Kill Cloud Risk: Get Everybody to Stop Fighting Over App Security – Podcast

(Brought to you by Uptycs. Underwriters of Threatpost podcasts do not assert any editorial control over content.)

Applications are cybercriminals’ favorite ways to crack open targeted organizations.

Yet no single team or process can assure the rollout of safe cloud applications. From code design to unit testing to deployment, teams and tools have to work together to detect risks early while keeping the pipeline of digital products moving.

Alex Rice, CTO at HackerOne and Johnathan Hunt, VP of Security at GitLab, help development teams evolve their processes to build security directly into their workflows for smooth and safe cloud app rollouts.

They dropped by the Threatpost podcast recently to share tips on DevSecOps, including:

• How to build a continual testing, monitoring, and feedback processes to drive down application risk.
• Developing a continuous approach to application security and DevOps security tools.
• Why collaboration and continual feedback is essential across development, cloud and security teams.

…as well as how to deal with the boatload of animosity between development and security teams. One tip: Assume positive intent!

Heads-up: Along with Aron Eidleman, Partner Solutions Architect at AWS, Alex and Johnathan will be participating in a joint webinar on Feb. 23 to discuss the importance of layering security practices into your DevOps workflows.

You can download the podcast below or listen here. For more podcasts, check out Threatpost’s podcast site.

Join Threatpost on Wed. Feb 23 at 2 PM ET for a LIVE roundtable discussion “The Secret to Keeping Secrets,” sponsored by Keeper Security, focused on how to locate and lock down your organization’s most sensitive data. Zane Bond with Keeper Security will join Threatpost’s Becky Bracken to offer concrete steps to protect your organization’s critical information in the cloud, in transit and in storage. REGISTER NOW and please Tweet us your questions ahead of time @Threatpost so they can be included in the discussion.