Insights from Securely Built
Our leadership has been welcomed in many forums to provide insights into some of the pressing challenges in security.
Hiring in Cyber AppSec
Derek shares his advice on cybersecurity hiring, specifically in application security, and dives into the challenges of entry-level roles in the industry. We discuss the value of certifications, the necessity of lifelong learning, and the importance of networking.
Defense in Depth Podcast
A security program shouldn't stop at compliance, but that doesn't mean we should undervalue it either. It's easy to just say compliance comes down to ticking boxes, but that can still deliver value to a security program. Why is compliance important and why is it often getting a bad name these days?
The Application Security Podcast
Derek joins us to unpack the goals of an application security program, what is cutting edge in application security programs today, the role of open source vs. commercial, and guidance such as "decentralized application security." "enablement instead of gates; application security as a service," and "stop chasing the shiny new tool.".
Resilient Cyber Episode
Explore the challenges of building a successful AppSec program, including finding the right skill sets, enabling Dev and Engineering teams, managing vulnerabilities at scale, and fostering a security culture with initiatives like security champions.
Elephant in AppSec
Concerned about how to get moving on threat modeling? Threat modeling isn't just for people in security. We do it every day whether we know it or not. Take a listen here!
The Security Champions Podcast
Derek Fisher joins The Security Champions Podcast to share his journey to becoming a security pro and discuss the need for security, from education at universities to on-the-job training.
Agent of Influence
In this episode of Agent of Influence, Nabil is joined by Derek Fisher, Head of Product Security at Envestnet. They discuss product security and how it differs from application security and DevSecOps. Derek also shares valuable insights on cybersecurity budgeting. establishing clear communication between application security and engineering teams, and strategies for balancing security and business risk.
Cybersecurity and Cloud Podcast
Our conversation with Derek delves into the critical aspects of product ownership, risk assessment, and the dynamic landscape of code analysis. He illuminates the challenges of marrying business acumen with technological insights in the realm of application security.
Evo Cybersecurity
Derek Fisher shares expertise and insights, shedding light on the critical importance of proactive security measures in an increasingly interconnected digital landscape. Don't miss this enlightening discussion with top industry professionals.