The Secure Developer

Episode Summary

How do we apply the battle-tested principles of authentication and authorization to the rapidly evolving world of AI and Large Language Models (LLMs)? In this episode, we're joined by Aaron Parecki, Director of Identity Standards at Okta, to explore the past, present, and future of OAuth.  We dive into the lessons learned from the evolution of OAuth 1.0 to 2.1, discuss the critical role of standards in securing new t...

Episode Summary

Dive into the ever-evolving world of platform engineering with Cory O’Daniel, CEO and co-founder of Massdriver. This episode explores the journey of DevOps, the challenges of building and scaling infrastructure, and the crucial role of creating effective abstractions to empower developers. Cory shares his insights on the shift towards platform engineering as a means to build more secure and efficient software by defa...

Episode Summary

Jeremy Snyder is the co-founder and CEO of FireTail, a company that enables organizations to adopt AI safely without sacrificing speed or innovation. In this conversation, Jeremy shares his deep expertise in API and AI security, highlighting the second wave of cloud adoption and his pivotal experiences at AWS during key moments in its growth from startup onwards.

Show Notes

In this episode of The Secure Developer, host...

Episode Summary

 Is the traditional Silicon Valley startup model harming the security industry? In this episode of The Secure Developer, Danny Allan talks with Melanie Rieback, founder of Radically Open Security, about shaking up the industry with nonprofit business models. Tuning in, you’ll learn about the inner workings of Radically Open Security as a non-profit organization and the positive impact its donations have had on the op...

Episode Summary

In this episode of The Secure Developer, Danny Allan sits down with Akira Brand, AVP of Application Security at PRA Group, to explore the evolving landscape of application security and AI. Akira shares her unconventional journey from opera to cybersecurity, discusses why AppSec is fundamentally a customer service role and breaks down how AI is reshaping security workflows. Tune in to hear insights on integrating secu...

Episode Summary

In this episode of The Secure Developer, host Danny Allan sits down with Alex Salazar, founder and CEO of Arcade, to discuss the evolving landscape of authentication and authorization in an AI-driven world. Alex shares insights on the shift from traditional front-door security to back-end agent interactions, the challenges of securing AI-driven agents, and the role of identity in modern security frameworks. The conve...

Episode Summary

In this episode of The Secure Developer, Danny Allan sits down with Mrinal Wadhwa, CTO at Ockam, to explore the evolving landscape of secure communication in distributed systems. They discuss the challenges of securing microservices, IoT networks, and Kubernetes environments and how traditional TLS-based security models may no longer be sufficient. Mrinal shares insights into Ockam’s approach to end-to-end encrypted,...

Episode Summary

In this episode of The Secure Developer, Danny Allan, CTO of Snyk, sits down with Wayne Chang, Founder and CEO of SpruceID, to explore the evolving landscape of digital identity and security. From self-sovereign identity to the role of AI in authentication, they discuss the future of identity management, the risks of centralized systems, and the benefits of decentralized approaches. They also dive into how policy, co...

Episode Summary

Security is more than just a checklist—it’s a cultural movement. In this episode, Dustin Lehr, Co-founder of Katilyst, joins Danny Allan to explore the intersection of security, engineering, and culture. They discuss how to foster security champions, scale security programs, and build a culture where developers naturally integrate security into their workflows. Dustin shares insights from his extensive career, offeri...

Episode Summary

Join Jeremiah Grossman, application security pioneer and former CEO of WhiteHat Security, as he reflects on decades of innovation in the industry, from the early days of OWASP to today’s AI-driven development landscape. Explore critical discussions about the escalating costs of security, aligning developer incentives, and the future challenges posed by AI-generated vulnerabilities. Packed with insights, this episode ...

Episode Summary

In this episode of The Secure Developer, host Danny Allan sits down with David Mytton, founder and CEO of Arcjet, former CEO of Server Density, and co-founder of Console.dev. David shares his insights into bridging the “developer-security gap” with Arcjet, a cutting-edge middleware SDK designed to empower developers with advanced security tools like rate limiting and bot protection. The conversation dives into the ev...

Episode Summary

Imagine if AI could detect and fix vulnerabilities in your code faster and with greater precision than ever before. That future is already here! In today’s episode, we’re joined by Berkay Berabi, an AI researcher and Senior Software Engineer at Snyk, to dive into the cutting-edge world of AI-powered vulnerability detection. Berkay offers insight into how Snyk is leveraging a hybrid AI approach to detect and fix vulne...

Episode Summary

Are you ready to revolutionize your coding experience with cutting-edge AI tools? In this episode of The Secure Developer, host Danny Allan is joined by Jeff Wang, Head of Business at Codeium, to take a deep dive into the transformative power of generative AI in software development. Discover how coding assistants have evolved from simple auto-complete functions to sophisticated AI-driven tools, the significant impac...

Episode Summary

In this episode of The Secure Developer, David Imhoff, Director of DevSecOps and Product Security at Kroger, shares insights on implementing DevSecOps in large organizations. He discusses balancing regulatory compliance with business objectives, fostering a security culture, and the challenges of risk mitigation. David also explores the importance of asset management, security champions, and the potential impact of A...

Episode Summary

In this special episode of “The Secure Developer,” host Danny Allan interviews Snyk founder Guy Podjarny about the origins and evolution of Snyk. Guy shares his journey from conceptualizing Snyk in the shower to building it into a developer-first security platform. They discuss the challenges and successes of integrating security into the developer workflow, the importance of open-source security, and the impact of A...

Episode Summary

In this episode of The Secure Developer we're joined by Brian Vallelunga, Founder and CEO of Doppler, to discuss the importance of secrets management in modern application development. Brian shares his journey in creating Doppler, a secrets manager designed for developers and DevOps teams, and highlights the challenges organizations face in managing sensitive data such as API keys, database credentials, and certifica...

Episode Summary

Are you curious about the ever-changing landscape of data security? In this episode, we are joined by Danny Allan, the newly appointed Chief Technology Officer at Snyk, to delve into the evolving landscape of data security. In our conversation, we discussed his professional background and how he went from hacking security systems at university to becoming a security expert at Snyk. Hear about his experience in dynami...

Episode Summary

Explore the role of consolidated platforms in software development with our guest, John Delmare, Global Application and Cloud Security Lead of Accenture. This episode dives into the growing complexity in the developer space and how these platforms streamline processes and foster collaboration among distributed teams. We discuss balancing application and cloud security, the financial and time-saving benefits of integr...