Sign up to save your podcasts
Or
Share AppSec: Engineering, Attackers, and Defense
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
AppSec: Engineering, Attackers, and Defense
Send us a text
Episode Summary
In today’s episode, AppSec CTO at Palo Alto Networks, Daniel Krivelevich, joins Matt to talk about AppSec for the modern engineering ecosystem. Daniel is a Cybersecurity expert and problem solver with a proven track record from working with numerous enterprises across several different industries, with a focus on Application and Cloud Security. He has served in the Intelligence Corps of the IDF, 8200, as a Security Specialist at LivePerson, and as the Cloud & Application Security Lead at Sygnia. He is also the Co-Founder of Cider Security, which was acquired by Palo Alto Networks in December 2022.
Today, Daniel talks about how his views have been shaped by his experience on both sides of the equation, the rapid pace of software development, and the role of codification. Why is visibility such a vital part of mitigating threats? Hear about the changing role of security, the struggle with maintaining cybersecurity 101, and Daniel’s recommended sources to stay up to date.
Timestamp Segments
· [02:43] How Daniel’s experiences have shaped his AppSec views.
· [09:27] The software engineering paradigm shift.
· [12:24] The role of security.
· [16:42] Is it realistic for security to keep up with software development?
· [20:27] How the engineers’ freedom of choice impacts security.
· [26:14] The role of codification to reduce the attack surface.
· [30:21] Tools as targets.
· [34:47] How to mitigate threats of the increasingly complex ecosystems.
· [39:21] What’s next?
· [44:40] The struggle with cybersecurity 101.
· [47:03] How Daniel stays sharp.
Notable Quotes
· “The attacks that abuse the engineering ecosystem, they’re not theory anymore.”
· “The challenge is helping defenders focus on what matters.”
· “Attackers always choose the path of least resistance.”
· “Once you have that visibility, you are usually capable of significantly reducing your attack surface.”
· “It’s not the zero days that are what’s leading.”
Relevant Links
Website: www.paloaltonetworks.com.
LinkedIn: Daniel Krivelevich.
Resources:
AppSec for the Modern Engineering Ecosystem.
The future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
View all episodes
By Matthew Chiodi
4.9
1515 ratings
Send us a text
Episode Summary
In today’s episode, AppSec CTO at Palo Alto Networks, Daniel Krivelevich, joins Matt to talk about AppSec for the modern engineering ecosystem. Daniel is a Cybersecurity expert and problem solver with a proven track record from working with numerous enterprises across several different industries, with a focus on Application and Cloud Security. He has served in the Intelligence Corps of the IDF, 8200, as a Security Specialist at LivePerson, and as the Cloud & Application Security Lead at Sygnia. He is also the Co-Founder of Cider Security, which was acquired by Palo Alto Networks in December 2022.
Today, Daniel talks about how his views have been shaped by his experience on both sides of the equation, the rapid pace of software development, and the role of codification. Why is visibility such a vital part of mitigating threats? Hear about the changing role of security, the struggle with maintaining cybersecurity 101, and Daniel’s recommended sources to stay up to date.
Timestamp Segments
· [02:43] How Daniel’s experiences have shaped his AppSec views.
· [09:27] The software engineering paradigm shift.
· [12:24] The role of security.
· [16:42] Is it realistic for security to keep up with software development?
· [20:27] How the engineers’ freedom of choice impacts security.
· [26:14] The role of codification to reduce the attack surface.
· [30:21] Tools as targets.
· [34:47] How to mitigate threats of the increasingly complex ecosystems.
· [39:21] What’s next?
· [44:40] The struggle with cybersecurity 101.
· [47:03] How Daniel stays sharp.
Notable Quotes
· “The attacks that abuse the engineering ecosystem, they’re not theory anymore.”
· “The challenge is helping defenders focus on what matters.”
· “Attackers always choose the path of least resistance.”
· “Once you have that visibility, you are usually capable of significantly reducing your attack surface.”
· “It’s not the zero days that are what’s leading.”
Relevant Links
Website: www.paloaltonetworks.com.
LinkedIn: Daniel Krivelevich.
Resources:
AppSec for the Modern Engineering Ecosystem.
The future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
More shows like Cloud Security Today
View all
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
638 Listeners
CyberWire Daily
1,016 Listeners
Cybersecurity Today
175 Listeners
CISO Series Podcast
188 Listeners
Cloud Security Podcast
57 Listeners
Cyber Security Headlines
134 Listeners
Cloud Security Podcast by Google
40 Listeners