The Changelog: Software Development, Open Source

Lessons from 5 years of startup code audits (Interview)

Listen Later

Adam and Jerod are joined by Ken Kantzer, co-founder of PKC Security. Ken and his team performed upwards of 20 code audits on well-funded startups. Now that it’s 7 or 8 years later, he wrote up 16 surprising observations and things he learned looking back at the experience. We gotta discuss ’em all!

Join the discussion

Changelog++ members save 6 minutes on this episode because they made the ads disappear. Join today!

Sponsors:

  • SentryWorking code means happy customers. That’s exactly why teams choose Sentry. From error tracking to performance monitoring, Sentry helps teams see what actually matters, resolve problems quicker, and learn continuously about their applications - from the frontend to the backend. Use the code CHANGELOG and get the team plan free for three months.
  • InfluxDataThe time series platform for building and operating time series applications — InfluxDB empowers developers to build IoT, analytics, and monitoring software. It’s purpose-built to handle massive volumes and countless sources of time-stamped data produced by sensors, applications, and infrastructure. Learn more at influxdata.com/changelog
  • HoneycombGuess less, know more. When production is running slow, it’s hard to know where problems originate: is it your application code, users, or the underlying systems? With Honeycomb you get a fast, unified, and clear understanding of the one thing driving your business: production. Join the swarm and try Honeycomb free today at honeycomb.io/changelog
  • SourcegraphTransform your code into a queryable database to create customizable visual dashboards in seconds. Sourcegraph recently launched Code Insights — now you can track what really matters to you and your team in your codebase. See how other teams are using this awesome feature at about.sourcegraph.com/code-insights

    • Featuring:

    • Ken Kantzer – Website, GitHub, X
    • Adam Stacoviak – Website, GitHub, LinkedIn, Mastodon, X
    • Jerod Santo – Website, GitHub, LinkedIn, Mastodon, X

    Show Notes:

    • Learnings from 5 years of tech startup code audits
    • Conway’s Law
    • Meltdown

      • Something missing or broken? PRs welcome!

      ...more
      View all episodesView all episodes
      Download on the App Store
      The Changelog: Software Development, Open SourceBy Changelog Media
      • 4.7
      • 4.7
      • 4.7
      • 4.7
      • 4.7

      4.7

      286 ratings

      More shows like The Changelog: Software Development, Open Source

      View all
      Software Engineering Radio - the podcast for professional software developers by team@se-radio.net (SE-Radio Team)

      Software Engineering Radio - the podcast for professional software developers

      273 Listeners

      Software Engineering Daily by Software Engineering Daily

      Software Engineering Daily

      626 Listeners

      LINUX Unplugged by Jupiter Broadcasting

      LINUX Unplugged

      275 Listeners

      Talk Python To Me by Michael Kennedy

      Talk Python To Me

      583 Listeners

      Soft Skills Engineering by Jamison Dance and Dave Smith

      Soft Skills Engineering

      287 Listeners

      Data Engineering Podcast by Tobias Macey

      Data Engineering Podcast

      149 Listeners

      Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

      Syntax - Tasty Web Development Treats

      985 Listeners

      REWORK by 37signals

      REWORK

      212 Listeners

      Practical AI by Practical AI LLC

      Practical AI

      212 Listeners

      AWS Podcast by Amazon Web Services

      AWS Podcast

      204 Listeners

      The Stack Overflow Podcast by The Stack Overflow Podcast

      The Stack Overflow Podcast

      63 Listeners

      The Real Python Podcast by Real Python

      The Real Python Podcast

      140 Listeners

      Big Technology Podcast by Alex Kantrowitz

      Big Technology Podcast

      512 Listeners

      Training Data by Sequoia Capital

      Training Data

      39 Listeners

      The Pragmatic Engineer by Gergely Orosz

      The Pragmatic Engineer

      77 Listeners