this post was submitted on 14 Dec 2023
2 points (100.0% liked)

Security CPE

368 readers
1 users here now

Video and audio media that count towards your CPE (Continuing Professional Education) requirements for GIAC, CISSP, CISM, CRISC, CCSP, CompTIA certs.

Mostly conference talks and podcasts.

FAQ

founded 2 years ago
MODERATORS
ashar
2
Modern Security Podcast: Jamie Finnigan on How HashiCorp Secures Their Products - 1 hour 3 minutes (infosec.pub)
submitted 2 years ago by ashar to c/security_cpe
0 comments fedilink hide all child comments
 

Modern Security Podcast: Jamie Finnigan on How HashiCorp Secures Their Products

In this episode of the Modern Security Podcast we were joined by Jamie Finnigan, Director of Product Security @HashiCorp, and discussed how the security team prioritizes their time, rolling out developer-friendly security tooling, and much more.

2:08 - Intro to Jamie Finnigan

7:41 - The Product Security Org at HashiCorp

11:27 - How do you determine what to focus on?

16:40 - What does success look like for security at HashiCorp

20:50 - The difference between outputs and outcomes

25:52 - The Creation of Bandit

30:37 - HashiCorp Product Security Model

34:14 - Developer-Friendly Security Tooling

39:56 - Tool selection

46:09 - Eliminating SSRF via Secure Defaults

53:22 - Overview of the Secure Defaults Approach

59:16 - Empathy in Security

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here