CSCP S02E32 - Shasha Rosenbaum - Github does it again with CodeQL- find out cyber and dev

<p></p> <p>Sasha Rosenbaum is a Sr. Product Manager at GitHub, former developer, and the organizer of the DevOps Days conference. Francesco and Sasha vent some the frustrations of explaining security threats to developers and engineers who are more focused on creating and coding. Sasha also explains about GitHub’s CodeQL, a semantic code analysis engine. Note FYI sasha now has migrated to redhat. </p> <p>The episode is brought you by Security Phoenix Ltd with the AppSec Phoenix platform you can make Application Security and Software development finally easy. Follow the tag #appseceasy</p> <p>0:38 Introducing Sasha Rosenbaum</p> <p>3:10 Communicate security issues</p> <p>10:32 GitHub CodeQL</p> <p>15:15 Security starts with developers and engineers</p> <p>19:40 Test-able code is better</p> <p>26:55 Demystifying, not fear mongering</p> <p>31:02 Biggest frustrations in security</p> <p>36:22 Final Positive Message</p> <p>37:44 Outro</p> <p> </p> <p>Sasha Rosenbaum Twitter <a href='https://twitter.com/divineops'>@DivineOps</a> Organizer <a href='https://twitter.com/DevOpsDaysChi'>@DevOpsDaysChi</a> Linkedin: <a href='https://www.linkedin.com/in/sasha-rosenbaum/'>https://www.linkedin.com/in/sasha-rosenbaum/</a> <a href='https://www.sasharosenbaum.com'>https://www.sasharosenbaum.com</a> </p> <p>Cyber Security and Cloud Podcast</p> <p>#CSCP #cybermentoringmonday <a href='http://cybercloudpodcast.com'>http://cybercloudpodcast.com</a></p>