))
The "People | Process | Technology" podcast is a recorded series of discussions with thought leaders and practitioners who are working on integrating the three areas of business that are most likely to have a massive impact on your business.
The SEI Podcast Series presents conversations in software engineering, cybersecurity, and future technologies.
Chris and Robert deconstruct world-class Application Security experts, digging deep to find the tools, tactics, projects, and tricks that make them successful. Each episode begins with the guest's security origin story or how they got started in Application Security. Topics range from DevOps+security, secure coding, OWASP, threat modeling, security culture, and anything else they can think of regarding application security. Chris Romeo (@edgeroute) is the CEO of Security Journey, and Robert ...
Each webinar features an SEI researcher discussing their research on software and cybersecurity problems of considerable complexity. The webinar series is a way for the SEI to accomplish its core purpose of improving the state-of-the-art in software engineering and cybersecurity and transitioning this work to the community. The SEI is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI Webinar Seri ...
Welcome to the Cybrary Studios, home to Cybrarys three podcast series, including the award-winning 401 Access Denied voted Best Cybersecurity Podcast for NORTH AMERICA by the 2021 Cybersecurity Excellence Awards. The Cybrary Podcast - In this show, we will be speaking with current leaders and experts in the IT and Cybersecurity fields. Discussing topics ranging from DevSecOps and Ransomware attacks to diversity and the retention of talent the Cybrary Podcast covers it all. Stay up to date wi ...
The IBM Developer podcast is the place to hear about open topics and technologies.
Digital engineering is an integrated digital approach that uses authoritative sources of systems data and models as a continuum across disciplines to support lifecycle activities from concept through disposal. With digital engineering, models are developed for everything, not just for software, but for all components of a system of systems, hardwar…
A
Application Security PodCast
1
Leif Dreizler: Tactical tips to shift engineering right
46:05
46:05
Play later
Play later
Lists
Like
Liked
46:05
Leif Dreizler is the manager of the Product Security team at Segment. Leif got his start in the security industry at Redspin doing security consulting work and was later an early employee at Bugcrowd. He helps organize the Bay Area OWASP Chapter, the LocoMocoSec Conference, and the AppSec California conference. Leif caught our attention when he pub…
Those who work in computing today bring a wide array of backgrounds and experiences to the profession. In this podcast, part of the My Story in Computing series, learn how Carol Smith, who trained as a photojournalist, discusses how a love of telling people’s stories led to a career in human-computer interaction working in artificial intelligence w…
T
The Cybrary Podcast
1
401 Access Denied Ep. 25 | Inside Application Security with Ted Harrington
57:33
57:33
Play later
Play later
Lists
Like
Liked
57:33
Special guest Ted Harrington joins Joe and Mike today to discuss application security – how to be more secure, what AppSec myths to reconsider, and how to change mentalities at your organization. Ted is Executive Partner at Independent Security Evaluators and author of Hackable: How To Do Application Security Right.…
S
Software Engineering Institute (SEI) Webcast Series
1
Amplifying Your Privacy Program: Strategies for Success
1:01:06
1:01:06
Play later
Play later
Lists
Like
Liked
1:01:06
Privacy protection isn't just a compliance activity. but It’s also a key area of organizational risk that requires enterprise-wide support and participation; careful planning; and forward-leaning, data-driven controls. In this webcast, we highlight best practices for privacy program planning and implementation. We present strategies for leveraging …
T
The Cybrary Podcast
1
Ep. 3 Finding Your Next Steps | Go For It with Sarah Moffat
30:41
30:41
Play later
Play later
Lists
Like
Liked
30:41
Do you ever wonder how some people get ahead so fast? Well, you can’t reach the next level with the same level of thinking as now. When you’re surrounded by sameness, how do you grow? In this episode of Go For It, Sarah dives into being intentional and thoughtful, and ways to create an environment optimized for the growth of you and those around yo…
Vandana Verma is the President of Infosec girls and Infosec Kids, a board of directors member for OWASP, and a leader for BSides Dehli. She joins us to introduce the OWASP Spotlight Series. With each video she creates, she highlights an OWASP project. We survey the projects she's covered and discuss a specific takeaway from each for the application…
T
The Cybrary Podcast
1
SolarWinds and Supply Chains with Tina Kuhn | The Cybrary Podcast Ep. 57
30:18
30:18
Play later
Play later
Lists
Like
Liked
30:18
It’s Episode 57 of the Cybrary Podcast and we welcome Tina Kuhn, President of Cybercore Technologies, to talk about supply chains. With attacks as recent as SolarWinds and future attacks that will inevitably occur, Mike and Tina discuss everything from counterfeit equipment and hardware tampering, to the state of critical infrastructure and how to …
P
People | Process | Technology Podcast
1
2021 OWASP Top 10 with Andrew van der Stock
15:06
15:06
Play later
Play later
Lists
Like
Liked
15:06
The Top 10 is considered one of the most important community contributions to come out OWASP. In 2003, just two years after organization was started, the OWASP Top 10 was created. The purpose of the project was to create an awareness document, highlighting the top ten exploits security professionals should be aware of. Since that time, innumerable …
A
Application Security PodCast
1
Dr. Anita D’Amico -- Do certain types of developers or teams write more secure code?
48:33
48:33
Play later
Play later
Lists
Like
Liked
48:33
Dr. Anita D’Amico is the CEO of Code Dx, which provides Application Security Orchestration and Correlation solutions to industry and government. Her roots are in experimental psychology and human factors. Her attention is now focused on enhancing the decisions and work processes of software developers and AppSec analysts to make code more secure. A…
T
The Cybrary Podcast
1
401 Access Denied Ep. 24 | Joe & Mike's Top 5 Free Cybersecurity Tools
39:53
39:53
Play later
Play later
Lists
Like
Liked
39:53
In your cyber security journey, you’ve probably heard of a massive number of cyber security tools, many of them free. It can be tricky to figure out where to start and which tool is worth your time. In this podcast, Joe and Mike discuss the free cyber security tools in their arsenal and the significant value they’ve provided over the years. Did we …
T
The Cybrary Podcast
1
Ep. 2 Finding Your Driving Force with Charity Carney | Go For It with Sarah Moffat
21:02
21:02
Play later
Play later
Lists
Like
Liked
21:02
Welcome back to Go For It with Sarah Moffat. Joining us for episode 2, is Charity Carney, VP of Security and Compliance at InVita Healthcare Technologies. Throughout her career, Charity had many less than positive experiences, but she shares her journey of finding what motivated her to go for it and leave a toxic work environment for her dream job.…
There is some confusion about how the paradigms of DevOps and Digital Engineering fit together. In the case of software-intensive systems, we believe DevOps practices are an enabler for Digital Engineering, in many forms. During this webcast, we introduced the relatively new concept of Digital Engineering and how we believe DevOps actually compleme…
A
Application Security PodCast
1
Alyssa Miller -- Bringing security to DevOps and the CI/CD pipeline
40:24
40:24
Play later
Play later
Lists
Like
Liked
40:24
Alyssa Miller is a life-long hacker, security advocate, and cybersecurity leader. She is the BISO for S&P Global ratings and has over 15 years of experience in security roles. She is heavily involved in the cybersecurity community as an international speaker, author, and advocate. Alyssa joins us to talk about bringing security to DevOps and the CI…
T
The Cybrary Podcast
1
Using Your Data to Help You | The Cybrary Podcast Ep. 56
44:18
44:18
Play later
Play later
Lists
Like
Liked
44:18
On this episode of the Cybrary Podcast, we welcome back Base Operations, introducing Scott Money, the VP of Engineering. Everyone knows Google, but Mike, Jonathan, and Scott throwback to the days of Lycos, before PHP, server side scripting, cookies, and SSL. What launched Google into becoming the leading name in search engines around the world, and…
S
Software Engineering Institute (SEI) Webcast Series
1
Modeling DevSecOps to Reduce the Time-to-Deploy and Increase Resiliency
59:45
59:45
Play later
Play later
Lists
Like
Liked
59:45
Many organizations struggle in applying DevSecOps practices and principles in a cybersecurity-constrained environment because programs lack a consistent basis for managing software intensive development, cybersecurity, and operations in a high-speed lifecycle. We will discuss how an authoritative reference, or Platform Independent Model (PIM), is n…
T
The Cybrary Podcast
1
401 Access Denied Ep. 23 | Ransomware Rundown with Dan Lohrmann
1:00:55
1:00:55
Play later
Play later
Lists
Like
Liked
1:00:55
Ransomware attacks have exploded in frequency and severity in recent months. Joe and Mike are joined by guest Dan Lohrmann, currently Chief Strategist & CSO at Security Mentor, and formerly of the NSA, Lockheed Martin, and CISO for State of Michigan. Discussion revolves around concrete steps we can all take today to reduce attacks, minimize damage,…
A
Application Security PodCast
1
Liran Tal — Cloud native application security, what’s a developer to do?
42:07
42:07
Play later
Play later
Lists
Like
Liked
42:07
Liran Tal is an application security activist and long-time proponent of open-source software. He is a member of the Node.js security working group, an OWASP project lead, author of Essential Node.js Security, and O’Reilly’s Serverless Security. He is leading the developer advocacy team at Snyk in a mission to empower developers with better dev-fir…
Brett Tucker, a technical manager for cyber risk in the SEI CERT Division, discusses the Operationally Critical Threat, Asset, and Vulnerability Evaluation for the Enterprise (OCTAVE FORTE) Model, which helps organizations evaluate security risks and use principles of enterprise risk management to bridge the gap between executives and practitioners…
I
IBM Developer Podcast
1
The University of Illinois Urbana-Champaign | High Performance Computing and AI Podcast
35:11
35:11
Play later
Play later
Lists
Like
Liked
35:11
Dr. Vlad Kindratenko and Eliu Huerta explain how the Center for Artificial Intelligence Innovation (CAII) at the University of Illinois Urbana-Champaign are using an IBM Power 9 cluster to research and deliver astounding deep learning solutions for their community campus and industry partners. From astro-physics to gravitational waves and neural ne…
T
The Cybrary Podcast
1
Ep.1 Finding Your Ah-Ha Moment | Go For It with Sarah Moffat
26:01
26:01
Play later
Play later
Lists
Like
Liked
26:01
Welcome to the first episode of Go For It with Sarah Moffat, and happy International Women’s Day! We’re exited to introduce Sarah, the President and Founder of LeadingLadies.co, as she shares her story and inspiration to go for it, every day. From her part-time work through high school and college, to the experiences that taught her how to run oper…
T
The Cybrary Podcast
1
How Project Managers Get SaaSy with Clubhouse | The Cybrary Podcast Ep. 55
30:21
30:21
Play later
Play later
Lists
Like
Liked
30:21
Calling all engineers! This week on the Cybrary Podcast, we welcome Zachary Ozer from ClubHouse. From one VP of Engineering to another, Mike and Zach talk all things development, product planning, and how to help junior and senior engineers be more effective and enjoy their jobs. Zach also offers key insights into how people at ClubHouse further th…
T
The Cybrary Podcast
1
The Future of Password Security | The Cybrary Podcast Ep. 54
52:38
52:38
Play later
Play later
Lists
Like
Liked
52:38
Joining the Cybrary Podcast this week is Jeff Capone, CEO & Co-founder of SecureCircle. In this episode, Jeff, Mike and Jonathan discuss zero-trust policies, why people use encryption, and what it would mean for data access, privacy, and security if we could make the need for passwords obsolete.
T
The Cybrary Podcast
1
401 Access Denied Ep. 22 | Responsible Disclosure Programs with Katie Moussouris & Casey Ellis
1:23:25
1:23:25
Play later
Play later
Lists
Like
Liked
1:23:25
Casey Ellis, Founder & CTO of Bugcrowd and Katie Moussouris, Founder & CEO of Luta Security discuss vulnerability disclosure programs with Mike and Joe today. Developing a disclosure program can be so complex that many organizations don’t create one at all. So we asked - what processes should companies put in place to be sure they provide vulnerabi…
Konveyor is a community of people passionate about helping others modernize and migrate their applications to the hybrid cloud by building tools, identifying patterns, and providing advice on how to break down monoliths, adopt containers, and embrace Kubernetes. Join us for a conversation with James Labocki organizer of the Konveyor Community.…
S
Software Engineering Institute (SEI) Podcast Series
1
7 Steps to Engineer Security into Ongoing and Future Container Adoption Efforts
20:23
20:23
Play later
Play later
Lists
Like
Liked
20:23
If organizations take more steps to address security-related activities now, they will be less likely to encounter security incidents in the future. When it comes to application containers, security is achieved through adopting a series of best practices and guidelines. In this SEI Podcast, Tom Scanlon and Richard Laughlin, researchers with the SEI…
For this episode, Robert and I decided to talk about an article I wrote called "DevOps security culture: 12 fails your team can learn from". We hope you enjoy this walkthrough of the 12 fails. If we missed any, hit us up on Twitter and let us know what we should add to the list.By Chris Romeo and Robert Hurlbut
T
The Cybrary Podcast
1
Lies You've Been Sold About Encryption | The Cybrary Podcast Ep. 53
58:05
58:05
Play later
Play later
Lists
Like
Liked
58:05
“Protecting data wherever it lives” is at the forefront of the long debated question: Is your data secure? The apps you use, the websites you visit, the Zoom calls you're on - there is so much personal and business information availble, but who makes the decisions about data handling and security? Jonathan and Mike welcome Patrick Walsh, CEO of Iro…
S
Software Engineering Institute (SEI) Podcast Series
1
Ransomware: Evolution, Rise, and Response
32:50
32:50
Play later
Play later
Lists
Like
Liked
32:50
In this SEI Podcast, Marisa Midler and Tim Shimeall, network defense analysts within the SEI's CERT Division, discuss the growing problem of ransomware including the rise of ransomware as a service threats. Ransom payments from Quarter 3 of 2019 were on average $42,000, and in Quarter 1 of 2020, that average increased $70,000 to $112,000. The volum…
S
Software Engineering Institute (SEI) Webcast Series
1
SolarWinds Hack: Fallout, Recovery, and Prevention
1:01:18
1:01:18
Play later
Play later
Lists
Like
Liked
1:01:18
The recent SolarWinds incident demonstrated the challenges of securing systems when they are the product of complex supply chains. Responding effectively to breaches and hacks requires a cross-section of technical skills and process insights. In this webcast, we explored the lifecycle of the SolarWinds activity and discussed both technical and risk…
Jim Routh has built software security programs at some of the biggest brands in the world. He has served as CISO or CSO six different times in his career, always staying close to his cyber and software security roots. Jim has hung up his CISO badge and now focuses on serving on boards and advising security-focused startups. Jim’s original AppSec po…
T
The Cybrary Podcast
1
Funding: The VC’s Perspective & The Entrepreneur’s Dilemma| The Cybrary Podcast Ep. 52
1:02:31
1:02:31
Play later
Play later
Lists
Like
Liked
1:02:31
Have you wondered what’s involved in venture capital fund raising? In this episode of the Cybrary Podcast, we welcome Les Craig, Co-founder of RedOwl Analytics and current Partner at Next Frontier Capital. From their years of experience in Cybersecurity, Les, Mike, and Jonathan talk about the successes and pitfalls of starting businesses, what foun…
T
The Cybrary Podcast
1
401 Access Denied Ep. 21 | How Cyber Criminals Exploit Human Behavior
49:26
49:26
Play later
Play later
Lists
Like
Liked
49:26
Joe and Mike talk to Jessica Barker, Co-CEO of Cygenta and author of Confident Cyber Security and the recently released Cybersecurity ABC’s. Jessica breaks down the psychology behind cyber criminals and why we frequently blame the employees on the front lines of attacks. Plus, why companies need to stop telling employees to be constantly alert. Get…
T
The Cybrary Podcast
1
Developing Engineers from the Ground Up | The Cybrary Podcast Ep. 51
36:40
36:40
Play later
Play later
Lists
Like
Liked
36:40
This week on the Cybrary Podcast, we welcome Caleb Woods. Caleb is the CEO of Rolemodel Software, a company specializing in building internal tools for their customers. Speaking with Mike Gruen and Thomas Horlacher from Cybrary, Caleb discusses the work his company is doing as well as their Craftsmanship Academy, a way for those new to the engineer…
P
People | Process | Technology Podcast
1
The Ops Side of DevSecOps w/ Damon Edwards
24:20
24:20
Play later
Play later
Lists
Like
Liked
24:20
When Shannon Lietz and the team at DevSecOps.org published the DevSecOps Manifesto six years ago, security was uppermost in their minds. The manifesto starts with a call to arms…“Through Security as Code, we have and will learn that there is simply a better way for security practitioners, like us, to operate and contribute value with less friction.…
