ASW #240 – Kelly Shortridge, Eric Fourrier, Richard Yew
Full Audio
View Show IndexSegments
1. Close the Security Theater: Enter Resilience – Kelly Shortridge – ASW #240
What does software resilience mean? Why is status quo application security unfit for the modern era of software? How can we move from security theater to security chaos engineering? This segment answers these questions and more.
Segment Resources:
- Book -- https://securitychaoseng.com
- Blog -- https://kellyshortridge.com/blog/posts/
Announcements
Join us at an upcoming Official Cyber Security Summit in a city near you! This series of one-day, invitation-only, executive level conferences are designed to educate senior cyber professionals on the latest threat landscape.
We are pleased to offer our listeners $100 off admission when you use code SecWeek23 to register.
Visit securityweekly.com/cybersecuritysummit to learn more and register today!
Guest
Kelly Shortridge is a Senior Principal in the Office of the CTO at Fastly. Shortridge is lead author of Security Chaos Engineering: Sustaining Resilience in Software and Systems (O’Reilly Media) and is best known as an expert on resilience in complex software systems, the application of behavioral economics to cybersecurity, and bringing security out of the dark ages. Shortridge has been a successful enterprise product leader as well as a startup founder (with an exit to CrowdStrike) and investment banker. Shortridge frequently advises Fortune 500s, investors, startups, and federal agencies and has spoken at major technology conferences internationally, including Black Hat USA, O’Reilly Velocity Conference, and SREcon. Shortridge’s research has been featured in ACM, IEEE, and USENIX, spanning behavioral science in cybersecurity, deception strategies, and the ROI of software resilience. Shortridge also serves on the editorial board of ACM Queue.
Hosts
2. Strengthening Your Security Position: Detecting Software Supply Chain Breaches – ASW #240
In the ever-evolving world of cybersecurity, attackers are constantly finding new ways to infiltrate your software supply chains. But with GitGuardian's Honeytoken, you can stay ahead of the game. Deploy honeytokens at scale, monitor for unauthorized use, and detect intrusions before they can wreak havoc on your system. With Honeytoken, you'll have the insight you need to protect your confidential data and know where, who, and how attackers are trying to access it.
This segment is sponsored by GitGuardian. Visit https://securityweekly.com/gitguardianrsac to learn more about them!
In light of the constant change in the threat landscape, how does an organization keep up with the attackers who're always innovating? New specialized security solutions are regularly being introduced to address new threats, increasing complexities and the non-functional requirement(NFRs) associated with integration of these systems to already complicated enterprise web applications. How does an organization implement holistic defense without increasing cost, complexity and impacting user experience?
Edgio will address how an edge-enabled holistic security platform can effectively reduce the attack surface, improve the effectiveness of the defense while reducing the latency of critical web applications via it’s multi-layered defense approach. It also offers the ability to integrate with an enterprises' DevSecOps workflow to achieve better security practices. Edio will discuss how its security platform “shrinks the haystacks” so that organizations can better focus on delivering key business outcomes.
This segment is sponsored by Edgio. Visit https://securityweekly.com/edgiorsac to learn more about them!
Announcements
Our teams from Security Weekly and SC Media were onsite at RSA Conference 2023 delivering in-depth reporting, analysis and interviews from the conference. If you were unable to join us in person, or didn't manage to catch our video livestream from Broadcast Alley, you can access all of our RSAC 2023 coverage at https://securityweekly.com/rsac.
Guests
Eric Fourrier is an experienced engineer and entrepreneur with a degree in machine learning from Ecole Normale Supérieure in Paris and a graduate degree from Ecole Centrale. He started his career as a data scientist in the financial sector in the United States before founding Quantiops, a consulting firm focused on big data analysis. In 2017, Eric co-founded GitGuardian, a rapidly growing cybersecurity startup that is dedicated to helping businesses protect their SDLC and software supply chain. With his expertise and entrepreneurial spirit, Eric is committed to driving innovation and growth in the tech industry.
Richard Yew is Senior Director, Product Management for Edgio Security. With more than 10+ years of security technology experience worldwide, Richard is on top of the latest trends and technologies including WAAP, DDoS protection, bot management and enterprise security. Richard comes to Edgio from Yahoo-Edgecast and, prior to this, he was with Verizon Media Platform for a number of years. Richard also spent a brief time at Akamai before moving back to Verizon Digital Media Services as Head of Product for Security. He has led teams involving technical scope and developed strategic solutions for customers and prospects. He was educated at the Illinois Institute of Technology, and later at DePaul University, rising through a technical and engineering background to a managerial role.
Hosts
