In this episode, we sit down with Brittany Greenfield, a seasoned entrepreneur in the software supply chain security vulnerability space. The discussion explores the evolving landscape of application security, highlighting its transition from a narrow focus to a broad, integral aspect of all security measures. Greenfield shares insights into the challenges and misconceptions surrounding DevSecOps, the crucial role of bridging the communication gap between security and development teams, and the importance of embracing software imperfections as a step towards better security practices.

Links mentioned in this episode:

(0:00) Introduction and welcome to Brittany Greenfield

(1:36) Misconceptions in the shift left approach in AppSec

(3:32) The concept of Wabbi and application in security

(6:21) Automating code writing for security patches

(9:27) Prioritization in fixing vulnerabilities

(12:11) Complexity of the tech space and its impact on non-tech people

(14:37) The iceberg problem: Enforcing development and security regulations

(16:15) Balancing short term and long term risks in tech security

(17:34) Bridging the gap between security and development

(18:33) Sponsor: Vala AI, the solution to tech challenges.