Strategic Asymetry - Leveling the Playing Field w/ Chetan Conikee

Strategic Asymetry - Leveling the Playing Field w/ Chetan Conikee

Author: The OWASP Podcast Series January 2, 2019 Duration: 34:42
The OWASP Podcast Series
Technology
"In the past when we were writing software, it was our engineers and our organizations that had total cost of ownership of that software. But now, that has fundamentally changed. Engineers are using open source software and deploying the entire application on an open source framework, which means a large part of the software supply chain is no longer owned by the engineer. " -- Chetan Conikee In this episode of the DevSecOps Days Podcast Series, I speak with Chetan Conikee about his chapter in the Epic Failures in DevSecOps book. About Chetan Conikee Chetan Conikee is a serial entrepreneur with over 20+ years of experience in authoring and architecting and securing mission-critical software. His expertise includes building web-scale distributed infrastructure, cybersecurity, personalization algorithms, complex event processing, fraud detection and prevention in investment/retail banking domains. He currently serves as CTO/Founder at ShiftLeft, and most recently Chief Data Officer and GM Operations at Cloud- Physics. Prior to CloudPhysics, Chetan was part of early founding teams at CashEdge (acquired FiServ), Business Signatures (acquired Entrust)and EndForce (acquired Sophos).

Tune in to The OWASP Podcast Series for genuine conversations that go beyond the headlines of cybersecurity. Instead of dry lectures, you'll hear from the people actually building, testing, and defending the software that shapes our world. Each episode sits down with a different practitioner or innovator, pulling insights directly from their daily work and long-term vision. The discussions are grounded in the real challenges of application security, offering practical knowledge and forward-thinking strategies. This podcast provides a unique audio space to understand the evolving threats and defensive techniques critical for our digital infrastructure. You’ll find the dialogue is both technical and accessible, demystifying complex topics through the experiences of those on the front lines. The goal is to share actionable wisdom from the OWASP community and its extended network, focusing on how to create more resilient systems. By listening, you gain a deeper appreciation for the ongoing effort required to secure technology for everyone. It’s an essential resource for developers, security professionals, and anyone curious about the foundational work of safeguarding our connected future. The series turns abstract concepts into tangible lessons, all through the voices of the individuals dedicated to this crucial mission.
Author: Language: English Episodes: 100

Official website RSS
youtubelinkedingithub
The OWASP Podcast Series
Podcast Episodes
2023-04 Rethinking WAFs: OWASP Coraza [not-audio_url] [/not-audio_url]

Duration: 29:14
WAFs have been with us a while and it's about time someone reconsidered WAFs and their role in AppSec given the cloud-native and Kubernetes landscape. The OWASP Coraza is not only asking these questions but putting some…
2023-03 Point of Scary - the POS ecosystem [not-audio_url] [/not-audio_url]

Duration: 34:46
In this episode I speak with Aaron about Point of Sale or POS systems. He's been investigating the security of POS systems for quite some time now and brings to light the state of the POS ecosystem. Buckle your seat belt…
2023-02 Isolation is just PEACHy [not-audio_url] [/not-audio_url]

Duration: 33:54
In this episode I speak with Amitai Cohen who's been thinking a lot about tenant isolation. This is a problem for more then just cloud providers. Anyone with a SaaS offering or even large enterprise may want to isolate c…
OWASP Ep 2023-01: Audit, Compliance and automation, Oh my! [not-audio_url] [/not-audio_url]

Duration: 27:35
In this episode, I speak with Caleb Queern, one of the authors of "Investments Unlimited" a book I highly recommend you get and read. While the book is fiction, there's a great deal of truth in the story about how automa…
2022 Year in Review [not-audio_url] [/not-audio_url]

Duration: 14:19
In this episode, I go solo and review the last year of podcasts but with a twist. I do my best to compare the topics covered to the OWASP Flagship projects. The goal is to see if the episodes I recorded this year match u…
You've got some Kubernetes in my AppSec! [not-audio_url] [/not-audio_url]

Duration: 41:44
In this episode, I speak with Jimmy Mesta, the project leader of the new OWASP Kubernetes Top 10. Beyond covering the actual Kubernetes Top 10 project, we cover how AppSec has expanded to cover other areas. You not only…
Little Zap of Horrors [not-audio_url] [/not-audio_url]

Duration: 33:09
In this episode, I speak with Simon Bennetts, the creator of OWASP Zed Attack Proxy lovingly known as ZAP. We talk about how it all got started, some of the surprises and lessons learned running a wildly successful open…
Breaching the wirefall with community [not-audio_url] [/not-audio_url]

Duration: 39:35
In this episode, Matt Tesauro hosts wirefall to talk about creating and growing a security community and his 26 years of pen testing experience. In wirefall's case, it's the Dallas Hackers Association or DHA. Our convers…
Going Way Beyond 2FA [not-audio_url] [/not-audio_url]

Duration: 30:45
In this episode, Matt Tesauro hosts Neil Matatall to talk about going beyond 2FA as he relates lessons learned from Twitter and Github on account security. This is another episode with some good nuggets of wisdom and som…
Getting Lean and Mean in the DefectDojo [not-audio_url] [/not-audio_url]

Duration: 30:44
In this episode, Matt Tesauro hosts Greg Anderson and Cody Maffucci to talk about OWASP DefectDojo. DefectDojo is an OWASP flagship project that aims to be the single source of truth for AppSec or Product Security teams.…

«123456...10»