Sources and Sinks

Earlier this year, Okta, a major identity provider, reported that it was breached. What happened during the Okta compromise? Today on sources and sinks, Vickie Li chats with Tarun of Banyan security, to talk about what went down during the Okta breach, and how organizations can protect themselves from similar situations.

Vickie Li, developer evangelist at ShiftLeft, interviews Shinesa Cambric about her research in identity and access management at Microsoft. Listen on to learn about the identity management challenges we face today, how we can balance security and privacy, and where she thinks the future of identity management is going.

Jasmine Jackson is an experienced cybersecurity professional who got her start through self-teaching. So listen on for her advice on breaking the entry-level barrier in infosec and how she learned using CTFs and write-ups.

Vickie Li, developer evangelist at ShiftLeft, interviews Vandana Verma, Chair of the OWASP Global Board of Directors about how she grew her career in infosec. How did she get from infosec newbie to the leader of OWASP and the keynote speaker at multiple conferences? And how did she overcome the fear of public speaking and networking in tech? Listen on to hear her story! 

Vickie Li, developer evangelist at ShiftLeft, interviews Chloé Messdaghi about her work in ESG (Environmental, Social, and Governance) consulting in the cybersecurity industry. What are the biggest social challenges facing our industry? How can we take the steps to increase diversity and reduce the environmental impact of infosec? Listen on to find out! 

Vickie Li, developer evangelist at ShiftLeft, sit down with Ben Sadeghipour, or NahamSec, about his experience being a content creator in the infosec space, what it's like to livestream his hacking, and how to stay motivated and deal with imposter syndrome in the public spotlight. 

Vickie Li, developer evangelist at ShiftLeft, interviews Magno Logan about his experience as the founder of an OWASP Chapter and seasoned conference organizer, about how he started the OWASP chapter, and what goes on behind the scenes during Infosec events. 

Vickie Li, developer evangelist at ShiftLeft interviews car hacker and IoT security expert Aaron Guzman about his experience hacking Subaru cars, and how we can improve IoT security through regulation, policies, and education.

"Vickie Li, developer evangelist at ShiftLeft talks to Cassie Clark, a security awareness training expert, about why security awareness training is needed, how to make security training appealing, and how to curb social engineering attacks."

Vickie Li ,  developer evangelist with ShiftLeft in a conversation with Alok Shukla, VP (Products) at ShiftLeft, on what is benchmarking of code analysis tools and how did ShiftLeft achieved  Industry's best code analysis scores.

Vickie Li ,  developer evangelist with ShiftLeft in a conversation with Gyan Chaudhary, CEO of Kontra and a partner with ShiftLeft on a new type of developer education.

In this Episode of Sources and Sinks, Vickie Li hosts Alok Shukla (VP of Products) at ShiftLeft.  Alok talks about ShiftLeft's new code analysis platform called ShiftLeft CORE. Alok also talks about "Attacker Reachability" - an innovation from ShiftLeft that drives software composition analysis component of ShiftLeft platform. 

Who is getting into cybersecurity and how people are getting into cybersecurity has changed a lot in the past few decades. As more and more people start seeing cybersecurity as a career option, how do we educate a new generation of hackers and cybersecurity professionals to keep our Internet safe? IIn this episode of Sources and Sinks, Vickie Li talks to Fabian Faessler, also known professionally as  LiveOverFlow.  Fabian is a cybersecurity Youtuber and educator who has inspired many people to get into cybersecurity and penetration testing. He talks about the Hacker Culture he experienced when he got started, and how he sees the future of cybersecurity education going. 

The cybersecurity field has traditionally focused on defending against external threats. But over the past few years, we have really seen an increasing awareness of the threat posed by people inside the organization. We call these threats, “insider threats”. Insider threats are security threats caused by disgruntled employees who intend to harm the organization or negligent employees who put the security of the organization at risk by accident. In this episode of Sources and Sinks, Vickie Li talks to Katie Praxton-Fear a cybersecurity researcher and lecturer, on how we can mitigate the risks of insider threats.

Vickie Li talks to Saif Bhatti about his Rhino Conservation efforts in African Savannah. Saif is a technologist who is using technology as part of his firm Renoster Systems to become an industry leader in conservation security systems.

A conversation with Rishi Bhargava - Co-founder of Demisto and now VP of Strategy at Palo Alto Networks Rishi talks about his learnings on implementing Inbound and content marketing at Demisto in a highly successful manner. He talks about the mechanics of his strategy, his learnings, things he did right, things he avoided and finally things he will not do in next startup.Demisto was able to make a revenue of 1 Mn USD in first 6-8 months in its first year of existence, a 100 million pipe by the end of 2nd year and eventually getting sold to Palo Alto Networks at 560 million USD.

A conversation with world's only Michelin 2 Star Indian Chef - Srijith Gopinathan.Srijith is Executive Chef at Taj Campton in San Francisco and is co-owner of a new California Indian restaurant - Ettan in downtown Palo Alto in broader San Francisco Bay Area.In an engaging chat, Srijith answer many questions includingWhat does it mean by Cal Indian Cuisine?Comparing Indian cuisine vs French CuisineIndian cuisine and flavor theory rulesCan Michelin system truly judge Indian cuisine?Experimental or Authentic Indian cuisine?Top Indian Restaurants in United StatesTop 5 Indian restaurants in the world.

Alok Shukla in a conversation with Adarsh Natarajan, CEO of Aindra Systems.Aindra is a AI powered medical device startup based out of India. Adarsh's original background was of Software Engineer who after his management education decided to turn into this heavily specialized field of medicine. Aindra's first offering is an AI powered portable device to facilitate early diagnosis of Cervical Cancer

Jonathan Rothwell - Principal Economist at Gallup - in a conversation with Alok Shukla to discuss some major findings of his book - "A Republic of Equals: A Manifesto for a Just Society"PS:- This is a long interview format.We discuss the surprising composition of 1% and how non-competitive sectors like medical professionals, dentists, lawyers etc have been able to corner a large portion of 1% economic prosperity. Jonathan talks about meritocracy being the driver of reduction of inequality, problems of segregation - including Asian School segregation and why does a positive intent can also have negative consequences, when it castes away other communities.We also touch upon Nassim Nicholas Tayeb observation on IQ tests being a pseudoscientific swindle and how data does not support the natural assertion of genetic superiority of any race.

Vincent Weafer, SVP Security Engineering at Capital One in a conversation with Alok Shukla, VP Product Management at ShiftLeft and host of this podcast.Vincent and Alok converse on a range of topics - security engineering and #shiftleft of security, security quality automation, machine learning success/failures, Vincent's predictions and his asks from new security startups.Vincent in his current role at Capital One, oversees the entire security engineering function. Prior to Capital One, Vincent spent 24 years in security research leading the function at two formidable security players - Symantec and McAfee.

In this episode of "Sources and Sinks, a conversation with ShiftLeft's lead security researcher - Niko Schmidt. Niko opens up on his process, what he sees as the key threats and how developers can improve their game to build more secure applicationsAs a fun addition, he tracks his journey as a security research prior to ShiftLeft and narrates serious yet amusing incidents of corporate security assessments.

In this podcast, I talk about the lack of representation of Indian and Chinese cuisines from Michelin rating system. I examine the question if Michelin is irrelevant for Indian and Chinese cuisine in general and Indian cuisine specifically.I talk about the notion of high culture and its role in propelling french cuisine as the ultimate arbiter of fine dining and whether that Asian cuisine requires a new standard.

Julie Tsai in a conversation with Alok Shukla on her initiative for #ShiftLeft at Roblox. Julie is the Head of Information Security at Roblox - a wildly successful online gaming company.Julie talks about the practice of Shifting Left, centrality of empowering developers through code analysis, interactions between red/blue teams and as a bonus - security leaders she admires and could be role models to increase diversity in cybersecurity.This episode is in continuation of ongoing conversation of empowering developers by shiftling security left.

A conversation with Toufiq Ali - Principal Engineer, Cybersecurity operations at Emirates Group on developer focused security initiatives..Toufiq delves into the need of integrating security into development pipelines, how security and software development teams created this partnership, and how ShiftLeft Inspect has helped them achieve their goals.This conversation is hosted by Alok Shukla, VP of product management at ShiftLeft.

In the world of product definition and design, as practitioners, we have always experienced such moments where we had all the data but we relied on our gut to make a call, and then we tasted success.I discuss this phenomenon with two of my guests - Prabhu Subramaniam, Lead Architect at ShiftLeft and Dharmesh Gandhi, SVP of Products at Rentomojo (formerly at Amazon and Uber).Prabhu discussed his Aha moment during his work on ShiftLeft Scan, Dharmesh during his work on advertising product at Amazon and Alok during his work on Attack Analytics during his tenure at Imperva.

There are many veterans of 2007-2009 market crash who are now using those learnings to navigate 2020 downturn. Mark Kraynak was leading marketing in 2008 at Imperva and he saw Imperva navigating it's way out of a crash, albeit successfully. Now in his avatar as founding VC at Acrew Capital, a venture capital firm out of Palo Alto and San Francisco, he talks about how StartUps can navigate 2020. As a bonus, Mark talks about the type of ideas he might invest in.Mark talks about personal journey, lifelong learnings from 2008 crash and how it shapes his view in 2020, in a free flowing conversation with Alok Shukla (VP of Products at ShiftLeft)

A lot has been discussed about economy, remote work, startups, technology and what not of these COVID times,In this episode of Sources and Sinks, we will discuss a peculiarity of silicon valley lifestyle - Coffee and Tea. To discuss that, I have invited two special guests - A Coffee snob and A Tea Snob.Manish Gupta, CEO of ShiftLeft is our Coffee Snob and We have Arun Balakrishnan, Director of Products at ShiftLeft is our Tea Snob.In this episode, I attempt to learn from their knowledge of Coffee and Tea and may be become a minor enthusiast of my own.

In coversation with Shannon Lietz, Director of Adversary management at Intuit Inc. We talk about Securibility and its increasing centrality to developer led application security programs. We chat about two main pillars of securibility - exploitability and threat analysis with respect to an application. Shannon describes how a securibility metrics can help development teams achieve success for the goal of creating security software.Alok Shukla, VP of Products at Shiftleft, anchors this conversation from the eyes of a real life security practioner and as a host of this podcast.

A conversation with ShiftLeft CTO and co-founder Chetan Conikee about ShiftLeft and remote working. As Chetan describes, remote working was a default way of work for ShiftLeft since its inception and it is not relying on its learnt experience to cope up mandatory home work culture. Alok, VP of products at ShiftLeft talks about how he is engaging with enterprise customers while being remote.