Co-sponsored by Synopsys and IEEE Security & Privacy.
Show 153: Gary McGraw discusses the evolution of software security, the BSIMM, the CISO report, and the future of IoT
Listen as Taylor Armerding and Gary discuss the early years and evolution of Cigital and software security, Gary’s software security touchpoints, the BSIMM, the CISO report, the Silver Bullet podcast, and what the future holds.
Show 152: Elias Levy discusses hacking, programming languages, full disclosure, inventory control, and software security
Listen as Gary and Elias discuss the progress we’ve made in software security over the last 25 years, programming languages, full disclosure, the relationship between technology inventory and software security, and more.
Show 151: Meera Rao discusses software design analysis, CI/CD and DevOps, and mentorship
Listen as Gary and Meera discuss how to deal with design flaws; touchpoints such as architecture risk analysis and threat modeling; CI/CD, DevOps, automation, and orchestration; the importance of mentorship; and more.
Show 150: Filippo Valsorda discusses programming languages and the dynamic world of cryptography
Listen as Gary and Filippo discuss programming languages and the role they play in software security, getting started in cryptography, open source security, blockchain and cryptocurrency, and more.
Show 149: Brittany Postnikoff discusses the maker culture and the problems with robots
Listen as Gary and Brittany discuss robotics, maker culture, the hands-on nature of learning, the security and privacy problems that robots introduce, robot vulnerability, and more.
Show 148: Gøran Breivik discusses Bergen, Norway and software security for the city
Listen as Gary and Gøran discuss what it’s like to work for a city government and how to align the city’s goals with software security. They also examine how to get the city to pay attention to security along with all other focus areas, including GDPR, the challenges of digitalization, and how to work with the city to set a budget as you address security and privacy goals and concerns.