Artwork

内容由Tines提供。所有播客内容(包括剧集、图形和播客描述)均由 Tines 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal
Player FM -播客应用
使用Player FM应用程序离线!

Reddit’s Matt Johansen on renouncing superhero culture and what comes next after “shift left”

56:59
 
分享
 

Manage episode 446959451 series 3610934
内容由Tines提供。所有播客内容(包括剧集、图形和播客描述)均由 Tines 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal

In this week’s episode of The Future of Security Operations podcast, Thomas is joined by Matt Johansen. Matt is a security veteran who has helped defend startups, the biggest financial companies in the world, and everything in between. Alongside his day job as Head of Software Security at Reddit, he teaches companies how to protect against cyber attacks, and coaches entrepreneurs and CISOs that need help with infrastructure, application, cloud, and security policies. He also writes Vulnerable U, a weekly newsletter that talks about embracing the power of vulnerability for growth.

Thomas and Matt discuss:

- Moving from a large security team at Bank of America to a small one at Reddit

- Embracing scrappiness and doing more with less

- Overcoming sunk-cost fallacy

- Why the 2014 Sony hack was a pivotal time for AppSec

- Running the threat research centre at White Hat

- What he looks for when hiring in AppSec, the SOC and beyond

- His decision to start creating content about mental health in security

- Moving past imposter syndrome

- Renouncing superhero culture

- Paved paths and guardrails, and what comes next after "shift left"

- Lessons learned from Reddit's 2023 security incident

- The power of automating incident response

The Future of Security Operations is brought to you by Tines, the smart, secure workflow builder that powers some of the world’s most important workflows. https://www.tines.com/solutions/security

Where to find Matt Johansen:

Vulnerable U newsletter: https://vulnu.mattjay.com/

Twitter: https://twitter.com/mattjay

LinkedIn: https://www.linkedin.com/in/matthewjohansen/

TikTok: https://www.tiktok.com/@vulnerable_matt

Reddit: https://www.redditinc.com/

mattjay.com: https://www.mattjay.com

Where to find Thomas Kinsella:

Twitter/X: https://twitter.com/thomasksec

LinkedIn: https://www.linkedin.com/in/thomas-kinsella/

Tines: https://www.tines.com/

Resources mentioned:

The Tech Professional's Guide to Mindfulness by Matt Johansen: https://www.mattjay.com/blog/the-tech-professionals-guide-to-mindfulness

Matt's piece on developer experience in the Vulnerable U newsletter: https://vulnu.mattjay.com/p/vulnu-003-courage-quit

Reddit's post on a February 2023 incident: https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/

Collaborative Incident Response Best Practices: Don't Rely on Superheroes by Matt Johansen: https://www.mattjay.com/blog/superhero-incident-response

Threat modeling depression by Matt Johansen: https://www.mattjay.com/blog/threat-model-depression

In this episode:

[02:14] Going from long-time Reddit user to employee

[04:50] Running AppSec at Reddit

[07:30] Being the internet's punching bag and boxing gloves

[10:30] Building a team from scratch at White Hat and lessons learned from the 2014 Sony hack

[15:10] Matt's approach to hiring

[21:15] His decision to create content about mental health in security

[23:20] Turning his Twitter network into his IRL network

[27:55] Moving past imposter syndrome

[30:00] Tools for safeguarding your mental health in incident response

[36:20] Preserving work-life balance for his teams at Reddit

[39:15] Moving past "shift left", and paved path to production and guardrails

[47:40] Lessons learned from a February 2023 incident at Reddit

[51:20] Renouncing superhero culture

[52:20] Automating incident response

[54:12] Connect with Matt

  continue reading

37集单集

Artwork
icon分享
 
Manage episode 446959451 series 3610934
内容由Tines提供。所有播客内容(包括剧集、图形和播客描述)均由 Tines 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal

In this week’s episode of The Future of Security Operations podcast, Thomas is joined by Matt Johansen. Matt is a security veteran who has helped defend startups, the biggest financial companies in the world, and everything in between. Alongside his day job as Head of Software Security at Reddit, he teaches companies how to protect against cyber attacks, and coaches entrepreneurs and CISOs that need help with infrastructure, application, cloud, and security policies. He also writes Vulnerable U, a weekly newsletter that talks about embracing the power of vulnerability for growth.

Thomas and Matt discuss:

- Moving from a large security team at Bank of America to a small one at Reddit

- Embracing scrappiness and doing more with less

- Overcoming sunk-cost fallacy

- Why the 2014 Sony hack was a pivotal time for AppSec

- Running the threat research centre at White Hat

- What he looks for when hiring in AppSec, the SOC and beyond

- His decision to start creating content about mental health in security

- Moving past imposter syndrome

- Renouncing superhero culture

- Paved paths and guardrails, and what comes next after "shift left"

- Lessons learned from Reddit's 2023 security incident

- The power of automating incident response

The Future of Security Operations is brought to you by Tines, the smart, secure workflow builder that powers some of the world’s most important workflows. https://www.tines.com/solutions/security

Where to find Matt Johansen:

Vulnerable U newsletter: https://vulnu.mattjay.com/

Twitter: https://twitter.com/mattjay

LinkedIn: https://www.linkedin.com/in/matthewjohansen/

TikTok: https://www.tiktok.com/@vulnerable_matt

Reddit: https://www.redditinc.com/

mattjay.com: https://www.mattjay.com

Where to find Thomas Kinsella:

Twitter/X: https://twitter.com/thomasksec

LinkedIn: https://www.linkedin.com/in/thomas-kinsella/

Tines: https://www.tines.com/

Resources mentioned:

The Tech Professional's Guide to Mindfulness by Matt Johansen: https://www.mattjay.com/blog/the-tech-professionals-guide-to-mindfulness

Matt's piece on developer experience in the Vulnerable U newsletter: https://vulnu.mattjay.com/p/vulnu-003-courage-quit

Reddit's post on a February 2023 incident: https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/

Collaborative Incident Response Best Practices: Don't Rely on Superheroes by Matt Johansen: https://www.mattjay.com/blog/superhero-incident-response

Threat modeling depression by Matt Johansen: https://www.mattjay.com/blog/threat-model-depression

In this episode:

[02:14] Going from long-time Reddit user to employee

[04:50] Running AppSec at Reddit

[07:30] Being the internet's punching bag and boxing gloves

[10:30] Building a team from scratch at White Hat and lessons learned from the 2014 Sony hack

[15:10] Matt's approach to hiring

[21:15] His decision to create content about mental health in security

[23:20] Turning his Twitter network into his IRL network

[27:55] Moving past imposter syndrome

[30:00] Tools for safeguarding your mental health in incident response

[36:20] Preserving work-life balance for his teams at Reddit

[39:15] Moving past "shift left", and paved path to production and guardrails

[47:40] Lessons learned from a February 2023 incident at Reddit

[51:20] Renouncing superhero culture

[52:20] Automating incident response

[54:12] Connect with Matt

  continue reading

37集单集

Todos os episódios

×
 
Loading …

欢迎使用Player FM

Player FM正在网上搜索高质量的播客,以便您现在享受。它是最好的播客应用程序,适用于安卓、iPhone和网络。注册以跨设备同步订阅。

 

快速参考指南