Nathan is the manager of the application security team at Intuit Mailchimp. He has over 7 years of experience in application security working at both startups and Fortune 500 companies. In that time, Nathan has been both an engineer and a leader. His primary focus has been on building out application security programs by implementing scalable processes and efficient methodologies. Nathan holds a Master’s in Digital Forensics and CyberSecurity from John Jay College of Criminal Justice and a Bachelor’s in Music Composition from University of the Arts.
In this show, Nathan and Francesco discuss the start in application security, how to mentor new interns and bridge the skillgap and how to measure application security progress when deploying shift left methodologies in devsecops
The episode is brought to you by Phoenix Security; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the most important vulnerabilities and reduce your exposure to modern attacks. See it for yourself. Go to https://www.phoenix.security for a free 14-day licence.
2:00 – Nathan’s Intro
7:30 – from music to cybersecurity and new generation
11:00 – State of application security
14:00 – Vulnerability – What is a vulnerability in software
18:00 – How do you bring in the business in appsec – Product security
12:00 – Cybersecurity technicalities – Pen-tests and regulation
16:00 – Cybersecurity and regulation in USA
19:00 – SBOM, Digital Software supply chain
20:00 – Risk for application security and business perspective
22:00 – Business categories of risk for application security
24:00 – Business criticality vs low criticality – how to talk about risk
26:00 – Prioritize work based on risk in application security
27:00 – Avoiding burnout and preventing risk – Mailchimp program of work – SPIDER
31:00 – Doing more with less in application security
33:00 – Measuring shift left effectiveness – Dentist story
37:00 – Positive message and conclusion
Nathan
Blog: https://nathancooke.com/
Linkedin: https://www.linkedin.com/in/nathancooke7/
Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
Linkedin: linkedin.com/in/fracipo
#CSCP #cybermentoringmonday cybercloudpodcast.com
Social Media Links
Follow us on social media to get the latest episodes:
Website: http://www.cybercloudpodcast.com/
You can listen to this podcast on your favourite player:
Itunes: https://podcasts.apple.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463
Spotify: https://open.spotify.com/show/3fg8AqP4vEi5Im8YKxazUQ
Linkedin: https://www.linkedin.com/company/35703565/admin/
Twitter: https://twitter.com/podcast_cyber
Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/