Developers and security training: can they co-exist?⎜Laura Bell Main

Welcome to the Elephant in AppSec, the podcast to explore, challenge, and boldly face the AppSec Elephants in the room.

Today, we’re excited to have an amazing guest, Laura Bell Main, join us.

With over 20 years in software development and application security, Laura is the co-founder and CEO of SafeStack, an online education platform that offers secure development training for fast-moving companies.

Laura is also a well-known keynote speaker and has spoken at high-profile events like BlackHat USA, NDC, and OSCON. With her love of speaking and being heavily invested in the community, Laura also hosts her own podcast, Build Amazing Things (securely) , where she collects various stories from AppSec professionals. More than that, she is a regular writer for a range of technology and business publications and is the co-author of “Agile Application Security” and “Security for Everyone.”

If you want to learn practical advice on how to adapt an efficient and enjoyable Lego approach to training programs for your teams and build a great security-minded tech team, tune into our conversation. By the end of the podcast, you'll have an answer to the question: can developers and security training really co-exist?

In our conversation, Laura shares:

• Her journey into application security training, emphasizing her belief in a different approach to application security that focuses on developers and doesn't disrupt workflows.
• How you can integrate security into the software development lifecycle to make it a part of everyday work for engineers.
• The importance of breaking down security training into manageable chunks and making it a regular part of development sprints.
• How to justify the return on investment of security training by highlighting cost savings, reduced distractions from security incidents, and improved software quality.
• Insights into their training programs, emphasizing customization and practicality
• The impact of layoffs in big tech on security training
• Advice for developers to embrace security as a fundamental aspect of their work
• Her favorite Build Amazing Things (securely) stories

And much more. Dive right in!

Listen now on Spotify and YouTube. The Elephant in AppSec caters to all: Whether you prefer listening or watching, we have something for everyone 😌

💡 Want to discover other episodes? Check it out below:

• AppSec vendors and CISOs: a love-hate relationship? ⎜Olivia Rose
• Is Gen AI your new AppSec weapon?
• Security training: Necessary investment or overrated expense?⎥Mel Reyes (Global CEO, CIO, CISO, & CTO with 30 years of experience
• What is ASPM: A breakdown of the current state and its future⎥James Berthoty