התחל במצב לא מקוון עם האפליקציה Player FM !
פודקאסטים ששווה להאזין
בחסות


1 The Killing Call: 1. The death of a star 35:12
EP 44 — Workrise’s Tim Kelly on How to Build a Data-Driven Application Security Program
Manage episode 375496784 series 3330694
In this episode of the Future of Application Security, Harshil speaks with Tim Kelly, Director, Security Engineering at Workrise, a technology company with a platform that supports the energy workforce. They discuss the importance of collecting, storing, and analyzing data in order to enhance application security efforts, and how to go about building a data program that does that. They also discuss the ways in which you can use data to inform your security efforts, how to use data to help you inventory and prioritize vulnerability management, how to get to a 100% success rate with data-backed solutions, and what the future of data-driven application security will look like.
Topics discussed:
- How Tim's background in experimental psychology and data analytics informs his work as the Director of Security Engineering.
- The definition of data engineering and how the practice can apply to application security.
- Why data is important for security and how a big part of collecting and analyzing data for its insights is because "you can't secure what you can't see."
- How to play into your strengths when building a data program by looking at your current capabilities, including leveraging a business insights team.
- How you can use data to determine the efficiency of your vulnerability management program, how to monitor performance, and how to find out where your efforts are producing the most value.
- The benefits of using data to inform your security approach, and how to get to 100% success rates with fixes by doing so.
- What the future of application security will look like and how teams can integrate more data analysis practices.
60 פרקים
Manage episode 375496784 series 3330694
In this episode of the Future of Application Security, Harshil speaks with Tim Kelly, Director, Security Engineering at Workrise, a technology company with a platform that supports the energy workforce. They discuss the importance of collecting, storing, and analyzing data in order to enhance application security efforts, and how to go about building a data program that does that. They also discuss the ways in which you can use data to inform your security efforts, how to use data to help you inventory and prioritize vulnerability management, how to get to a 100% success rate with data-backed solutions, and what the future of data-driven application security will look like.
Topics discussed:
- How Tim's background in experimental psychology and data analytics informs his work as the Director of Security Engineering.
- The definition of data engineering and how the practice can apply to application security.
- Why data is important for security and how a big part of collecting and analyzing data for its insights is because "you can't secure what you can't see."
- How to play into your strengths when building a data program by looking at your current capabilities, including leveraging a business insights team.
- How you can use data to determine the efficiency of your vulnerability management program, how to monitor performance, and how to find out where your efforts are producing the most value.
- The benefits of using data to inform your security approach, and how to get to 100% success rates with fixes by doing so.
- What the future of application security will look like and how teams can integrate more data analysis practices.
60 פרקים
כל הפרקים
×
1 EP 60 - Appian’s Abdullah Munawar on Enhancing Product Security Amid Evolving Development Trends 21:05

1 EP 59 - Nat Mokry on Advancing Application Security in the Gaming Industry 26:55

1 EP 58 — Asana's Felix Matenaar on Building Resilient Security Practices for the Future 32:45

1 EP 57 — Clari's Steve Lukose on Using SLAs as Benchmarks for Businesses 27:05

1 EP 56 — Aruneesh Salhotra on Why Security is Everyone’s Job 24:49

1 EP 55 — BlackBerry's Christine Gadsby on What's Driving Software Supplier Transparency and Accountability 26:21

1 EP 54 — LPL Financial's Chad Girouard on Improving Application Security Through Better Tools and Relationships 23:43

1 EP 53 — ReversingLabs's Dave Ferguson on Securing Your Software Supply Chains 24:24

1 EP 52 — Gen’s Curtis Koenig on Speaking the Language of Why Security Matters 27:28

1 EP 51 — Ping Identity’s Arthur Loris on How to Tell Better Stories About Your Product Security Success 27:10

1 EP 50 — DryRun Security’s James Wickett on Aligning Incentives and Speaking the Same Language with Developers and Security 31:08

1 EP 49 — Semgrep’s Colleen Dai on Building Security Strategies and Relationships with Other Teams 20:14

1 EP 48 — Chaotic Good’s Johnathan Kuskos on Testing for Functionality, Priorities, and Better Incident Response 31:10

1 EP 47 — Manicode Security’s Jim Manico on Addressing OWASP Top Ten Issues Through Better Security and Developer Partnerships 26:38

1 EP 46 — TuSimple’s Madjid Nakhjiri on the Evolving Need for Automotive Cybersecurity 24:03

1 EP 45 — Toast’s David Kosorok on Leading Application Security with Collaboration, Empathy, and Good Data 33:55

1 EP 44 — Workrise’s Tim Kelly on How to Build a Data-Driven Application Security Program 24:06

1 EP 43 — Avalara’s Derek Samford on Building a Security Culture with Data, Collaboration, Education, and Empathy 35:56

1 EP 42 — Snowflake’s Jacob Salassi on the Science of Product Security 38:00

1 EP 41 — SAP’s Helen Oakley on Protecting Human Well-Being by Securing Software Supply Chains 26:07

1 EP 40 — Steve Springett on Solving Software Supply Chain Security and SBOM Challenges 33:58

1 EP 39 — A Modernized and Scalable Approach to Product Security with Origami Risk’s Prajakta Badhe 28:20

1 EP 38 — Avalara’s Anthony Ungerman on the Imperative for Security-Minded Organizations 29:34

1 EP 37 — Choosing AppSec Priorities: Software Supply Chain, Code-to-Cloud Business Context and Metrics 55:51

1 EP 36 — Highspot’s Joe Basirico on How to Build Security by Buildng Trust 30:58

1 EP 35 — Streamlining and Accelerating Your Product Security with iHerb’s Mike de Libero 25:21

1 EP 34 — The Future of AppSec: People, Processes, and Progress with Coalfire’s Warren Kopp 30:00

1 EP 33 — Democratizing Security and Implementing Change with Twilio’s Ariel Shin 39:36

1 EP 32 — Leading with Context - Where Institutional Knowledge Cannot Scale 30:04

1 EP 31 — Cloudflare’s Sri Pulla on Building Collaboration and Synergies for Better Product Security 24:55
ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.