CSCP S02E011 - Clint Gibler - Appsec Community Conferences and resources
In this episode, we have the pleasure to talk with a friend and an inspiration. Clint is one of the nicest and most knowledgeable person I had the pleasure to chat. This concludes...for now...the series on Appsec.
Clint is a seasoned appsec and with his role in NCC Group and the collaboration in silicon valley has explored numerous subject. We met in Appsec Cali where Clint has given an amazing talk on all the tools (you can see the link below).
The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience. NSC42 Ltd can help you during your cloud transformation, cybersecurity assessment for your compliance checklist on-premises and on the cloud. Want to know more? Visit www.nsc42.co.uk to get your free quote.
Clint Gibler (@clintgibler) is the Head of Security Research for r2c, a small startup working on giving security tools directly to developers. Previously, Clint was a Research Director at NCC Group, a global security consulting firm, where he helped companies implement security automation and DevSecOps best practices as well as performed penetration tests for companies ranging from large enterprises to new startups. Clint has previously spoken at conferences including BlackHat USA, AppSec USA/EU/Cali, BSidesSF, and DevSecCon Seattle/London/Tel Aviv/Singapore. Clint holds a Ph.D. in Computer Science from the University of California, Davis. Want to keep up with security research? Check out *tl;dr sec*, Clint's newsletter that contains summaries of artisanally curated, top talks and useful security links and resources from around the web. https://tldrsec.com/
Francesco is a Public Speaker, out of the box thinker. Francesco is a passionate advocate for security in development and has pushed for more involvement of dev. Francesco is also a keen passionate of Cloud security. Francesco is the Executive director of NSC42 Ltd a UK based cybersecurity consultancy. As an executive, he loves to stay close to the technology but to keep it simple. Francesco is data and result-driven Cyber Security Executive/vCISO highly regarded for planning and executing strategic infosec improvement programs that protect data and technical assets, reduce security risks, and align with long-term organisational goals. Francesco is a keynote speaker, Head of the Cloud security alliance UK, and Director of the cybersecurity consultancy NSC42Shows Links:
Here are some of the links I referenced, for ease of inclusion in the show notes:
* My BSidesSF slides: https://docs.google.com/presentation/d/1lfEvXtw5RTj3JmXwSQDXy8or87_BHrFbo1ZtQQlHbq0/edit (updated version of the AppSec Cali talk)
* See slide 153 for more links/details about scaling threat modelling
* What I Learned Watching All 44 AppSec Cali 2019 Talks: - mega summary blog post - https://tldrsec.com/blog/appsec-cali-2019/
* Lessons Learned from the DevSecOps Trenches - some good DevSecOps tips - https://tldrsec.com/blog/appsec-cali-2019-lessons-learned-from-the-devsecops-trenches/
* https://github.com/returntocorp/semgrep - the lightweight static analysis tool I was talking about
* My new company: https://r2c.dev/
* So people can connect after
It is Free