ProdSec Decoded

Pratik Roychowdhury & Chiradeep Vittal
  • 5.0 (3)
  • TECHNOLOGY
  • UPDATED MONTHLY

This is a podcast on Product security. On ProdSec Decoded, we'll be having candid conversations with the brightest minds who are navigating the complex landscape of securing products in a world increasingly powered by AI.

Episodes

  1. Real World Product Security in Practice. Discussion with Sam Satyanathan (Head of Product Security @ UKG)

    10/13/2025

    Real World Product Security in Practice. Discussion with Sam Satyanathan (Head of Product Security @ UKG)

    In this episode of ProdSec Decoded, we sit down with Sam Satyanathan, Head of Product Security at UKG, to explore his journey from software development to leading security across financial services and SaaS. Linkedin: https://www.linkedin.com/in/sgsnathan/ We dive into: - What product security really means vs. AppSec - How to measure success with the right KPIs - The impact of AI — both opportunities and risks - Evolving leadership roles like the Chief Product Security Officer - Common mistakes companies still make in 2025 - Tips for spotting and building great security talent Packed with insights, predictions, and a rapid-fire round, this is a must-listen for security leaders, product builders, and anyone curious about the future of cybersecurity. 00:00 – Intro & Guest Background: Welcome to ProdSec Decoded 01:20 – Introducing Sam Satyanathan and his career highlights. 01:59 – Sam’s Journey into Security : From software development to financial services, mobile payments, and eventually product security leadership. 05:35 – Defining Product Security : AppSec vs. Product Security, SaaS vs. hardware, customer interactions, and working with product/engineering teams. 10:03 – Measuring Success : Key metrics and KPIs: testing coverage, MTTR, security champions, vulnerability management, compliance frameworks. 14:17 – Humans vs AI as vulnerabilities, “vibe coding” vs AI-assisted engineering, and the debate on AI replacing security teams. 22:00 – The rise of Chief Product Security Officer (CPSO) roles and how they complement CISOs. 25:04 – Common Mistakes in Product Security 26:42 – What makes a great product security hire — beyond certifications and pedigree. 29:02 – Predictions for the Future 30:13 – Rapid Fire Round 34:28 – Closing & Key Takeaways Recommendations from Sam : https://www.islf.foundation/ https://www.scworld.com/podcast-show/application-security-weekly https://podcasts.apple.com/us/podcast/ciso-tradecraft/id1538132658

    35 min
  2. Product Security from Dual Perspectives - Eng Leadership Meets CISO. Discussion with Ilan Dar (CISO @ AutoFi)

    08/18/2025

    Product Security from Dual Perspectives - Eng Leadership Meets CISO. Discussion with Ilan Dar (CISO @ AutoFi)

    In this episode of ProdSec Decoded, we sit down with Ilan Dar, who brings a rare dual perspective as both CISO and Senior Vice President of Technology Services. With over 20 years spanning engineering, product management, and information security, Ilan shares practical insights on building scalable product security programs in complex environments. Ilan Dar: https://www.linkedin.com/in/ilandar/ Key topics covered: - Balancing speed vs security - How to enable "security delivery at speed" without creating bottlenecks - Tackling tool noise and alert fatigue - Practical strategies for improving signal-to-noise ratio in security alerts - FinTech security challenges - Navigating the complex ecosystem of dealers, OEMs, lenders, and regulatory requirements - Proactive security frameworks - The five-step approach to securing complex third and fourth-party integrations - AI in cybersecurity - Cutting through the hype to identify real opportunities and emerging risks Budget allocation strategies - How security leaders are adapting spending priorities in the AI era Perfect for: CISOs, product security leaders, engineering managers, and anyone looking to understand how to scale security practices while maintaining development velocity in today's fast-moving tech landscape. 🔗 Listen for actionable insights on transforming security from a bottleneck into a business enabler at https://prodsec.tv Contacts: Pratik Roychowdhury: https://www.linkedin.com/in/proychowdhury/ Chiradeep Vittal: https://www.linkedin.com/in/chiradeepvittal/

    41 min
  3. Real-World Product Security at Scale. Discussion with Aftab Banth (Global Head of Enterprise Security @ TikTok)

    08/04/2025

    Real-World Product Security at Scale. Discussion with Aftab Banth (Global Head of Enterprise Security @ TikTok)

    In this episode of ProdSec Decoded, we sit down with Aftab Banth, Global Head of Enterprise Security and host of the CISO Circle Podcast, to unpack what modern product security looks like in practice. With nearly two decades of experience across companies like Medallia, Sephora, and Fortinet, Aftab brings a practitioner’s lens to everything from AI risk to remediation bottlenecks. LinkedIn: https://www.linkedin.com/in/ab-security/ The CISO Circle Podcast: https://podcasts.apple.com/us/podcast/the-ciso-circle/id1786197029 Discussion topics : - Why remediation, not just visibility, is the true bottleneck for security teams - What effective Dev-Sec collaboration looks like in fast-moving environments - The real meaning of “shift left” — and why empathy is key. - How to scale security in the age of AI coding agents - The power of failure and vulnerability in security leadership - What security leaders should be talking about — but aren’t.

    32 min
  4. Product Security Implementation from a Practitioner's Lens. Discussion with Awwab Arif (CISO @ Bank of Hope)

    07/29/2025

    Product Security Implementation from a Practitioner's Lens. Discussion with Awwab Arif (CISO @ Bank of Hope)

    In this episode of ProdSec Decoded, we sit down with Awwab Arif, SVP, MD & CISO at Bank of Hope. We explore what it takes to lead and scale product security in modern enterprises. Drawing from over two decades of experience, Awwab shares practical insights from building security programs in highly regulated environments. Linkedin : https://www.linkedin.com/in/awwabarif/ Discussion topics cover: - Awwab's journey and his transition from hands-on engineering to executive leadership in security - What product security means in both build and buy contexts - How to shift security left - especially in Agile environments - The role of threat modeling and red teaming in prioritizing and validating risk - Why effective remediation (not just vulnerability detection) is the next frontier - The risks and opportunities AI presents across both security operations and product features - Best practices for removing friction and fostering dev–sec collaboration - Advice for new CISOs stepping into high-stakes roles

    41 min
  5. OpenSource and its impact on ProdSec in a world powered by AI. Discussion with David Nalley (Ex-President @ Apache Software Foundation)

    07/16/2025

    OpenSource and its impact on ProdSec in a world powered by AI. Discussion with David Nalley (Ex-President @ Apache Software Foundation)

    In this video, we interview David Nalley (AWS Director of Developer Experience and Open Source Strategy + Former President of the Apache Software Foundation) about 'OpenSource and its Impact on Product Security in the world increasingly powered by AI'. https://www.linkedin.com/in/davidnalley/ Discussion Topics: 1. Evolution of Open Source & David’s career journey from sysadmin to open source leader. 2. Dependency Risk & Governance Gaps: Incidents like Log4Shell underscore the critical failures in dependency governance — fast remediation is not enough when vulnerable versions are still widely downloaded. 3. Maintainer Blind Spots & Burnout: Open source maintainers often have no visibility into how their code is used — from cloud infra to medical devices. 4. Security in the AI Supply Chain: Developers frequently import random, low-maintenance libraries sourced from GitHub. 5. AI & the Developer Lifecycle: The rise of “vibe coding” (prompt-driven development) accelerates software creation but demands greater upfront clarity on goals and architecture. 6. Code Review is the New Bottleneck: With AI increasing volume, projects must scale up review mechanisms—not just code gen. 7. Open Source vs “Open” AI: The term “open source” is misused in the LLM world—many projects share weights but not data, training methods, or full model transparency. 8. Licensing Complexity: Existing licenses were built for source code, not for models, weights, or datasets. There’s growing consensus that new definitions and licenses (beyond Apache 2.0, GPL) are needed for open models. 9. Wrap up & Advice to Security & Engineering Leaders

    41 min
  6. Product Security challenges and implementation recommendations. Discussion with Yisehak Lemma (Former CISO @ Instructure)

    07/02/2025

    Product Security challenges and implementation recommendations. Discussion with Yisehak Lemma (Former CISO @ Instructure)

    This is an interview with Yisehak Lemma (Former Chief Information Security and Privacy Officer at Instructure). In this episode, we talk about the implementation of Product Security. Key Discussion Topics : - Cybersecurity journey of Yisehak Lemma - Moving from Reactive to Proactive approach - Security throughout the product lifecycle - Intersection of cybersecurity and AI - Wrap up and Recommendations

    40 min
  7. GenAI use-cases & Implications to Product Security. Discussion with Dr. RajKiran Panuganti (Head of GenAI @ Ola Krutrim)

    06/23/2025

    GenAI use-cases & Implications to Product Security. Discussion with Dr. RajKiran Panuganti (Head of GenAI @ Ola Krutrim)

    What are the AI and Agentic use-cases and the impact of GenAI on cyber security. This is a video featuring Dr. Rajkiran Panuganti (Head of GenAI @ Ola Krutrim) Dr. Panuganti's career spanned Microsoft and Google. He was also the co-founder and CTO of AI Technologies Inc. He also has a bi-weekly newsletter called 'My Thoughts on LLM' where he talks about the latest trends in the LLM world. This conversation focuses on : - Rapidly evolving landscape of AI agents. - Practical insights on building secure & effective AI systems. - Interesting agentic use cases. - Architectural & security considerations for developers.

    38 min
  8. Product Security and Its Use-cases. Discussion with Ankush Chowdhary (CISO @ HPE)

    05/15/2025

    Product Security and Its Use-cases. Discussion with Ankush Chowdhary (CISO @ HPE)

    Listen to this podcast interview with Ankush Chowdhary (VP, CISO @ HPE). https://www.linkedin.com/in/ankushchowdhary/ Ankush takes us through his experiences in cybersecurity, talks about the product security challenges in the AI era, product security use-cases, and also how enterprises should think about their product security journey. References: Book by Ankush: https://www.amazon.com/Official-Certified-Professional-Security-Engineer/dp/1835468861/ref=sr_1_1 Blog on AI Civil war: https://www.linkedin.com/pulse/ai-civil-war-uninsured-risk-autonomous-model-conflict-chowdhary-jffgc Contacts: Pratik Roychowdhury: https://www.linkedin.com/in/proychowdhury/ Chiradeep Vittal : https://www.linkedin.com/in/chiradeepvittal/

    26 min
  9. What is Product Security ? Discussion with Sameer Sait (Ex-CISO @ Amazon - Whole Foods Market)

    04/21/2025

    What is Product Security ? Discussion with Sameer Sait (Ex-CISO @ Amazon - Whole Foods Market)

    In today's episode, Sameer Sait (https://www.linkedin.com/in/sameersait/) talks about the evolving security landscape. - What is product security? - What are the challenges of product security? - How does ProdSec differ from application security? - How to use agentic approaches and AI for product security? - Where does the ProdSec budget come from? - Some of the practical strategies and implementations of ProdSec for organizations.

    27 min
  • 9 Episodes

Ratings & Reviews

5
out of 5
3 Ratings

About

This is a podcast on Product security. On ProdSec Decoded, we'll be having candid conversations with the brightest minds who are navigating the complex landscape of securing products in a world increasingly powered by AI.

Information

  • Creator
    Pratik Roychowdhury & Chiradeep Vittal
  • Years Active
    2K
  • Episodes
    9