Episode 4 : CODE RED - Empowering engineers to secure our ci/cd pipelines

In this episode, our guest Josh Nesbitt, CTO of Glean a Leeds EdTech startup, shares his insights on securing the data of vulnerable people, the importance of accessibility and compliance in production-ready products, and the challenges of achieving usability, functionality, and security in concert.   Join us as we debunk common misconceptions around agile and explore how security teams can be more creative in their approach. We’ll talk about how to use tooling and engagement to get engineers and security teams on the same page.  Links to everything Josh discussed in this episode can be found in the show notes and if you liked the show, please do leave us a review and share on LinkedIin or in your teams, it really helps us spread the word and get high-quality guests, like Josh, on future episodes.  We hope you enjoyed this episode - See you next time, keep secure, and don’t forget to ask yourself, ‘Am I a compromising position here?’ 

Om Podcasten

Dive into “Compromising Positions”, the unique, new podcast designed to iron out the wrinkles in the relationship between cybersecurity teams and other tech professionals. We’re taking the ‘security as a blocker’ stereotype head-on, promoting a shared language and mutual understanding. We’ll turn those ‘compromising positions’ into ‘compromising solutions’, helping security pros and tech teams collaborate more effectively for a smoother, safer digital journey. Every week we will be joined by Developers, User Researchers, Designers, Product Owners, Data Scientists, Cloud Specialists, Scrum Masters, C-Suite Execs, AI/MI boffins, and many, many more non-security positions! This is a podcast aim to get you thinking about security without boring you to death! Join our two hosts, Lianne Potter, Cyber Anthropologist and Head of Security Operations at a major retailer and Jeff Watkins, CTO at XDesign for this informal, frank, and at times anarchic look at what people really think about cybersecurity in organisations and what cybersecurity people should ACTUALLY be doing.