"We need Security to become part of the Software Engineering team" - With Keith Hoodlet (@securingdev)

In this episode, we catch up with Keith Hoodlet (@securingdev) Senior Manager, Application Experience at Thermo Fisher Scientific.

Keith has a strong background in application security and is the former host for 55 episodes on the Application Security Weekly podcast. I saw a tweet by Keith and wanted to dig deeper in that. The tweet was responding to Dino Dai Zovi who said "Security" as a single dimension of expertise increasingly makes no sense. Saying that you are a "security expert" is like saying you are a "computer expert." Computing is a part of everything we do and we don't isolate expertise on all of it within the "computers team.", Keith said "Agreed; in the same way that Ops became part of the Software Engineering team, we need Security to become part of the Software Engineering team.

This is why I say that Security is a Feature, because features are: - Funded - Have time allocated to them - Are tested and maintained"

We also walk through Keith's journey into the industry and also share advice to companies looking to mature their Application Security and DevSecOps.

You can watch Keith's keynote talk at OWASP AppSec Day Melbourne 2018

https://www.youtube.com/watch?v=QT_omddhJzo&list=PLPvxR0i93gjQjrIJK0PdMdFkUbnHhRBRN&index=2&t=0s

‍