Sign up to save your podcasts
Or
Share Engineering Security: Bridging DevOps and AppSec with Jon-Anthoney de Boer
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Engineering Security: Bridging DevOps and AppSec with Jon-Anthoney de Boer
Episode Summary
This podcast uses the following third-party services for analysis:
Podtrac - https://analytics.podtrac.com/privacy-policy-gdrp
Spotify Ad Analytics - https://www.spotify.com/us/legal/ad-analytics-privacy-policy/
Jon-Anthoney de Boer is the Product Security Lead at Transmax, overseeing security for critical infrastructure that manages traffic flow across Australia. Coming from a strong software engineering background, Jon-Anthoney shares his experience transitioning from traditional engineering into product and application security. He highlights the importance of aligning software engineering and security teams, building trust into the software development lifecycle, and fostering a security culture based on practical strategy rather than superficial metrics. Jon-Anthoney also discusses how behavioural change, organisational alignment, and operational excellence are key to achieving effective, sustainable security outcomes.
Timestamps00:32 - Jon-Anthoney’s journey from electrical engineering to product security
05:08 - Transitioning from software craftsmanship to cybersecurity
09:30 - Why aligned incentives between engineering and security teams matter
12:22 - Goodhart's Law: pitfalls of security metrics
18:21 - Rethinking cybersecurity strategies beyond tools and compliance
25:12 - Building observability into the secure software development lifecycle
32:35 - Why executive support is crucial for security initiatives
38:34 - Operational excellence: removing waste from security processes
Mentioned in this episode:
Call for Feedback
This podcast uses the following third-party services for analysis:
Podtrac - https://analytics.podtrac.com/privacy-policy-gdrp
Spotify Ad Analytics - https://www.spotify.com/us/legal/ad-analytics-privacy-policy/
View all episodes
By Day OneEpisode Summary
This podcast uses the following third-party services for analysis:
Podtrac - https://analytics.podtrac.com/privacy-policy-gdrp
Spotify Ad Analytics - https://www.spotify.com/us/legal/ad-analytics-privacy-policy/
Jon-Anthoney de Boer is the Product Security Lead at Transmax, overseeing security for critical infrastructure that manages traffic flow across Australia. Coming from a strong software engineering background, Jon-Anthoney shares his experience transitioning from traditional engineering into product and application security. He highlights the importance of aligning software engineering and security teams, building trust into the software development lifecycle, and fostering a security culture based on practical strategy rather than superficial metrics. Jon-Anthoney also discusses how behavioural change, organisational alignment, and operational excellence are key to achieving effective, sustainable security outcomes.
Timestamps00:32 - Jon-Anthoney’s journey from electrical engineering to product security
05:08 - Transitioning from software craftsmanship to cybersecurity
09:30 - Why aligned incentives between engineering and security teams matter
12:22 - Goodhart's Law: pitfalls of security metrics
18:21 - Rethinking cybersecurity strategies beyond tools and compliance
25:12 - Building observability into the secure software development lifecycle
32:35 - Why executive support is crucial for security initiatives
38:34 - Operational excellence: removing waste from security processes
Mentioned in this episode:
Call for Feedback
This podcast uses the following third-party services for analysis:
Podtrac - https://analytics.podtrac.com/privacy-policy-gdrp
Spotify Ad Analytics - https://www.spotify.com/us/legal/ad-analytics-privacy-policy/