From DMZs to DevSecOps: Building Modern AppSec Programs with Gunnar Peterson

All Episodes

January 15, 2025 • 75 mins

In this conversation, Robert Wood and Gunnar Peterson delve into the complexities of application security (AppSec), discussing its evolution, the importance of building effective AppSec programs, and the need for engaging developers in security practices. They explore the blurred lines between cloud security and application security, the role of posture management tools, and the significance of an asset-centric approach to security. Gunnar emphasizes the importance of understanding key use cases and platforms within an organization, as well as the need for security professionals to broaden their skill sets to navigate the changing landscape of cybersecurity effectively.

Takeaways

Application security is evolving, requiring a focus on both technology and human factors.
Understanding the organization's current state is crucial for building an effective AppSec program.
Coverage and efficacy are key metrics for assessing AppSec initiatives.
Engaging developers is essential for successful security practices.
In larger organizations, security efforts can become check-the-box activities.
The lines between cloud security and application security are increasingly blurred.
Posture management tools are emerging to address skill gaps in AppSec.
An asset-centric approach to security is gaining traction in the industry.
New security professionals should prioritize understanding key business use cases.
The future of security will require blending traditional practices with new technologies.

Sound Bites

"Good judgment comes from experience."
"You have to have the humility to recognize."

Chapters

00:00 Introduction to Application Security and Its Evolution

02:59. .css-j9qmi7{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;font-weight:700;margin-bottom:1rem;margin-top:2.8rem;width:100%;-webkit-box-pack:start;-ms-flex-pack:start;-webkit-justify-content:start;justify-content:start;padding-left:5rem;}@media only screen and (max-width: 599px){.css-j9qmi7{padding-left:0;-webkit-box-pack:center;-ms-flex-pack:center;-webkit-justify-content:center;justify-content:center;}}.css-j9qmi7 svg{fill:#27292D;}.css-j9qmi7 .eagfbvw0{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;color:#27292D;}

Mark as Played

Advertise With Us

Popular Podcasts

Crime Junkie

Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.

24/7 News: The Latest

The latest news in 4 minutes updated every hour, every day.

Stuff You Should Know

If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.

.css-15opob5{left:0;position:absolute;top:0.8rem;} All Episodes

.css-14f5ked{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:2;overflow:hidden;} From DMZs to DevSecOps: Building Modern AppSec Programs with Gunnar Peterson