Beyond Coding Episode #144

Quality Code, Safer World: Rethinking Security in Software Development with Jelle Niemantsverdriet

Xebia Wave Long Background

Description

Jelle Niemantsverdriet joins us in this episode to discuss how the mindset around security is evolving, both from organisations and from professionals. My favourite takeaway is that security is on the same path as testing and becoming part of quality in software development. 

Youtube

Full episode on YouTube ▶️

https://youtu.be/A7DS1KCw6dY

Beyond Coding Podcast with ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠🎙Patrick Akil⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

Powered by ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Xebia⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠!⁠⁠⁠⁠⁠⁠⁠⁠⁠!

Guest

Connect with Jelle Niemantsverdriet:

https://www.linkedin.com/in/jelleniemantsverdriet 

https://twitter.com/jelle_n 

References

Digital Defense Report – https://www.microsoft.com/nl-nl/security/security-insider/microsoft-digital-defense-report-2023 

Data Breach Investigations Report (DBIR) – https://www.verizon.com/business/resources/reports/dbir/?CMP=OOH_SMB_OTH_22222_MC_20200501_NA_NM20200079_00001

Sidney Dekker – https://sidneydekker.com 

Kelly Shortridge – https://kellyshortridge.com/blog/

Chaos Engineering – https://www.securitychaoseng.com

Outline

00:00:00 – Intro

00:00:25 – Security is a matter of software quality

00:02:19 – Security way of working

00:04:37 – Professional pride

00:06:53 – Layers of defense, or excuse?

00:09:05 – The industrial revolution in IT

00:10:48 – Security as speciality

00:13:18 – Collaborating with the security department

00:14:29 – Building bridges

00:16:22 – Willingness to listen

00:19:29 – Scenario analysis workshops

00:21:01 – Unpredictable human behaviour

00:23:21 – Seemless and friction in security solutions

00:25:28 – Instant cake

00:26:38 – Red, blue and purple teaming

00:28:34 – Exploring the boundaries in AI

00:31:38 – Gamified security

00:32:46 – With risk comes reward

00:36:17 – Security costs vs. benefit

00:38:49 – Frequent password changes

00:41:20 – Verizon Data Breach Investigations Report

00:43:55 – Sidney Dekker – Human error doesn't exist

00:46:23 – Kelly Shortridge – Sensemaking

00:47:14 – Sharing knowledge around security