Interview with Tech Bytes on AppSec & DevSecOps

Team Wabbi

February 15, 2024

Click the link below to listen to Tech Bytes’ interview with Wabbi’s Founder & CEO, Brittany Greenfield. She talks with host, Dan Hafner about AppSec and DevSecOps.

This interview originally appeared on Spotify for Podcasters – Tech Bytes

About the session 

This session is a podcast episode where guest, Brittany Greenfield, discusses the importance of integrating security into software development with host, Dan Hafner. They delve into the challenges of cybersecurity, the role of artificial intelligence (AI), and the services offered by Brittany’s platform, Wabbi. 

Key speakers 

  • Dan Hafner, Host 
  • Brittany Greenfield, Founder and CEO of Wabbi 

Agenda 

  • Introduction by Dan Hafner 
  • Discussion on the importance of integrating security into software development 
  • Introduction to Brittany Greenfield and her platform, Wabbi 
  • Discussion on the challenges and potential solutions in cybersecurity 
  • Discussion on the impact and potential risks of AI in cybersecurity 
  • Conclusion and final thoughts 

Takeaways 

Takeaway 1: Security should be a core part of software development 

In the increasingly digitized world, application security is a crucial part of any organization’s cyber strategy. According to Brittany Greenfield, 9 out of 10 breaches begin due to defects in code. The conversation emphasized the importance of building security measures into the software development life cycle from the start. 

Greenfield explains, “You can’t really have a robust cybersecurity program if you’re only relying on perimeter security because that’s the point when you get breached. Application security is saying, let’s build this more securely.” She further adds, “We don’t build a house, tell everybody to move in and say don’t worry, we’ll check and see if it’s safe later.” 

The discussion highlighted the need to prioritize vulnerabilities – not every issue can be fixed, but it’s about identifying what must be fixed now, what can be fixed later, and what just needs to be monitored in case the risk profile changes. 

Takeaway 2: AI and cybersecurity: Opportunities and challenges 

Artificial Intelligence (AI) is making its mark in the cybersecurity landscape. While AI can be a force multiplier, helping to manage large data sets and automating processes, it also presents new challenges in the form of sophisticated fraud and the potential for increased vulnerabilities. 

Greenfield observes, “AI and cybersecurity is nothing new because of the large data sets that cyber has always generated, it’s always been a really fertile testing ground for AI.” She further adds, “AI can really help…it’s really going to be a force multiplier in the cybersecurity industry to say, hey, you know, it’s what we were just talking about some of what we do, right?” 

However, she warns of the dangers of AI, stating, “It’s easier for AI to make a fake Dan, whether it’s your voice or your picture…before somebody can catch it.” She suggests companies should manage AI with caution and common sense. 

Takeaway 3: The importance of risk management in software development 

In the realm of software development, risk management is paramount. Greenfield stresses the importance of considering an organization’s unique risk profile rather than assuming that a vendor’s security measures will suffice. She also highlights the often-overlooked human component of security. 

Greenfield states, “Do not assume that your risk profile is the same as your neighbors and that’s really what it is.” She further explains, “This could all happen overnight, right…You could argue that maybe I don’t haven’t watched it yet because I know too, too closely how this could happen.” 

Greenfield’s discussion offers a reminder that while technology continues to evolve rapidly, the human element remains a critical factor in managing and mitigating security risks. 

Insights surfaced 

  • It’s crucial to include security in software development, as 9 out of 10 breaches begin due to defects in code. 
  • Developers need to understand the importance of security and prioritize fixing vulnerabilities in their code. 
  • Wabbi is a cybersecurity SaaS platform that translates security from development and vice versa, providing a platform for two parties that wouldn’t meet otherwise to connect. 
  • AI is both a potential risk and a helper in cybersecurity. It can make social engineering easier, but it can also help manage the large data sets generated in cybersecurity. 
  • The rapid evolution of technology is leading to a world where art imitates life, and vice versa, especially in the realm of cybersecurity. 

Key quotes 

  • “We don’t build a house, tell everybody to move in and say don’t worry, we’ll check and see if it’s safe later. None of us would go into a building if we did that.” 
  • “We translate security from development and development back into security.” 
  • “The Japanese concept of wabi-sabi says let us accept the imperfection in things as a step towards enlightenment.” 
  • “The industry has accepted that you can really only fix about 5% of vulnerabilities that you have in a given month.” 
  • “AI and cybersecurity is nothing new because of that, The large data sets that cyber has always generated, it’s always been a really fertile testing ground for AI.” 
  • “It’s not that you have to build perfect security, but you know, this is also why you’re more likely actually to see a small business attack. That’s where most of the breaches and payouts come from, because they know that they let their guard down.” 

Find out how you can bridge the gap between security and development once and for all. 

Related Articles

Application Security Posture Management for Developers

Application Security Posture Management for Developers

Why Application Security Matters to Me: Evaluating Application Security Posture Management (ASPM) for Developers   In today’s digital landscape, where cyber threats are constantly evolving, organizations must prioritize their cybersecurity measures to protect their...

Application Security Posture Management for AppSec Managers

Application Security Posture Management for AppSec Managers

Why Application Security Matters to Me: Evaluating Application Security Posture Management (ASPM) for AppSec Managers   In today’s digital landscape, where cyber threats are constantly evolving, organizations must prioritize their cybersecurity measures to protect...

The Imperfect Code – Rethinking Application Security

The Imperfect Code – Rethinking Application Security

Brittany Greenfield, Founder & CEO of Wabbi, joins host, Christian Hammer, on his podcast TechTastic. The discussion explores the evolving landscape of application security, highlighting its transition from a narrow focus to a broad, integral aspect of all...

The Entrepreneurial Spirit in Cybersecurity

The Entrepreneurial Spirit in Cybersecurity

Brittany Greenfield, Founder & CEO of Wabbi, joins The CTO Show with Mehmet host Mehmet to discuss the evolving challenges of cybersecurity in software development. Brittany shares her journey into the cybersecurity domain, revealing how Wabbi is pioneering the...

Application Security Posture Management for VP of Engineering

Application Security Posture Management for VP of Engineering

Why Application Security Matters to Me:Evaluating Application Security Posture Management (ASPM) for VPs of Engineering In today’s digital landscape, where cyber threats are constantly evolving, organizations must prioritize their cybersecurity measures to protect...

Wabbi Founder & CEO, Brittany Greenfield, Named 40 under 40

Wabbi Founder & CEO, Brittany Greenfield, Named 40 under 40

BOSTON, MA, USA / August 16, 2023  Brittany Greenfield, CEO & Founder of Wabbi, the leading ASPM platform, has been named to Boston Business Journal's prestigious 40 Under 40 list for 2024. This annual award honors 40 outstanding professionals under the age of 40...

Wabbi Named in Three Gartner® Reports as ASPM Sample Vendor

Wabbi Named in Three Gartner® Reports as ASPM Sample Vendor

BOSTON, MA, USA / August 1, 2023 For more information on Wabbi's Application Security Posture Management platform, visit https://www.wabbisoft.com. Wabbi, a leading provider of Application Security Posture Management (ASPM) solutions, is pleased to announce that it...

Wabbi Unlocks the Secret to Enterprise Secrets Management

Wabbi Unlocks the Secret to Enterprise Secrets Management

Wabbi unveils new Secrets Mangement solution as part of their leading application security posture management and orchestration platform. BOSTON, MA, USA / May 17, 2023 /Originally Published at EINPresswire.com Today, Wabbi, a leader in Application Security Posture...

Application Security Posture Management for VP of Engineering

Application Security Posture Management for VP of Engineering

Why Application Security Matters to Me:Evaluating Application Security Posture Management (ASPM) for VPs of Engineering In today’s digital landscape, where cyber threats are constantly evolving, organizations must prioritize their cybersecurity measures to protect...

Application Security Posture Management for CISOs

Application Security Posture Management for CISOs

Why Application Security Matters to Me: Evaluating Application Security Posture Management (ASPM) for CISOs   In today's digital landscape, where cyber threats are constantly evolving, organizations must prioritize their cybersecurity measures to protect their...

What is Continuous Security and Why is it Important?

What is Continuous Security and Why is it Important?

What is Continuous Security And Why Is It Important? Executives across every industry and company size have made cyber-security a top priority. This has not just driven the adoption of new technologies, but created an overall mindset shift to proactive cybersecurity -...

From ASOC to ASPM: Evolving from AppSec Monitoring to Observability

From ASOC to ASPM: Evolving from AppSec Monitoring to Observability

Application Security Posture Management (ASPM) ASPM is the practice of monitoring and managing an organization’s application security program in response to internal and external signals as an integrated part of the software development lifecycle (SDLC).  Application...

2024: The Year of the ASPM Revolution

2024: The Year of the ASPM Revolution

2023 solidified Wabbi’s position as not just a trailblazer, but a leader in the ASPM domain, as we continued to deliver on our mission to simplify the integration of security into the software development lifecycle so organizations can realize the promise of...

What is Application Security Orchestration & Correlation?

What is Application Security Orchestration & Correlation?

What is Application Security Orchestration & Correlation (ASOC)? Application Security Orchestration & Correlation is the use of automation to manage components of an application security program in response to a pre-defined workflows to enable integration into...

What is Risk-Based Vulnerability Management?

What is Risk-Based Vulnerability Management?

Risk-Based Vulnerability Management (RBVM) is a security strategy that aligns the risk profile of an organization with its remediation efforts in application security. It is designed to ensure that an organization's resources are utilized efficiently and effectively...

What is Vulnerability Management?

What is Vulnerability Management?

What is Vulnerability Management? Vulnerability management is the traditional core of an Application Security strategy. It is not just enough to scan, you have to aggregate and prioritize the results. As 2/3 of organizations use at least 11-20 application security...

ASPM 102: Application Security Posture Management Maturity Model

ASPM 102: Application Security Posture Management Maturity Model

Now that you understand Application Security Posture Management is the backbone of any application security and DevSecOps program, it’s time to start to build your deployment strategy. Don’t worry – you don’t have to boil the ocean to start to see the hard ROI in 1-3...

0 Comments

0 Comments