Ep 13 — Daniel Harvey: How to Shift from Application Security to Product Security

The pace of software development has increased dramatically over the past ten years and the traditional approach to application security has struggled to keep up. With modern development going from code to cloud within hours, manual security checks and  code reviews run the risk of slowing down releases and creating more tension between developers and security teams.  To reduce this friction, organizations are shifting from the traditional application security approach to a more modern approach where security policies and controls are embedded in developer w...

The pace of software development has increased dramatically over the past ten years and the traditional approach to application security has struggled to keep up. With modern development going from code to cloud within hours, manual security checks and  code reviews run the risk of slowing down releases and creating more tension between developers and security teams. 

To reduce this friction, organizations are shifting from the traditional application security approach to a more modern approach where security policies and controls are embedded in developer workflows. 

To learn more about this shift, in today’s episode of the Future of Application Security, Harshil speaks to Daniel Harvey, an industry veteran with more than 13 years in AppSec. Most recently, Daniel was the Director of Product Security at InVision. Prior to InVision, Daniel worked on AppSec teams at organizations including Clayton Homes, Citi, Elavon, and Discovery. 

Topics Discussed: 

• Daniel’s shift from application security to product security 
• The importance of building default security features within a product 
• How to make product security a business enabler 
• The key changes in the application security landscape
• How to build the relationship between security and development and how to find balance in collaboration
• The need to map and tie code ownership to identity management systems