View More ASW Episodes

How Product-Led Security Leads to Paved Roads – Julia Knecht – ASW #341

A successful strategy in appsec is to build platforms with defaults and designs that ease the burden of security choices for developers. But there’s an important difference between expecting (or requiring!) developers to use a platform and building a platform that developers embrace. Julia Knecht shares her experience in building platforms with an attention to developer needs, developer experience, and security requirements. She brings attention to the product management skills and feedback loops that make paved roads successful — as well as the areas where developers may still need or choose their own alternatives. After all, the impact of a paved road isn’t in its creation, it’s in its ado...

Full Show Notes
Segment One

How Product-Led Security Leads to Paved Roads – Julia Knecht – ASW #341

A successful strategy in appsec is to build platforms with defaults and designs that ease the burden of security choices for developers. But there's an important difference between expecting (or requiring!) developers to use a platform and building a platform that developers embrace. Julia Knecht shares her experience in building platforms with an attention to developer needs, developer experience, and security requirements. She brings attention to the product management skills and feedback loops that make paved roads successful -- as well as the areas where developers may still need or choose their own alternatives. After all, the impact of a paved road isn't in its creation, it's in its adoption.

Guest
Sr. Manager Security Platforms Engineering at Netflix

Julia Knecht leads Security Platforms Engineering at Netflix – SPE builds foundational security products that enable security engineering at Netflix at scale and speed. Julia has spent most of her career specialized in product and application security, and is passionate about building teams and programs that enable the business via secure paved roads, strong environmental insights and excellent security-developer experience.

List of Articles

Mike Shema

  1. Microsoft Fix Targets Attacks on SharePoint Zero-Day – Krebs on Security

    Also covered by vendors Wiz and Cloudflare

  2. A Novel Technique for SQL Injection in PDO’s Prepared Statements › Searchlight Cyber
  3. Exploiting zero days in abandoned hardware
  4. Introducing OSS Rebuild: Open Source, Rebuilt to Last

John Kinsella

  1. ffmpeg hand-rolls ASM to improve a 100x performance improvement

    ffmpeg is big fans of assembly code - they actually have a "school" github repo to help devs get up to speed. In their latest use of ASM, they've improved a particular function rangedetect8_avx512 by rewriting it in ASM.

    Compilers (and other tools) do all sorts of amazing tricks - but still sometimes the human's better.

Show More

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

Get expert insights and technical breakdowns straight to your inbox.
Join Now

Related Episodes

Related Content

You can skip this ad in 5 seconds