Application Security w/ Taylor Lehmann

With us today is Taylor Lehmann, former ciso several times over in the healthcare sector, and currently Americas leader for security, networking, identity, and compliance solution architecture at AWS. Taylor and Allan talk about application security: why it's important, who are the personas, the value of threat modeling, infrastructure as code, how to get started, and relationships with developers. Taylor, a Boston boy, starts the show trying to say, "Howdy!" correctly. Taylor started at PWC and grew into a healthcare CISO. He has now transitioned to AWS. Key Takeaways 1:40 How Taylor got into Cyber 2:58 Taylor’s day job 4:30 Appsec Defined 5:49 Taylor's favorite appsec frameworks 7:48 Why appsec is important 8:55 The personas and roles 11:22 Security training in appsec 12:27 Threat modeling 15:11 Infrastructure as code 20:46 How to get started in appsec 24:12 Devs already know and care about security 25:38 Where does the trope come from that devs don't care? 26:52 Why "DevSecOps" is a bad term 28:00 What keeps Taylor going in cybersecurity Links: Learn more about Taylor on LinkedIn and Twitter Follow Allan Alford on LinkedIn and Twitter Learn more about Hacker Valley Studio and The Cyber Ranch Podcast Sponsored by our good friends at Axonius