DevSec For Scale from Akeyless

What is Policy-as-Code and why is it important to developer security? In this episode, we talk with Eran Bibi, CPO and Co-Founder at Firefly (gofirefly.io) about how policy-as-code enhances business velocity and scale and how early stage companies can utilize policy-as-code to better automate their decisions to give developers more independence as well as ensure security.

Why are startups different from a security perspective?
Join Moshe Ferber, Chairman of the Israel Chapter of the Cloud Security Alliance to learn about how startups can ensure their security is up to par based on your startup phase.
Moshe also focuses on application security by discussing how startups generally make the highest percentage of their mistakes from the application layer.
We also get into the SDLC and CI/CD pipelines and how to make sure security is top of mind throughout.

We all know the importance of solid product security. But startups aren't always equipped to deal with implementation of the various requirements. So how do you get product security right when you're a young company? And how do you mature without breaking product security?
In this episode, Neatsun Ziv, Co-Founder and CEO at Ox Security brings his wealth of experience from large organizations, such as Checkpoint, to share how we can all implement better product security without cannibalizing developers' time.

What is code integrity and how does it affect the software supply chain? Have you heard about Log4j?
In this episode, I talk with Barak Brudo, Developer Relations Advocast at Scribe Security about the Software Bill of Materials (SBOM) that helps to ensure all your code and packages are secure, down to the file level. By utilizing automated SBOMs, both companies and users can better understand what packages are being used, what dependencies, what file versions, and more are in your software.
All this makes dealing with supply chain problems much easier by ensuring the integrity of all the packages and files being utilized.

Is your startup or small business doing everything to ensure security basics are in place?
Minimum Viable Security is not a new concept, but it has become more prolific as companies have seen record numbers of ransomware, supply chain, and other attacks in the past few years.
We had the pleasure of talking with David Melamed, CTO & Co-Founder of Jit.io to discuss how small companies need to ensure a minimal level of security as part of a "born left" philosophy, more than the regular shift left story.

What is the top security issue small businesses face today?
Dr. Chase Cunningham, also known as Dr. Zero Trust, is a leading cybersecurity expert and originator of Forrester's ZTX Zero Trust Extended Framework.
In this episode, I interview Chase about best practices that startups and small companies should be implementing when building their product.
Chase also gives us some tips for making security an integral part of your pipelines without adding additional operational burden on developers.