Gehen Sie mit der App Player FM offline!
Matt Rose -- Software Supply Chain Security Means Many Different Things to Different People
Manage episode 423008038 series 2540720
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut welcome Matt Rose, an experienced technical AppSec testing leader. Matt discusses his career journey and significant contributions in AppSec. The conversation delves into the nuances of software supply chain security, exploring how different perceptions affect its understanding. Matt provides insights into the XZ compromise, critiques the buzzword 'shift left,' and discusses the role of digital twins and AI in enhancing the supply chain security. He emphasizes the need for a comprehensive approach beyond SCA, the relevance of threat modeling, and the potential risks and benefits of AI in security. The discussion also touches on industry trends, the importance of understanding marketing terms, and the future directions of AppSec.
Mentioned in the episode:
The Application Security Program Handbook by Derek Fisher
https://www.manning.com/books/application-security-program-handbook
Podcast Episode: Derek Fisher – The Application Security Program Handbook
https://youtu.be/DgmlHgNT-UM
Authors mentioned:
Steven E. Ambrose https://www.simonandschuster.com/authors/Stephen-E-Ambrose/1063454
Mark Frost https://en.wikipedia.org/wiki/Mark_Frost
FOLLOW OUR SOCIAL MEDIA:
➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast
Thanks for Listening!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
273 Episoden
Manage episode 423008038 series 2540720
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut welcome Matt Rose, an experienced technical AppSec testing leader. Matt discusses his career journey and significant contributions in AppSec. The conversation delves into the nuances of software supply chain security, exploring how different perceptions affect its understanding. Matt provides insights into the XZ compromise, critiques the buzzword 'shift left,' and discusses the role of digital twins and AI in enhancing the supply chain security. He emphasizes the need for a comprehensive approach beyond SCA, the relevance of threat modeling, and the potential risks and benefits of AI in security. The discussion also touches on industry trends, the importance of understanding marketing terms, and the future directions of AppSec.
Mentioned in the episode:
The Application Security Program Handbook by Derek Fisher
https://www.manning.com/books/application-security-program-handbook
Podcast Episode: Derek Fisher – The Application Security Program Handbook
https://youtu.be/DgmlHgNT-UM
Authors mentioned:
Steven E. Ambrose https://www.simonandschuster.com/authors/Stephen-E-Ambrose/1063454
Mark Frost https://en.wikipedia.org/wiki/Mark_Frost
FOLLOW OUR SOCIAL MEDIA:
➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast
Thanks for Listening!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
273 Episoden
Alle Folgen
×Willkommen auf Player FM!
Player FM scannt gerade das Web nach Podcasts mit hoher Qualität, die du genießen kannst. Es ist die beste Podcast-App und funktioniert auf Android, iPhone und im Web. Melde dich an, um Abos geräteübergreifend zu synchronisieren.