EP 34 — The Future of AppSec: People, Processes, and Progress with Coalfire’s Warren Kopp

In this episode of the Future of Application Security, Harshil speaks with Warren Kopp, Application Security Consultant at Coalfire, a cybersecurity advisor. Together they discuss how better application security involves building relationships with the people behind the processes, and why skills like communication, collaboration, and an understanding of psychology are keys to moving forward security initiatives. They also discuss the increasing availability of security training today, how to think more aggressively about security, and why the future of AppSec will focus on expansion.

Topics discussed:

• How Warren "backed into technology" after getting a degree in animation, and his experiences inside an enterprise software company before becoming a consultant with Coalfire.
• Why security isn't just a technology problem and how you need to find the people behind the processes, get to know their struggles, and compromise in order to build great AppSec initiatives.
• Why one of the key skills any security person can have is communication, and why clearly articulating business impact can help with getting buy-in.
• The need for not just training in hard security skills, but in soft skills like communication and psychology in order to meet people where they are and better understand their needs.
• How to look for opportunities for collaboration in your organization, and why it's key to talk to others (over the phone or over lunch) and build your network.
• How teams can leverage automation, and why you need to think more aggressively about AppSec in order to open up new opportunities.
• The current state of AppSec, and the growing availability of training and information-sharing through more informal channels like YouTube that can increase impact and reduce struggle.
• Why the future of application security involves teams being more aggressive, more iterative, and growing quicker.