What you’re about to hear is a long form interview with Zane Lackey, a former pentester turned director of security engineering for Etsy turned co-founder and CSO of Signal Sciences.
Signal Sciences can be broadly, kinda described as “next generation WAF”. If you do have a requirement for a waffy, raspy thing, then you absolutely need to check out Signal Sciences.
They give you visibility in to attacks against your applications, and even auto-blocking a bunch of them without that turning into a cascading horror-show.
Signal Sciences’ product has a really strong emphasis on assisting organisations who are running DevOps shops. And it makes sense, Zane’s key achievement at Etsy was managing the security of that company’s Devops transition.
He’s actually just written an O’Reilly book, Building a Modern Security Program. So, he joined me to talk about his book, what’s in it, about DevSecOps more generally, and about some new stuff Signal Sciences has been working on.