Monday Dec 04, 2023
#175: Enterprise app development security with Greg Ellis, General Manager, Application Security at Digital.ai
Unless you’re listening to me from Mars or some other planet, you know that today cybersecurity as important as the physical one, they both are intertwined and security breaches are being reported almost daily.
It’s about personal data security on your phone and computer and security of big corporations and non-profit. In this episode, we invited Greg to talk about security in the app development process.
Today’s Topics Include:
- Greg Ellis background
- What is Digital.ai today
- What is DevSecOps, benefits and challenges
- Practices and tools for DevSecOps
- How to improve app development teams' security performance
- How to handle security incidents
- What Greg would like to change about the Big Tech today
- Android or iOS?
- Leaving his smartphone at home, what features would Greg miss most?
- What features he would like to see added to his smartphone?
Links and Resources:
Quotes from Greg Ellis:
"We've actually heard of some customers that inadvertently release a non protected application out in the wild. And so you really want to make sure that you've got those tools in place to catch that. But then once the applications themselves are deployed, it's just as important to ensure that those apps are monitored for active attacks and collecting thread analytics and then responding in real time via runtime application self protected and feeding those insights into the next. Devsecop cycle."
"So that human aspect still needs to be in there. And Ai isn't going to necessarily be the end all and be all, but it's there really to augment the work that we're doing and try to reduce our workload. And that combination of Ai technologies and human intelligence really creates a more robust defense against security incidents and vulnerabilities in these mobile app environments."