In this episode of Semaphore Uncut, Justin Cormack, Senior Security Engineer at Docker and member of the Technical Oversight Committee at CNCF, shares insights from the security industry. We talk about why it’s important to think about what could go wrong when building software, how hackers are now exploiting vulnerabilities before shipping your code to production, and what companies can really do and use to secure their products.

Key takeaways:

• Security – a matter of software quality
• The threat modeling practice – understanding the potential security threats
• Using the experience of experts
• Supply-chain security
• Security integration into CI/CD pipelines
• Important vs. overhyped practices in the security industry

About Semaphore Uncut
In each episode of Semaphore Uncut, we invite software industry professionals to discuss the impact they are making and what excites them about the emerging technologies.