Cyber Security & Cloud Podcast

• CSCP S4EP18 - James Berthoty - What The heck is ASPM and the evolution of Product security

  Join us for an engaging episode as we welcome James Berthoty, a seasoned cybersecurity professional with a diverse background spanning sysadmin, DevOps, and security engineering roles. James takes us through his journey across different organizations, including his current role at PagerDuty, where he tackles the intricate challenges of FedRAMP compliance. Listen in as James shares insights on the rapid evolution of the Application Security (AppSec) industry, driven by the need for infrastructure professionals to interact with application code in today’s API-driven cloud environment. We also explore the disparity in innovation recognition among security solution providers and the difficulties of staying current in this fast-paced industry. Sponsored by Phoenix Security: This episode is brought to you by Phoenix Security, leaders in vulnerability management from code to cloud. Take control of your security with Phoenix and see firsthand how to prioritize and act on critical vulnerabilities with a free 14-day license available at Phoenix Security - Request a Demo. We also discuss the complex challenges of managing visibility and actionability within cybersecurity, particularly in handling software vulnerabilities. Learn about the evolution of patch management and the inefficiencies of the Common Vulnerabilities and Exposures (CVE) system, which often leads to false positives. This conversation sheds light on the market's tendency to prioritize quantity over quality in vulnerability detection tools and the potential shift towards more precise, less noisy solutions. Effective testing and benchmarking tools, like insecure testing repositories and OWASP projects, are also highlighted as a means to enhance the reliability of security tools. Finally, we explore the broader landscape of security tools and frameworks, including the stringent requirements of FedRAMP and the balance between flexible and opinionated tools. Through case studies and real-world examples, we discuss the significance of asset management, the evolving landscape of security tools, and the importance of transparency in marketing. The episode wraps up with a look at managing open-source supply chain risks and the crucial role of entities like Tidelift in providing paid maintenance services, reflecting the industry's shift towards better security practices. Don't miss this comprehensive exploration of the current state and future trends in the cybersecurity and software security industry.   Episode Highlights:   •Application Security and ASPM: We delve into the complex challenges of Application Security Posture Management (ASPM), focusing on managing visibility and actionability within cybersecurity, particularly in handling software vulnerabilities. •Vulnerability Management: Learn about the evolution of patch management and the inefficiencies of the Common Vulnerabilities and Exposures (CVE) system, which often leads to false positives. •Effective Testing Tools: This conversation sheds light on effective testing and benchmarking tools, like insecure testing repositories and OWASP projects, to enhance the reliability of security tools. •FedRAMP and Security Tools: Explore the stringent requirements of FedRAMP and the balance between flexible and opinionated tools in the broader landscape of security frameworks. •Asset Management: Through case studies and real-world examples, we discuss the significance of asset management in vulnerability management and the evolving landscape of security tools. •Open Source Supply Chain Risks: The episode wraps up with a look at managing open-source supply chain risks and the crucial role of entities like Tidelift in providing paid maintenance services, reflecting the industry’s shift towards better security practices. What's Inside This Episode: 00:54 - Host Introduction: Francesco Cipollone introduces the episode and guest James Berthoty. 01:27 - Guest Introduction: James Berthoty shares his background and journey in cybersecurity. 02:07 - Managed Detection Response Insights: James discusses his experience and insights from working in managed detection response. 05:16 - AppSec Industry Evolution: Discussion on the rapid changes in AppSec and the impact of new technologies. 09:28 - The Challenge of Vulnerability Management: Francesco and James delve into the complexities of modern vulnerability management. 12:32 - Tool Integration and Market Trends: The conversation shifts to the integration of various security tools and market trends. 20:21 - Security Operations Challenges: The struggle of handling CSPM alerts and the role of security operations. 27:01 - Asset Management Importance: The critical role of asset management in vulnerability management and its implications. 31:48 - Market Evolution and Tool Adaptation: Discussion on how security tools need to adapt to evolving market demands. 35:50 - Reachability Analysis and SBOM: The importance of reachability analysis and the challenges of maintaining secure software supply chains. 44:50 - Positive Outlook on Security Discussions: Concluding thoughts on the positive impact of increased security discussions and market involvement. 46:09 - Closing Remarks: Francesco wraps up the episode and provides information on how to follow James Berthoty. Connect with James Berhoty Website: Latiotech LinkedIn: James Berthoty   James Berthoty is a passionate security professional writer and creator of Latio Tech, dedicated to transforming security teams into integral contributors to product development, embodying the true essence of DevSecOps. As a former Security Engineer at PagerDuty, James leverages his extensive experience in sysadmin, DevOps, and cloud security to drive innovative security practices and ensure robust application security. Driven by his mission to connect people with the right products, James founded Lacio Tech, a platform that provides insights and reviews on emerging security technologies and startups. His hands-on experience in both startup environments and large enterprises equips him with a unique perspective on the challenges and solutions in the cybersecurity landscape. Residing in Tampa, Florida, James balances his professional life with his personal passions. He lives with his wife, Alexxus, and their three children. By day, he leads DevSecOps initiatives at ReliaQuest, and by night, he pursues a PhD in Philosophy and indulges in video gaming. His commitment to continuous learning and his multifaceted interests make him a dynamic and influential figure in the cybersecurity community.   Connect with James: Follow Cyber Security and Cloud Podcast Website: Cyber Security and Cloud Podcast LinkedIn: Cyber Security and Cloud Podcast LinkedIn Twitter: @podcast_cyber YouTube: Cyber Security and Cloud Podcast YouTube iTunes: Cyber Security and Cloud Podcast on iTunes Spotify: Cyber Security and Cloud Podcast on Spotify Hashtags #Cybersecurity #AppSec #ProductSecurity #ProdSec #ASPM

  --------  

  46:09
• CSCP S4EP18 - Marius Poskus - Who mention about non technical CISO - ASPM and Running application security programs from CISO perspective

  Join us as we explore the evolving application security landscape with Marius Poskus, VP of Glow Financial Services and a seasoned cybersecurity professional. In this episode, we delve into the increasing adoption of open-source code and AI in startup development, examining the potential impacts on code security amid rapid innovation pressures. Marius shares his insights on the cultural shifts required for effective DevSecOps practices, the prolonged timelines for meaningful change, and the disruptions caused by changing CISOs. We also touch on the challenges of maintaining consistent application security programs in a dynamic leadership environment, the proliferation of tools, and the importance of measuring their effectiveness. Listen in as we unravel the complexities of managing application security within development environments. Sponsored by Phoenix Security: This episode is brought to you by Phoenix Security, leaders in vulnerability management from code to cloud. Take control of your security with Phoenix and see firsthand how to prioritize and act on critical vulnerabilities with a free 14-day license available at Phoenix Security - Request a Demo. We highlight the significance of providing contextual insight and effective communication to address security issues meaningfully. By prioritizing critical issues that offer the most significant risk reduction, we advocate for a strategic approach to security management. Marius also emphasizes understanding the root causes of vulnerabilities to enhance overall practices and mitigate future risks. Finally, we discuss translating risk into business language, emphasizing temporality and criticality to align security efforts with business priorities. What's Inside This Episode: 00:00 - Introduction: Francesco Cipollone introduces the podcast and guest, Marius Poskus, VP at Glow Financial Services. 00:50 - Marius's Introduction: Marius discusses his background and roles, including his YouTube channel and upcoming consultancy. 02:04 - Industry Overview: Marius talks about the evolving landscape of application security and the impact of AI. 03:25 - Secure Code Development: The challenges of rushing code to market and understanding governance and risks. 04:19 - Application Security Programs: The cultural shift needed for DevSecOps and the impact of CISO tenure on security programs. 06:15 - Tooling and Measurement: The prevalence and challenges of security tools in organizations. 07:00 - Compliance and Standardization: The role of emerging standards and frameworks in driving security practices. 09:01 - Asset Management and Application Security: Tracking code across different environments and the complexity of asset management. 10:48 - Ownership and Attribution: Identifying ownership and responsibility for code and vulnerabilities. 13:00 - Contextual Insight: Providing rich information and context to development teams for better security understanding. 15:18 - Measuring Security Tooling: The need for better measurement and understanding the root cause of issues. 17:00 - Risk Management: Prioritizing issues based on risk and translating security issues into business risks. 18:45 - Advice for CISOs: Building business expectations, creating positive narratives, and transforming security from a cost center to a revenue generator. 21:57 - ROI of Security: Measuring the ROI of security through risk reduction and effective communication. 23:38 - Positive Industry Outlook: Marius's optimistic view on the industry's trajectory towards better security practices. 25:19 - Closing Remarks: Final thoughts on staying updated with industry changes and innovations. Where to find more about Marius and his work. 26:09 - Outro: Francesco thanks Marius and encourages listeners to build security programs with insight. Connect with Marius Poskus LinkedIn: Marius Poskus Podcast: Cyber Diaries Episode About Marius With over a decade of cybersecurity experience, I am the Global Vice President and Chief Information Security Officer at Glow Financial Services Limited, a leading fintech company that offers innovative and customer-centric solutions. My mission is to build and execute a comprehensive cybersecurity strategy that aligns with the business goals and enterprise risk management of Glow, while ensuring compliance with ISO27001 and other relevant standards. I lead a high-performing team of cybersecurity professionals who deliver cutting-edge solutions across various domains, such as cloud security, DevSecOps, AppSec, threat hunting, penetration testing, and red and purple teaming. I have successfully implemented a 24/7 Security Operations Centre, a cloud adoption model, and an AppSec program that enhance the security posture and resilience of Glow's global operations. I am also passionate about sharing my knowledge and insights on cybersecurity topics as a public speaker, a non-executive director, and a mentor. Follow Cyber Security and Cloud Podcast Website: Cyber Security and Cloud Podcast LinkedIn: Cyber Security and Cloud Podcast LinkedIn Twitter: @podcast_cyber YouTube: Cyber Security and Cloud Podcast YouTube iTunes: Cyber Security and Cloud Podcast on iTunes Spotify: Cyber Security and Cloud Podcast on Spotify Hashtags #Cybersecurity #AppSec #ProductSecurity #ProdSec #ASPM

  --------  

  32:09
• CSCP S4EP17 - Adam Shostack - Threat modelling in past and future with Adam Shostack from vulnerability to ASPM and modern application security

    Join us in this insightful episode of the Cybersecurity and Cloud Podcast, where host Francesco Cipollone sits down with the pioneer of threat modeling, Adam Shostack. Dive into the intricacies of Application Security Posture Management (ASPM), effective threat modeling practices, and the innovative solutions offered by Phoenix Security. Gain valuable knowledge on how to improve your organization's security posture and stay ahead of evolving threats. Sponsored by Phoenix Security: This episode is brought to you by Phoenix Security, leaders in vulnerability management from code to cloud. Take control of your security with Phoenix and see firsthand how to prioritize and act on critical vulnerabilities with a free 14-day license available at Phoenix Security - Request a Demo. We delve into threat modeling and software security, touching on the profound implications of the White House's recent report on memory-safe programming languages. We also dissect the systemic challenges of self-regulation in the cybersecurity market, especially in the aftermath of significant incidents like the SolarWinds attack. Adam shares his valuable insights on CISA's latest strategies to tackle vulnerabilities at their origin, emphasizing the critical need for proactive and systemic solutions in bolstering cybersecurity practices. In another segment, we examine the complexities surrounding software security regulation and self-regulation in both the US and Europe. Drawing parallels to the automotive industry, we discuss how software companies are held accountable for the components they use, similar to how car manufacturers are responsible for their parts. The conversation highlights the Biden administration's executive order requiring vendors to self-attest to software security when selling to the US government and compares this to established regulatory frameworks like SEC regulations. We also address the balance between proactive and reactive regulatory measures, referencing historical efforts such as Microsoft's Trustworthy Computing initiative and discussing the unique challenges faced by sectors like medical devices, where security and functionality must be meticulously balanced.   Key Discussion Points: Threat Modeling and Application Security: An in-depth look at threat modeling and its crucial role in enhancing application security. White House Report on Memory-Safe Programming Languages: Exploring the implications of the recent White House report and its impact on software security practices. Self-Regulation vs. Government Regulation: Analysis of the challenges and benefits of self-regulation in the cybersecurity market, particularly post-SolarWinds. CISA’s Strategies on Vulnerability Management: Insights into CISA's proactive approaches to tackling vulnerabilities at their origin. US and European Software Security Regulations: Comparing US and European approaches to software security regulation and the accountability of software companies. Biden Administration’s Executive Order: The requirement for vendors to self-attest to software security and its broader implications. Historical Context: Reflecting on past efforts like Microsoft's Trustworthy Computing initiative and their relevance today. Balancing Security and Functionality: The unique challenges faced by sectors like medical devices in maintaining both security and functionality. What's Inside This Episode: 00:01 - Introduction: Francesco Cipollone introduces the podcast and guest, Adam Shostack, a leader in threat modeling and application security. 00:22 - Role in Threat Modeling: Adam discusses his contributions to the field of threat modeling and the importance of simplifying and organizing the process. 02:00 - Background and Career: Adam shares his extensive experience in application security, including his work at Microsoft and current role at Shostack and Associates. 03:00 - State of Application Security and Threat Modeling: Discussion on the current state of application security and the significance of the White House report on memory-safe programming languages. 04:00 - Regulatory Influences and Vulnerability Management: Insights into how government regulations are influencing application security and the challenges in managing vulnerabilities. 06:00 - Historical Context of Software Security: Reflection on historical security practices and the evolution of software security. 08:00 - SolarWinds SEC Lawsuit: Detailed discussion on the SEC lawsuit against SolarWinds and the importance of accurate security statements. 10:00 - Challenges in Implementing Security Measures: The difficulties organizations face in implementing effective security measures and the necessity of having a comprehensive asset inventory. 12:00 - Government Regulations and Market Self-Regulation: Debate on the effectiveness of market self-regulation versus government mandates in shaping the future of application security. 14:00 - Balancing Profit and Security: The conflict between maintaining profit margins and investing in security, and the role of commercial support in sustaining open-source software security. 16:00 - Open Source Software and Commercial Support: Discussion on the need for commercial support for open-source software and the impact of regulations on the open-source community. 18:00 - Self-Regulation in Software Security: The role of self-attestation in software security and the thin line between self-regulation and government mandates. 20:00 - Responsibilities of CISOs and Corporate Accountability: The critical responsibilities of CISOs in communicating security risks and how regulatory measures push for better accountability. 22:00 - Microsoft's Security Evolution: Reflection on Microsoft's journey in improving software security and the importance of initiatives like the Security Development Lifecycle (SDL). 24:00 - EU AI Act and Its Implications: Brief overview of the EU AI Act and its impact on high-risk applications. 26:00 - Dark Gemini and Modern Threats: Teaser for a future episode on Dark Gemini, an advanced AI used for nefarious purposes, and its implications for threat modeling and vulnerability management. 28:00 - Weaponization of Vulnerabilities: Discussion on the rapid weaponization of vulnerabilities and the need for systemic fixes in software security. 30:00 - Closing Thoughts: Summary of the discussion on ASPM, threat modeling, and Phoenix Security, emphasizing the positive impact of ongoing changes in security practices. 33:00 - Positive Message and Conclusion: Adam’s positive message about the future of software security and Francesco’s emphasis on the importance of proactive measures. Information on where to find more about Adam Shostack and his work. Connect with Adam Adam Shostack Adam is the author of Threat Modeling: Designing for Security and Threats: What Every Engineer Should Learn from Star Wars. He’s a leading expert on threat modeling, a consultant, expert witness, and game designer. He has decades of experience delivering security. His experience ranges across the business world from founding startups to nearly a decade at Microsoft. His accomplishments include: Helped create the CVE. Now an Emeritus member of the Advisory Board. Fixed Autorun for hundreds of millions of systems. Led the design and delivery of the Microsoft SDL Threat Modeling Tool (v3). Created the Elevation of Privilege threat modeling game. Co-authored The New School of Information Security. Cyber Security and Cloud Podcast hosted by Francesco Cipollone Twitter @FrankSEC42 Linkedin: linkedin.com/in/fracipo  #CSCP #cybermentoringmonday cybercloudpodcast.com  Follow us on social media to get the latest episodes: Website: http://www.cybercloudpodcast.com/ Linkedin: https://www.linkedin.com/company/35703565/admin/  
 Twitter: https://twitter.com/podcast_cyber   
 Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/  You can listen to this podcast on your favourite player: Itunes: https://podcasts.apple.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463  
 Spotify: https://open.spotify.com/show/3fg8AqP4vEi5Im8YKxazUQ  Resources and Links: Adam Shostack's About Page Elevation of Privilege Game The New School of Information Security Threat Modeling: Designing for Security (Amazon UK) Threats: What Every Engineer Should Learn from Star Wars (Amazon UK) The New School of Information Security (Amazon UK) Phoenix Security Cybersecurity and Cloud Podcast #Cybersecurity, #appsec #productsecurity #prodsec  #aspm

  --------  

  33:00
• CSCP S4EP15 - Akira Brand - Singing the Tune of Application Security with Akira Brand

    Join us for an in-depth discussion on the challenges and strategies of Application Security Program Management (ASPM) in today's fast-evolving tech landscape. Francesco Cipollone welcomes guest Akira Brand, a seasoned application security engineer and cybersecurity consultant, to explore practical insights into securing applications in the cloud and beyond. We also examine the shift in terminology from AppSec to product security and delve into Akira's unique background in opera singing, which empowers her to convey complex technical subjects with remarkable clarity.  Sponsored by Phoenix Security: This episode is brought to you by Phoenix Security, leaders in vulnerability management from code to cloud. Take control of your security with Phoenix and see firsthand how to prioritize and act on critical vulnerabilities with a free 14-day license available at Phoenix Security - Request a Demo. In this engaging session, curiosity takes center stage as a catalyst for teaching and learning within the tech world. I share my personal experiences and the joy found in the creative struggle of technical writing and documentation. Akira and I discuss the importance of a systematic approach, whether in threat modeling or honing educational techniques. We celebrate the power of curiosity-driven engagement and invite you to reflect on your learning processes. Wrapping up with a focus on threat modeling, we emphasize its significance in application security programs and the importance of business engagement in the risk assessment process. We debate the effectiveness of various motivational strategies, from incentives to potential legal implications for security professionals. As we close, we challenge you to incorporate threat modeling practices into your security measures and participate in our social media challenge. Stay vigilant and join us for a discussion that blends practical insights with forward-thinking perspectives in the ever-evolving landscape of cybersecurity. What's Inside This Episode: 00:04 - Sponsor Message: Phoenix Security Limited 00:54 - Introduction by Host, Francesco Cipollone 01:29 - Akira Brand discusses her background and transition to application security 07:40 - Deep dive into application security program fundamentals and threat modeling 25:20 - Discussion on fostering a positive security culture within organizations Sponsored by Phoenix Security: This episode is brought to you by Phoenix Security, leaders in vulnerability management from code to cloud. Take control of your security with Phoenix and see firsthand how to prioritize and act on critical vulnerabilities with a free 14-day license available at Phoenix Security - Request a Demo. Don't Miss This Engaging Discussion on Cybersecurity Trends and Strategies: Tune into this enlightening episode to equip yourself with the knowledge and insights needed to navigate the ever-changing landscape of cybersecurity. Whether you're a professional in the field, a business leader, or just keen on enhancing your cybersecurity awareness, this episode is packed with valuable information to help you understand the nuances of securing applications and infrastructures in a digitally-driven world.   Resources Mentioned CIS Security Controls NIST Framework OWASP Guidelines Connect with Akira Brand LinkedIn: https://www.linkedin.com/in/akirabrand/  Personal Website: www.akirabrand.com   Cyber Security and Cloud Podcast hosted by Francesco Cipollone Twitter @FrankSEC42 Linkedin: linkedin.com/in/fracipo  #CSCP #cybermentoringmonday cybercloudpodcast.com  Follow us on social media to get the latest episodes: Website: http://www.cybercloudpodcast.com/ Linkedin: https://www.linkedin.com/company/35703565/admin/  
 Twitter: https://twitter.com/podcast_cyber   
 Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/  You can listen to this podcast on your favourite player: Itunes: https://podcasts.apple.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463  
 Spotify: https://open.spotify.com/show/3fg8AqP4vEi5Im8YKxazUQ    #Cybersecurity, #appsec #productsecurity #prodsec  #aspm

  --------  

  32:34
• CSCP S4EP16 - Irene Michlin - Threat Modelling in the age of AI

    Listen in as we navigate the crucial role of threat modeling in the landscape of application security with our esteemed guest, Irene Michlin, the application security lead at Neo4j. Together, we peel back the layers of integrating a developer's insight into the security process and how it fortifies the software development lifecycle. Irene's journey from coding to consulting paints a vivid picture of the security challenges and triumphs faced in today's agile environments. Sponsored by Phoenix Security: This episode is brought to you by Phoenix Security, leaders in vulnerability management from code to cloud. Take control of your security with Phoenix and see firsthand how to prioritize and act on critical vulnerabilities with a free 14-day license available at Phoenix Security - Request a Demo. We also dissect the often misunderstood concept of security theater and the varying impact of regulatory demands across businesses of different scales, all while highlighting the need for a risk-based approach to vulnerability management. During our conversation, we touch upon the symbiotic relationship between threat modeling and agile development, sharing anecdotes that demystify the practice and affirm its teachable nature. With Irene's rich background, we discuss how embedding security prompts into daily engineering tasks can make threat modeling more actionable, seamlessly blending it with development workflows. Our chat is a testament to the evolution of generational AI, where its jack-of-all-trades persona is on the cusp of becoming a specialized force with proper data training—showcasing the multifaceted potential of AI in cybersecurity and beyond. Wrapping up the episode, we share our admiration for an innovative Neo4j blog post that elegantly combines general AI with knowledge graphs, a read we highly recommend to those intrigued by the intersection of technology and security. The discussion reaffirms the importance of balancing agility with thoroughness in threat modeling to ensure robust cybersecurity postures. As we conclude, we remind our listeners of the power of staying informed and proactive in the digital age, inviting them to engage with our community through our social media giveaway and to stay tuned for more insights on navigating the ever-evolving world of cybersecurity. What's Inside This Episode: 00:01 - Introduction: Francesco Cipollone introduces the podcast and guest, Irene Michlin, application security lead at Neo4j. 00:22 - Sponsorship Mention: Acknowledgment of Phoenix Security's sponsorship. 00:25 - Episode Topic Introduction: Francesco and Irene dive into the importance of threat modeling in application security. 01:07 - Guest Introduction: Irene Michlin shares her journey from software development to application security leadership. 02:59 - Impact of Developer Background on Security: Discussion on how Irene's developer experience enhances her approach to security. 03:54 - Challenges in Security Implementation: Insights into the real-world challenges of integrating security into agile development projects. 05:42 - State of the Industry: Irene's perspective on the current state and future of application security. 07:40 - Security Theater and Compliance: Addressing the pitfalls of security theater and the role of regulatory demands. 09:40 - Reachability Analysis Debate: Pros and cons of reachability analysis in application security. 11:44 - Generative AI in Security: Exploring the potential and challenges of AI in enhancing application security practices. 13:53 - AI-based Threat Modeling: How AI can be leveraged for effective threat modeling while reducing errors. 15:36 - Practical Application of Threat Modeling: Making threat modeling actionable through daily engineering tasks. 20:20 - Security Prompts: Introduction of security prompts to integrate threat modeling into development workflows. 23:15 - Comprehensive vs. Incremental Threat Modeling: Balancing detailed and incremental approaches for robust security. 29:01 - PR Change and Code Scanning: Importance of both PR change scans and full scans in maintaining security. 32:34 - Integrating Vulnerability Management and Threat Modeling: Bridging the gap between these two critical aspects of application security. 36:00 - Closing Message: Encouragement for security professionals to stay positive and seek mentorship. 37:31 - Resources and Contacts: How to connect with Irene and access additional resources. Connect with Irene Michlin Connect with Irene Michlin: LinkedIn | Twitter (Legacy: X) Neo4j Blog: Explore insights on using AI and knowledge graphs for security. Threat Modeling Manifesto: Discover principles and practices in threat modeling. Cyber Security and Cloud Podcast hosted by Francesco Cipollone Twitter @FrankSEC42 Linkedin: linkedin.com/in/fracipo  #CSCP #cybermentoringmonday cybercloudpodcast.com  Follow us on social media to get the latest episodes: Website: http://www.cybercloudpodcast.com/ Linkedin: https://www.linkedin.com/company/35703565/admin/  
 Twitter: https://twitter.com/podcast_cyber   
 Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/  You can listen to this podcast on your favourite player: Itunes: https://podcasts.apple.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463  
 Spotify: https://open.spotify.com/show/3fg8AqP4vEi5Im8YKxazUQ    #Cybersecurity, #appsec #productsecurity #prodsec  #aspm

  --------  

  37:31

Meer Technologie podcasts

Trending Technologie -podcasts

Over Cyber Security & Cloud Podcast