In this episode of the We Hack Purple Podcast we meet Anshuman Bhartiya, a Principal Security Engineer who also happens to be an avid AppSec blogger (https://www.anshumanbhartiya.com/) and conference speaker.
We talked about how the SAST industry seems to be divided into two camps, as well as “the old guard” who used to say no to everything, versus newer ways of working towards better AppSec, such as using empathy and enablement, rather than a stick. Anshuman is a huge fan of automation (I mean, who isn’t?) and he covered many ways we could use it for better security, including vulnerability management. We covered how vulnerability management tends to have 3 phases (finding bugs, fixing bugs,
then retesting to ensure they are fixed) and how step two appears to be the most difficult. We ended on inventory, cool new tools that are out, and how there’s still more work we can do in this area to make it even better. All and all, this is a great
Here are some links you will need to keep track of Anshuman
and the great content he releases:
Thank you so much to our sponsor, Bright! Check out
their amazing DAST! https://brightsec.com/
Join us in the We Hack Purple Community: A fun and safe place to learn and share your knowledge with other professionals in the field.
Subscribe to our newsletter!
Find us on Apple Podcast, Overcast + Pod