‹ All episodes

Hashtag Realtalk with Aaron Bregg

Episode 79 - Rethinking Your Secure Software Development Lifecycle Strategy

March 08, 2023 Aaron Bregg Season 5 Episode 4
Episode 79 - Rethinking Your Secure Software Development Lifecycle Strategy
Hashtag Realtalk with Aaron Bregg
More Info
Hashtag Realtalk with Aaron Bregg
Episode 79 - Rethinking Your Secure Software Development Lifecycle Strategy
Mar 08, 2023 Season 5 Episode 4
Aaron Bregg

In this episode I get a chance to talk with Liav Caspi about rethinking how you do your Secure Software Development Lifecycle. Liav is one of the co-founders of Legit Security and got his start in the Israel Intelligence (Unit 800) scene many years ago. He and his other co-founders worked for a well known Static Application Security Testing (SAST) company I know very well. They then branched off a few years back to form what is now called Legit Security.

Talking Points

  • Why your current Secure Software Development Lifecycle process needs to change
  • What is Secure Software Development Management?
  • What about Securing Infrastructure as Code?
  • Application Security Management is more than just looking at Open Source libraries a development team uses (looking at your entire development ecosystem)
  • What do you need to do to get to a 'Golden Pipeline'?

Additionally, I asked him his thoughts about a recent conversation that Jim Kuiphof and I had on the topic and how it needs to move into more of a Secure Software Development Management (SSDM) strategy.

Episode Sponsor:

This episode was sponsored by Legit Security. Legit Security is a Secure Software Development Lifecycle solution based out of Israel. Proceeds from this sponsorship will be going toward our last planned donation to the Autism Support of Kent County Michigan.

Apple Podcasts Spotify Amazon Music Overcast iHeartRadio Castro +
Show Notes

In this episode I get a chance to talk with Liav Caspi about rethinking how you do your Secure Software Development Lifecycle. Liav is one of the co-founders of Legit Security and got his start in the Israel Intelligence (Unit 800) scene many years ago. He and his other co-founders worked for a well known Static Application Security Testing (SAST) company I know very well. They then branched off a few years back to form what is now called Legit Security.

Talking Points

  • Why your current Secure Software Development Lifecycle process needs to change
  • What is Secure Software Development Management?
  • What about Securing Infrastructure as Code?
  • Application Security Management is more than just looking at Open Source libraries a development team uses (looking at your entire development ecosystem)
  • What do you need to do to get to a 'Golden Pipeline'?

Additionally, I asked him his thoughts about a recent conversation that Jim Kuiphof and I had on the topic and how it needs to move into more of a Secure Software Development Management (SSDM) strategy.

Episode Sponsor:

This episode was sponsored by Legit Security. Legit Security is a Secure Software Development Lifecycle solution based out of Israel. Proceeds from this sponsorship will be going toward our last planned donation to the Autism Support of Kent County Michigan.