logo
episode-header-image
Mar 2025
46m 8s

StackHawk and Shift-Left API Security wi...

Software Engineering Daily
About this episode

APIs are a fundamental part of modern software systems and enable communication between services, applications, and third-party integrations. However, their openness and accessibility also make them a prime target for security threats, and this makes APIs a growing focus on software teams.

StackHawk is a company that scans and monitors source code to obtain the full scope of an organization’s APIs and applications, and runs tests to identify vulnerabilities and address them pre-production.

Scott Gerlach is the Co-Founder and Chief Security Officer at StackHawk and previously worked at SendGrid and GoDaddy. He has an extensive background running security operations and engineering and, in this episode, he joins the show to talk about the challenges around API security and leading-edge strategies to address them.

Full Disclosure: This episode is sponsored by 10kMedia (StackHawk).

Gregor Vand is a security-focused technologist, and is the founder and CTO of Mailpass. Previously, Gregor was a CTO across cybersecurity, cyber insurance and general software engineering companies. He has been based in Asia Pacific for almost a decade and can be found via his profile at vand.hk.

 

Please click here to see the transcript of this episode.

Sponsorship inquiries: sponsor@softwareengineeringdaily.com

 

The post StackHawk and Shift-Left API Security with Scott Gerlach appeared first on Software Engineering Daily.

Up next
Today
MCP Security at Wiz with Rami McCarthy
Wiz is a cloud security platform that helps organizations identify and remediate risks across their cloud environments. The company’s platform scans layers of the cloud stack, including virtual machines, containers, and serverless configurations, to detect vulnerabilities and mis ... Show More
54m 7s
Jul 8
SED News: Data Land Grabs, Copyright Fights, and the Great AI Talent War
Welcome back to SED News, a podcast series from Software Engineering Daily where hosts Gregor Vand and Sean Falconer break down the latest stories in software engineering, Silicon Valley, and the wider tech industry. In this episode, Gregor and Sean dig into Meta’s legal battle o ... Show More
46m 15s
Jul 3
AI at Anaconda with Greg Jennings
Anaconda is a software company that’s well-known for its solutions for managing packages, environments, and security in large-scale data workflows. The company has played a major role in making Python-based data science more accessible, efficient, and scalable. Anaconda has also ... Show More
49m 29s
Recommended Episodes
Oct 2024
Navigating NIST CSF 2.0: Guide to Frameworks and Governance
In this episode, we sat down with Lukasz Gogolkiewicz, an Australia-based Cybersecurity Leader and former pentester, to explore his journey from offensive security into cybersecurity leadership. Lukasz, also a speaker coach at BlackHat USA, brings valuable insights into what it t ... Show More
36m 29s
Apr 2024
The role of Real Time Defense in Cloud Security
In this episode from KubeCon Paris 2024, we spoke to Loris Degioanni, Co-Founder and CTO of Sysdig about Open Source Project, Falco that celebrated its graduation this year at KubeconEU, Loris shared with us this proud moment and journey from writing the 1st lines of code to its ... Show More
21m 35s
May 24
From English Literature to Cybersecurity: A Journey Through Blockchain and Security
LINKS: https://distrust.co/software.html - Software page with OSS software Linux distro: https://codeberg.org/stagex/stagex Milksad vulnerability: https://milksad.info/ In this episode of Cybersecurity Today on the Weekend, host Jim Love engages in a captivating discussion with A ... Show More
54m 36s
Aug 2024
Securing SMBs Serving Defense Industrial Base and U.S. Critical Infrastructure
In this episode, Chris Petersen, Co-Founder and CEO of RADICL, and I discuss the challenges of securing the small and medium-sized businesses (SMBs) that serve the United States defense industrial base (DIB) and critical infrastructure. These SMBs play a significant role in suppo ... Show More
40m 59s
Aug 2024
From screen share to spyware.
Threat actors use a malicious Pidgin plugin to deliver malware. The BlackByte ransomware group is exploiting a recently patched VMware ESXi  vulnerability. The State Department offers a $2.5 million reward for a major malware distributor. A Swiss industrial manufacturer suffers a ... Show More
33m 35s
Nov 2024
151: Chris Rock
Chris Rock is known for being a security researcher. But he’s also a black hat incident responder. He tells us about a job he did in the middle east.https://x.com/chrisrockhackerSponsorsSupport for this show comes from Varonis. Do you wonder what your company’s ransomware blast r ... Show More
57m 57s
Apr 26
Understanding SaaS Security: Insights, Challenges, and Best Practices
In this episode of Cybersecurity Today, host Jim Love delves into the topic of SaaS (Software as a Service) security. Sharing his early experiences promoting SaaS, Jim elaborates on its inevitable rise due to cost-effectiveness and shared development resources. The episode highli ... Show More
38m 5s
Apr 23
Cybersecurity Today: Virtual Employees, AI Security Agents, and CVE Program Updates
In this episode of 'Cybersecurity Today,' host Jim Love discusses various pressing topics in the realm of cybersecurity. Highlights include Anthropic's prediction on AI-powered virtual employees and their potential security risks, Microsoft’s introduction of AI security agents to ... Show More
7m 47s
Sep 2024
#685: [Beyond the API] Colm MacCárthaigh
In this conversation, Simon Elisha interviews Colm MacCárthaigh, Vice President and Distinguished Engineer at AWS, about his background in technology and his work at Amazon. They discuss topics such as Colm's first computer, his role in building the European sovereign cloud, and ... Show More
1h 3m
Oct 2024
Balancing Security with Usability in Cybersecurity
In this episode of Threat Vector, host David Moulton talks with guest speaker Brian Wrozek, Forrester Principal Analyst in Security & Risk, about the complexities of aligning security strategies across global teams. Brian draws on his extensive experience in cybersecurity, operat ... Show More
41m 41s
Listen to millions of songs and podcasts on Anghami