What security teams need to understand about developers
The Stack Overflow Podcast10 Dec 2024

What security teams need to understand about developers

NightVision offers web and API security testing tools built to integrate with developers’ established workflows. NightVision identifies issues by precise area(s) of code, so devs don’t have to chase down and validate vulnerability reports, a process that eats up precious engineering resources. Get started with their docs.

Connect with Kinnaird on LinkedIn.

Stack Overflow user Cecil Curry earned a Populist badge with their exceptionally thoughtful answer to In Python how can one tell if a module comes from a C extension?.

Some great excerpts from this episode:

“From the program side, I would say if you're running a security program or you're starting from day one, there's a danger with security people and being the security person who's out of touch or doesn't know what the life of a developer is like. And you don't want to be that person. And that's not how you have actual business impact, right? So you got to embed with teams, threat model, and then do some preventative security testing, right? Testing things before it gets into production, not just relying on having a bug bounty program.”

“With code scanning, you're looking for potentially insecure patterns in the code, but with dynamic testing, you're actually testing the live application. So we're sending HTTP traffic to the application, sending malicious payloads in forms or in query parameters, et cetera, to try to elicit a response or to send something to an attacker controlled server. And so using this, we're able to. Not just have theoretical vulnerabilities, but exploitable vulnerabilities. I mean, how many times have you looked at something in GitHub security alerts and thought, yeah, that's not real. That's not exploitable. Right. So we're trying to avoid that and have higher quality touch points with developers. So when they look at something, they say, okay, that's exploitable. You showed me how. And you traced it back to code.”

See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Avsnitt(860)

“There is a real cost to moving fast”: Using AI to accelerate drug discovery

“There is a real cost to moving fast”: Using AI to accelerate drug discovery

They also: Explore key challenges engineering leaders face, including data capacity, relevance, and throttling issues. Highlight how emerging AI tools and applications are transforming software engineering practices. Episode notes: Connect with Maureen Makes on LinkedIn. Learn more about Recursion and their open roles here. Read about Knowledge Solutions, a subscription-based API service that provides continuous access to Stack Overflow’s public dataset to train and fine-tune large language models. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

10 Apr 25min

WBIT #6: Be curious, ask questions, and don’t argue with JavaScript

WBIT #6: Be curious, ask questions, and don’t argue with JavaScript

When this episode was recorded, Jesse worked for WaveSeven Consulting, which provides business advisory and project delivery support for media and entertainment companies. He now works for ClickUp, same as previous Stack Overflow Podcast guest, RJ Tuit. Read Jesse’s hot takes on his blog.You can connect with Jesse as Jtomchak on all the socials. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

9 Apr 44min

Bottom of the first: A veteran VC’s take on the AI landscape

Bottom of the first: A veteran VC’s take on the AI landscape

Tomasz is a general partner at Theory Ventures, a venture capital firm focused on early-stage software companies.He’s a coauthor of Winning with Data, a deep dive into how big data has changed business best practices and organizational culture.Tomasz was on the podcast back in 2023. Give it a listen!Explore Tomasz’s writing.Follow Tomasz on LinkedIn.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

8 Apr 28min

Is AI a bubble or a revolution? The answer is yes.

Is AI a bubble or a revolution? The answer is yes.

2024 was a defining year for AI investment. Read the HumanX/Crunchbase report.You can learn more about HumanX or register for next year’s event, April 7-9, 2026 in San Francisco.Follow Stefan on LinkedIn.Follow Jager on LinkedIn. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

4 Apr 33min

Boots on the ground: Holistic AI and Audioshake at HumanX

Boots on the ground: Holistic AI and Audioshake at HumanX

Holistic AI is an AI governance platform that helps the enterprise adopt and scale AI.Audioshake uses AI to mix, master, and separate music and other audio content.Learn more about HumanX here. Feeling the FOMO? The event takes place again on April 7-9, 2026 in San Francisco. Early birds can register here.Connect with Raj on LinkedIn.Connect with Jessica on LinkedIn.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

1 Apr 24min

“Are AI agents ready for the enterprise?”

“Are AI agents ready for the enterprise?”

Deepak works on Amazon Q Developer, a GenAI-powered coding assistant that includes autonomous agents.Thinking, Fast and Slow by psychologist Daniel Kahneman is one of those books that’s a classic for a reason—and it’s more relevant to today’s AI landscape than you might think.Connect with Deepak on LinkedIn. Congrats to Stack Overflow user Morten Zilmer, who earned a Lifeboat badge by explaining Multiplication of two different bit numbers in VHDL.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

28 Mars 28min

AI is shifting focus from syntax to critical thinking

AI is shifting focus from syntax to critical thinking

They also: Emphasize the critical role of customer feedback in shaping products, highlighting how continuous feedback loops drive innovation and improvement. Explore how AI is empowering non-technical team members and enabling meaningful collaboration between developers and other departments. Discuss the potential of GenAI as a learning tool and the importance of prompt engineering as a key skill for future developers. Episode notes: Connect with Lee Faus on LinkedIn, X, and learn more about GitLab. Learn more about creating a private instance of Stack Overflow for your team or org with Stack Overflow for Teams. Read about Knowledge Solutions, a subscription-based API service that provides continuous access to Stack Overflow’s public dataset to train and fine-tune large language models. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

27 Mars 36min

“The power of the humble embedding”

“The power of the humble embedding”

Pinecone is a purpose-built vector database. Get started with their docs here.Connect with Edo on LinkedIn. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

25 Mars 29min

Populärt inom Business & ekonomi

framgangspodden
varvet
badfluence
uppgang-och-fall
rss-borsens-finest
svd-ledarredaktionen
lastbilspodden
avanzapodden
rss-kort-lang-analyspodden-fran-di
rss-dagen-med-di
affarsvarlden
rikatillsammans-om-privatekonomi-rikedom-i-livet
fill-or-kill
borsmorgon
tabberaset
dynastin
kapitalet-en-podd-om-ekonomi
market-makers
rss-inga-dumma-fragor-om-pengar
montrosepodden