EP111 How to Solve the Mystery of Application Security in the Cloud?

Topics covered:

• What got you interested in security and motivated you to make this your area of focus? You came from a developer background, right?
• Occasionally we hear the sentiment that “developers don’t care about security,” how would you counter it (and would you?)?
• How do we encourage developers and operations to use the appropriate security controls and settings in the cloud? Is “encourage” the right word?
• Can we really achieve “secure by default” but for developers?
• What do you think are the main application security issues that developers need to deal with in the cloud? 
• You mentioned software supply chain security, do you treat this as a part of application security? How important is this, realistically, for an average organization and its developers?
• Going to our favorite subject of threat detection, how do you think we can better encourage developers to supply the logs necessary for our detection and response teams to act upon?