 10 ratingsThe Detection at Scale Podcast is dedicated to helping security practitioners and their teams succeed at managing and responding to threats at a modern, cloud scale.
Every episode is focused on actionable takeaways to help you get ahead of the curve and prepare for the trends and technologies shaping the future.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
WP Engine’s Christopher Watkins on Cost-Effective Threat Hunting Strategies
July 09, 2024 09:19 - 21 minutes - 24.2 MBIn this episode of Detection at Scale, Jack welcomes Christopher Watkins, Senior Staff Cloud Security Engineer at WP Engine, to discuss innovative logging solutions and efficient data management across multiple cloud platforms. Chris reveals how WP Engine leverages native tools and robust API gateways to streamline logging processes. He shares strategies for cost-effective threat hunting, such as optimizing large-scale queries through table partitioning. Chris also emphasizes the import...
Elastic’s Darren LaCasse on Cutting Alert Volumes in Half By Automating Responses
June 25, 2024 14:25 - 27 minutes - 31.5 MBIn this episode of Detection at Scale, Jack Naglieri chats with Darren LaCasse, Director of Threat Intelligence, Incident Response, & Threat Detection at Elastic. Darren offers insights into the innovative project around detection as code, shedding light on the methodologies Elastic employs to enhance security operations. Darren touches on the challenges of managing massive amounts of data, the importance of prioritization in security tasks, and how automation has revolutionized their resp...
Check Point’s Daniel Wiley on Balancing Technology and Human Analytics in Cybersecurity
June 11, 2024 11:43 - 44 minutes - 50.9 MBIn this episode of the Detection at Scale podcast, Jack speaks to Daniel Wiley, Head of Threat Management and Chief Security Advisor at Check Point Software, to discuss the intricacies of balancing technology and human analytics in cybersecurity. Daniel shares his experiences in building three successful internal startups at Check Point and emphasizes the importance of continuous learning throughout one’s career. He also touches on effective incident response strategies for small- to mediu...
Inductive Automation’s Jason Waits on Building Scalable Security Programs Through Automation
May 28, 2024 17:18 - 19 minutes - 22 MBIn our latest episode of Detection at Scale, Jason Waits, CISO at Inductive Automation, shares insights learned in his journey from network administration to cybersecurity and the importance of SCADA systems. He dives into the value of automation, ML, and AI in security operations, highlighting the need for asking the right questions for efficient data analysis. Jason also discusses building a security team with a focus on detection and response, leveraging automation for faster investigat...
Panther’s Jack Naglieri on Navigating the New Role of Detection Engineering in Cybersecurity (Special Episode)
May 21, 2024 13:26 - 23 minutes - 27.4 MBIn our recent special Hot Ones-style episode of Detection at Scale, Panther CEO Will Lowe and Founder & CTO Jack Naglieri sit down to taste hot sauces and talk hot topics in the field of cybersecurity. Jack shares his evolution from security professionals to founders, emphasizing the importance of experience and understanding attacker profiles. Jack also gives his insights on the foundational skills to becoming a detection engineer, including building detection engineering functions and ha...
The Duckbill Group’s Corey Quinn on What Billing Data Can Tell Us About AWS Security
May 14, 2024 14:20 - 28 minutes - 32.2 MBIn a recent episode of the Detection at Scale podcast recorded at the RSA conference, Jack chats with Corey Quinn, Chief Cloud Economist at The Duckbill Group, an AWS cost-management agency. They talked about the intersection of security and billing in the context of AWS environments, highlighting the significance of observability through billing data to enhance security measures. Corey also discussed key offenders in AWS services for security and highlighted the challenges companies face ...
LinkedIn’s Jeff Bollinger on the Role of Human Intuition in Addressing Security Challenges
May 07, 2024 15:04 - 40 minutes - 46.6 MBIn this episode, Jack Naglieri speaks to Jeff Bollinger, Director of Incident Response and Detection Engineering at LinkedIn, who shares valuable insights on his journey in security, key technological shifts he's witnessed, and his approach to threat intelligence, incident response, and monitoring. Jeff highlights the importance of contextual understanding in security operations and emphasized the critical role of human intuition, adaptability, and creativity in addressing security challen...
Brex’s Josh Liburdi on How Boring Is Beautiful When It Comes to Apps, Whether You Build or Buy Them
April 23, 2024 11:37 - 35 minutes - 40.7 MBIn this episode, Jack Naglieri speaks to Josh Liburdi, Staff Security Engineer at Brex. Josh explains the process of developing their new security data pipeline toolkit, Substation and how it has been working. He also discusses the importance of quality data, highlighting the impact of data transformation. Josh also shares his insights on the value of human analysis in SecOps and modern incident response strategies, from handling alerts to understanding program gaps. Topics discussed: T...
Josh Liburdi on Brex's Innovative Approach to Data Quality in SecOps
April 23, 2024 11:37 - 35 minutes - 40.7 MBIn this episode, Jack Naglieri speaks to Josh Liburdi, Staff Security Engineer at Brex. Josh explains the process of developing their new security data pipeline toolkit, Substation and how it has been working. He also discusses the importance of quality data, highlighting the impact of data transformation. Josh also shares his insights on the value of human analysis in SecOps and modern incident response strategies, from handling alerts to understanding program gaps. Topics discussed: T...
SAP's Matthew Valites on Why He Is a Proponent of Detection as Code
April 09, 2024 10:20 - 29 minutes - 33.8 MBOn this week's episode of the Detection at Scale podcast, Jack talks with Matthew Valites, Director of Threat Detection & Operational Strategy at SAP. They discuss which threat detection approach works the best, what metrics Matthew uses to gauge his programs, and why Matthew is a proponent of using detection as code. Matthew also looks to the future and gives his prediction on what role technology such as GenAI will play in the security landscape. They close out their conversation with so...
Meta's Justin Anderson on How to Understand, Identify, and Execute Your Detection Strategy
February 27, 2024 16:51 - 28 minutes - 32.8 MBOn this week's episode of the Detection at Scale podcast, Jack talks with Justin Anderson, Security Engineering Manager, Detection & Response at Meta. They discuss how Meta has built its detection engineering program, how it treats detection-as-code like software, and how it gauges risk by assessing the TTPs applicable to the environment. They also talk about where AI is able to help out in development, the greater need for engineering and investigation skills, and three things to remember w...
Sony's Charles Anderson on How to Manage Detections and Risk Across a Global Company
January 23, 2024 17:25 - 35 minutes - 40.5 MBOn this week's episode of the Detection at Scale podcast, Jack talks with Charles Anderson, Director, Global SOC at Sony. They discuss better approaches to risk-based alerting that leverage metadata, how they fine tune detections across a global organization, and what factors to use when determining thresholds. They also talk about how to use Time to Detect to improve your strategies, how LLMs can help with baseline detection, and why it's key to not lose sight of risk in pursuit of threat. ...
Remitly’s Jason Craig on Building Better Strategies for Identity, Logging, and Threat Modeling
January 09, 2024 21:19 - 40 minutes - 45.8 MBOn this week's episode of the Detection at Scale podcast, Jack talks with Jason Craig, Director - Threat Detection & Response at Remitly. They discuss the common TTPs of threat actors and how organizations can better protect against them by adopting hardware-backed authentication, a risk-based approach to logging, and building their threat modeling. They also talk about why organizations should move away from cellular MFA, the need for more behavioral profiling, and advice for security profe...
AppOmni’s Drew Gatchell on Creating Better Detection for SaaS Platforms
December 19, 2023 11:00 - 30 minutes - 41.6 MBOn this week's episode of the Detection at Scale podcast, Jack talks with Drew Gatchell, Director, Detection Engineering at AppOmni. They discuss how to overcome the challenges to detection on SaaS platforms and how they're building strategies upon alerting and detection frameworks. They also talk about how generative AI can help with normalizing inputs, the benefits of data lakes for D&R, and why it's key to have a measurable plan for detection. Topics discussed: How AppOmni is tackling t...
Block’s Emanueal Mulatu on Reducing Burnout, Fostering Engagement, and Increasing Productivity in Security
December 12, 2023 16:24 - 22 minutes - 30.7 MBOn this week's episode of the Detection at Scale podcast, Jack talks with Emanueal Mulatu, Senior Engineering Manager - Detection & Response at Block. Together, they discuss what success means in security, the most rewarding things about security, and how to address and prevent one of the biggest challenges today: burnout. They also talk about ways to increase productivity through automation, the potential for AI and large language models, and why creating a great workplace starts with a hea...
Google Cloud’s Anton Chuvakin on Decoupled SIEMs and the Future of Data Platforms and Security
November 28, 2023 12:52 - 45 minutes - 63 MBOn this week's episode of the Detection at Scale podcast, Jack talks with Dr. Anton Chuvakin, Senior Security Staff at the Office of the CISO at Google Cloud. They dig deeper into the conversation taking place online around decoupled SIEMs, which both Jack and Anton wrote about. They discuss what a decoupled SIEM is, the evolution of data platforms and security capabilities, if decoupled SIEMs will work broadly with current customer demands, and if having backend data lakes is the best solut...
Deloitte’s Dhruv Majumdar on How to Mature Your Detection and Response
November 14, 2023 17:08 - 54 minutes - 75 MBOn this week's episode of the Detection at Scale podcast, Jack talks with Dhruv Majumdar, Director, Cyber Risk & Advisory at Deloitte. They discuss common challenges when transitioning from a traditional SOC to a detection and response program, what questions to ask when building a threat modeling strategy, and the benefits data lakes can unlock for D&R. They also talk about how LLMs are helping detect exfiltration and –the need for security controls, policies, and good partnerships. Topics...
Google’s Anton Chuvakin and Timothy Peacock on How to Take Your D&R Efforts from 0 to 1 — or 5, or 100
July 05, 2023 16:20 - 44 minutes - 61.1 MBOn this week's episode of the Detection at Scale podcast, Jack talks with Anton Chuvakin, Security Advisor at the Office of the CISO at Google Cloud, and Timothy Peacock, Senior Product Manager at Google. Together, they discuss some of the needs and trends in cybersecurity today, including how to know what level of D&R your organization needs, the use cases for AI today, and how LLMs and SIEMs will handle data at scale. They also talk about the need for more creative solutions to misconfigur...
David Seidman of Robinhood Talks Tools, Strategies, & Advice for Improving Detections at Scale
March 21, 2023 14:16 - 40 minutes - 56.3 MBIn this episode, Jack speaks with David Seidman, Head of Detection and Response at Robinhood. David has worked for large tech companies like Google, Microsoft, and Salesforce in a variety of D&R roles. During this episode, David shares his tactical advice on how his team is building the pipes and engines of security at Robinhood, his top tools to improve fidelity of detections, and what he’s learned in his career that’s made him a better practitioner and leader. Topics discussed: The ‘...
Chris Witter on Leading D&R Teams for Both Cloud and Enterprise at Spotify
February 07, 2023 16:52 - 35 minutes - 49.3 MBIn this episode, Jack chats with Christopher Witter (aka Witter), Engineering Manager, Detection & Response at Spotify and a founding member and former lead for Crowdstrike’s Falcon OverWatch managed hunting service. Witter has nearly two decades of experience in incident response and information security, holding leadership roles on computer security and incident response teams (CSIRT) with both a top five global bank and a top ten defense contractor. During this episode, Witter shares ...
EP 29: Chris Witter on Leading D&R Teams for Both Cloud and Enterprise at Spotify
February 07, 2023 16:52 - 35 minutes - 49.3 MBIn this episode, Jack chats with Christopher Witter (aka Witter), Engineering Manager, Detection & Response at Spotify and a founding member and former lead for Crowdstrike’s Falcon OverWatch managed hunting service. Witter has nearly two decades of experience in incident response and information security, holding leadership roles on computer security and incident response teams (CSIRT) with both a top five global bank and a top ten defense contractor. During this episode, Witter shares ...
Kelly Jackson Higgins Discusses The Evolution of Cybersecurity
January 24, 2023 15:00 - 24 minutes - 33.9 MBIn this episode, Jack Naglieri speaks to Kelly Jackson Higgins, Editor-in-Chief at Dark Reading. During the episode, they share their thoughts about how cyber threats have changed over the years. Topics discussed: Kelly offers fascinating insights into how cybersecurity journalism has evolved to keep pace with the ever-changing industry. She offers an example of why choosing to patch systems is not always an easy decision for security teams. Jack and Kelly talk about how perceptions aro...
EP 28: Kelly Jackson Higgins Discusses The Evolution of Cybersecurity
January 24, 2023 15:00 - 24 minutes - 33.9 MBIn this episode, Jack Naglieri speaks to Kelly Jackson Higgins, Editor-in-Chief at Dark Reading. During the episode, they share their thoughts about how cyber threats have changed over the years. Topics discussed: Kelly offers fascinating insights into how cybersecurity journalism has evolved to keep pace with the ever-changing industry. She offers an example of why choosing to patch systems is not always an easy decision for security teams. Jack and Kelly talk about how perceptions aro...
Ep 27: Michael Hanley of GitHub on Why Security Needs Engineering, and Vice Versa
December 13, 2022 15:00 - 28 minutes - 38.5 MBIn this episode of the Detection at Scale, Jack speaks with Michael Hanley, Chief Security Officer and SVP of Engineering at GitHub. He also spent five years at Duo Security building their security program, and is passionate about making security easy and accessible for everyone. Topics include: How to think about managing in a dual role as both head of security and engineering, and what success looks like for both. What some of the synergies are between security and engineering, and why...
Michael Hanley of GitHub on Why Security Needs Engineering, and Vice Versa
December 13, 2022 15:00 - 28 minutes - 38.5 MBIn this episode of the Detection at Scale, Jack speaks with Michael Hanley, Chief Security Officer and SVP of Engineering at GitHub. He also spent five years at Duo Security building their security program, and is passionate about making security easy and accessible for everyone. Topics include: How to think about managing in a dual role as both head of security and engineering, and what success looks like for both. What some of the synergies are between security and engineering, and why...
Adeel Saeed on How to Move from A Reactive to a Proactive Threat Detection & Response Model
October 26, 2022 19:57 - 26 minutes - 36.7 MBAdeel Saeed is VP of Technology Strategy and Execution Management at Kyndryl and is a former CISO/CIO at large financial services companies, aviation companies, and more. Adeel is an experienced technology strategist and digital transformation leader with extensive hands-on technology and information security management experience and has led multiple large-scale complex technology transformation projects. Topics include: How enabling your internal clients with the right tools and tech...
EP 26 - Adeel Saeed on How to Move from A Reactive to a Proactive Threat Detection & Response Model
October 26, 2022 19:57 - 26 minutes - 36.7 MBAdeel Saeed is VP of Technology Strategy and Execution Management at Kyndryl and is a former CISO/CIO at large financial services companies, aviation companies, and more. Adeel is an experienced technology strategist and digital transformation leader with extensive hands-on technology and information security management experience and has led multiple large-scale complex technology transformation projects. Topics include: How enabling your internal clients with the right tools and tech...
Ep 25 - Chris Hodson of Contentful on How Modern Detection Teams Can Thrive in a Cloud-Based World
October 12, 2022 20:34 - 29 minutes - 40.1 MBChris Hodson is the CISO at Contentful, which helps digital teams assemble content and deliver experiences, faster. Prior to Contentful, Chris was at Zscaler and Tanium and also busy writing a book called Cyber Risk Management: Prioritize Threat, Identify Vulnerabilities, and Apply Controls. Chris builds and runs cybersecurity organizations that manage technology risks and helps product teams develop security solutions that work. As comfortable in the server room as the board room, he tail...
Chris Hodson of Contentful on How Modern Detection Teams Can Thrive in a Cloud-Based World
October 12, 2022 20:34 - 29 minutes - 40.1 MBChris Hodson is the CISO at Contentful, which helps digital teams assemble content and deliver experiences, faster. Prior to Contentful, Chris was at Zscaler and Tanium and also busy writing a book called Cyber Risk Management: Prioritize Threat, Identify Vulnerabilities, and Apply Controls. Chris builds and runs cybersecurity organizations that manage technology risks and helps product teams develop security solutions that work. As comfortable in the server room as the board room, he tail...
Ep 24 - Thomas Owen of Grafana on Why Enabled Autonomy is the Future of Modern Security Teams
September 27, 2022 17:28 - 31 minutes - 42.9 MBThomas Owen is CISO at Grafana and an advisor to startups who helped build the security team at Snyk and is especially excited about fostering conversations around ethics, sustainability, mental health, and inclusivity. A cloud-native, innovative and strategic security leader with a blend of people, policy and technical experience and a strong product affinity, Thomas and Jack discuss how to build a team from the ground up, the attributes of a modern security team, how to gauge value of se...
Thomas Owen of Grafana on Why Enabled Autonomy is the Future of Modern Security Teams
September 27, 2022 17:28 - 31 minutes - 42.9 MBThomas Owen is CISO at Grafana and an advisor to startups who helped build the security team at Snyk and is especially excited about fostering conversations around ethics, sustainability, mental health, and inclusivity. A cloud-native, innovative and strategic security leader with a blend of people, policy and technical experience and a strong product affinity, Thomas and Jack discuss how to build a team from the ground up, the attributes of a modern security team, how to gauge value of se...
Ep 23 - Mike Saxton of Booz Allen on Where Teams Start in Their Detection Journey and How Detection as Code is Bridging the Cybersecurity Skills Gap
September 13, 2022 20:18 - 24 minutes - 33.9 MBMike Saxton is Technical Director of Defensive Cyber Operations at Booz Allen Hamilton. His primary focus is on implementing technical solutions to protect against vulnerabilities, exploit software or hardware, data threats and other emerging risks that may threaten critical system operations. Not only an endurance athlete and classically trained musician, Mike is a long time proponent of detections as code and in today's episode he and Jack discuss everything from getting started on your ...
Mike Saxton of Booz Allen on Where Teams Start in Their Detection Journey and How Detection as Code is Bridging the Cybersecurity Skills Gap
September 13, 2022 20:18 - 24 minutes - 33.9 MBMike Saxton is Technical Director of Defensive Cyber Operations at Booz Allen Hamilton. His primary focus is on implementing technical solutions to protect against vulnerabilities, exploit software or hardware, data threats and other emerging risks that may threaten critical system operations. Not only an endurance athlete and classically trained musician, Mike is a long time proponent of detections as code and in today's episode he and Jack discuss everything from getting started on your ...
EP 22 - Compass CISO JJ Agha on Relentless Iterations and What He Expects from a Modern SIEM
August 30, 2022 16:02 - 29 minutes - 40.6 MBJJ Agha is the CISO at Compass, the largest real estate brokerage in the US, and previously spent over four years as VP of InfoSec at WeWork, along with time as a security engineer at Vimeo and Priceline. Having worked for and advised for multiple startups and Fortune 500 companies he enjoys the challenge of building security teams and maturing programs and disciplines within an organization while embracing and learning new technologies. In today’s episode, Jack and JJ discuss how he buil...
EP 22 — Compass CISO JJ Agha on Relentless Iterations and What He Expects from a Modern SIEM
August 30, 2022 16:02 - 29 minutes - 40.6 MBJJ Agha is the CISO at Compass, the largest real estate brokerage in the US, and previously spent over four years as VP of InfoSec at WeWork, along with time as a security engineer at Vimeo and Priceline. Having worked for and advised for multiple startups and Fortune 500 companies he enjoys the challenge of building security teams and maturing programs and disciplines within an organization while embracing and learning new technologies. In today’s episode, Jack and JJ discuss how he buil...
Compass CISO JJ Agha on Relentless Iterations and What He Expects from a Modern SIEM
August 30, 2022 16:02 - 29 minutes - 40.6 MBJJ Agha is the CISO at Compass, the largest real estate brokerage in the US, and previously spent over four years as VP of InfoSec at WeWork, along with time as a security engineer at Vimeo and Priceline. Having worked for and advised for multiple startups and Fortune 500 companies he enjoys the challenge of building security teams and maturing programs and disciplines within an organization while embracing and learning new technologies. In today’s episode, Jack and JJ discuss how he buil...
Discord’s Kathy Wang on Building and Managing Security Teams
July 28, 2022 22:15 - 20 minutes - 28.7 MBKathy Wang is the CISO at Discord, an internationally-recognized malware expert who has researched, developed, evaluated, and operationalized various solutions for detecting and preventing client-side attacks used by advanced persistent threats (APT). As a security executive and leader, Kathy has a strong background in project management, research, and business development. She has worked in government, commercial, and technology startup environments, and currently advises security service...
EP 21 - Discord’s Kathy Wang on Building and Managing Security Teams
July 28, 2022 22:15 - 20 minutes - 28.7 MBKathy Wang is the CISO at Discord, an internationally-recognized malware expert who has researched, developed, evaluated, and operationalized various solutions for detecting and preventing client-side attacks used by advanced persistent threats (APT). As a security executive and leader, Kathy has a strong background in project management, research, and business development. She has worked in government, commercial, and technology startup environments, and currently advises security service...
EP 20 - Rapyd’s Nir Rothenberg on Lessons Learned Transitioning from On-Prem to Cloud
July 12, 2022 16:28 - 33 minutes - 45.9 MBNir Rothenberg is the CISO at Rapyd, managing security and IT for the soaring Fintech company, on a mission to ensure that the future of financial services will be democratized and secure. Prior to Rapyd, Nir led information security in NSO Group, a well known cyber-intelligence company, where he was charged with protecting a high profile and high risk enterprise. Before NSO Group, Nir worked as a consultant, helping with some of Israel's leading companies to reduce risk and improve inform...
Rapyd’s Nir Rothenberg on Lessons Learned Transitioning from On-Prem to Cloud
July 12, 2022 16:28 - 33 minutes - 45.9 MBNir Rothenberg is the CISO at Rapyd, managing security and IT for the soaring Fintech company, on a mission to ensure that the future of financial services will be democratized and secure. Prior to Rapyd, Nir led information security in NSO Group, a well known cyber-intelligence company, where he was charged with protecting a high profile and high risk enterprise. Before NSO Group, Nir worked as a consultant, helping with some of Israel's leading companies to reduce risk and improve inform...
SC Magazine’s Joe Uchill on What It’s Like to be a Cybersecurity Reporter in 2022
June 27, 2022 15:04 - 28 minutes - 39.1 MBJoe Uchill is a Senior Reporter at SC Magazine — the leading trade publication for the cybersecurity industry. Prior to joining SC Magazine in 2020, Joe was a cybersecurity reporter at outlets including Axios and The Hill. Today’s episode is the first in our mini-series dedicated to interviewing leading cybersecurity journalists. Cybersecurity reporting plays an important role for practitioners, leaders, and the general public to understand recent breaches, latest malware trends, and best p...
EP 19 - SC Magazine’s Joe Uchill on What It’s Like to be a Cybersecurity Reporter in 2022
June 27, 2022 15:04 - 28 minutes - 39.1 MBJoe Uchill is a Senior Reporter at SC Magazine — the leading trade publication for the cybersecurity industry. Prior to joining SC Magazine in 2020, Joe was a cybersecurity reporter at outlets including Axios and The Hill. Today’s episode is the first in our mini-series dedicated to interviewing leading cybersecurity journalists. Cybersecurity reporting plays an important role for practitioners, leaders, and the general public to understand recent breaches, latest malware trends, and best p...
Cedar’s CISO Aaron Zollman: Lessons From Building a Modern Security Team
June 13, 2022 18:55 - 32 minutes - 44.2 MBAaron Zollman is the CISO at Cedar — a patient payment and engagement platform for hospitals, health systems, and medical groups that elevates the patient experience. Prior to Cedar, Aaron spent time in security at companies like Bridgewater, Palantir, and MUFG Bank, Japan’s largest bank. In today’s episode, Aaron and Jack discuss lessons and tips to help organizations build a modern security team that’s capable of detection and response at scale. Topics discussed: What Aaron learned as...
EP 18 - Cedar’s CISO Aaron Zollman: Lessons From Building a Modern Security Team
June 13, 2022 18:55 - 32 minutes - 44.2 MBAaron Zollman is the CISO at Cedar — a patient payment and engagement platform for hospitals, health systems, and medical groups that elevates the patient experience. Prior to Cedar, Aaron spent time in security at companies like Bridgewater, Palantir, and MUFG Bank, Japan’s largest bank. In today’s episode, Aaron and Jack discuss lessons and tips to help organizations build a modern security team that’s capable of detection and response at scale. Topics discussed: - What Aaron learned ...
Tines COO Thomas Kinsella: How to Remove the Barriers That Prevent Security Teams From Doing Their Best Work
April 26, 2022 13:13 - 32 minutes - 43.9 MBThomas Kinsella is the COO and co-founder of Tines — a no-code security automation platform that frees teams from manual work so they can focus on higher-value strategic work. In today’s episode, Thomas and Jack explore what it's like to transition from a security practitioner to a startup founder and how tools like Tines and Panther can be used to transform the way security teams operate. Topics discussed: What Tines does (and what the name means). Reflecting on the stresses of dealing...
EP 17 - Tines COO Thomas Kinsella: How to Remove the Barriers That Prevent Security Teams From Doing Their Best Work
April 26, 2022 13:13 - 32 minutes - 43.9 MBThomas Kinsella is the COO and co-founder of Tines — a no-code security automation platform that frees teams from manual work so they can focus on higher-value strategic work. In today’s episode, Thomas and Jack explore what it's like to transition from a security practitioner to a startup founder and how tools like Tines and Panther can be used to transform the way security teams operate. Topics discussed: - What Tines does (and what the name means). - Reflecting on the stresses of deal...
Panther Labs’s Joren McReynolds: Developing Security Products that Can Scale
March 08, 2022 10:00 - 41 minutes - 57 MBWhat does it take to shape an early-stage security project into a product that solves real problems? Understanding your customers is a key first step. Knowing the personas who can use your product and the leverage they can get out of it, it's what ultimately brings value to security teams and even other teams that can seize their benefits. We had a great conversation with Joren McReynolds who is the VP of Engineering, IT and Security at Panther Labs. In today's episode he shares the exper...
EP 16 - Panther Labs’s Joren McReynolds: Developing Security Products that Can Scale
March 08, 2022 10:00 - 41 minutes - 57 MBWhat does it take to shape an early-stage security project into a product that solves real problems? Understanding your customers is a key first step. Knowing the personas who can use your product and the leverage they can get out of it, it's what ultimately brings value to security teams and even other teams that can seize their benefits. We had a great conversation with Joren McReynolds who is the VP of Engineering, IT and Security at Panther Labs. In today's episode he shares the exper...
EP 15 - r2c’s Clint Gibler: How To Succeed in AppSec at Scale
February 08, 2022 10:00 - 27 minutes - 38 MBClint Gibler is the Head of Security Research for r2c, the company behind SEMGREP, a popular open-source static analysis security scanning tool used by teams all over the world. He joined r2c to help build and shape the future of AppSec; one that includes secure defaults along with lightweight enforcement of those defaults. In today's episode, Clint talks about SEMGREP, operationalization of tools for security teams, intersection between AppSec and D&R as well as tips to succeed in AppSec ...
r2c’s Clint Gibler: How To Succeed in AppSec at Scale
February 08, 2022 10:00 - 27 minutes - 38 MBClint Gibler is the Head of Security Research for r2c, the company behind SEMGREP, a popular open-source static analysis security scanning tool used by teams all over the world. He joined r2c to help build and shape the future of AppSec; one that includes secure defaults along with lightweight enforcement of those defaults. In today's episode, Clint talks about SEMGREP, operationalization of tools for security teams, intersection between AppSec and D&R as well as tips to succeed in AppSec ...