Shift-Left Security and Code Scanning with Amjad Afanah and Sudipta Mukherjee
Podcast: Play in new window | Download
Subscribe: RSS
Traditionally, security checks and testing are performed towards the end of the software development lifecycle. However, discovering vulnerabilities at that stage can be costly and time-consuming.
This observation has led to the shift-left movement, which advocates for implementing security testing earlier in the software development process.
HoundDog AI is a startup focused on software to enable shift-left security practices. Amjad Afanah and Sudipta Mukherjee are Co-Founders of HoundDog, and they join the show to talk about their company.
Gregor Vand is a security-focused technologist, and is the founder and CTO of Mailpass. Previously, Gregor was a CTO across cybersecurity, cyber insurance and general software engineering companies. He has been based in Asia Pacific for almost a decade and can be found via his profile at vand.hk.
Sponsorship inquiries: sponsor@softwareengineeringdaily.com
Sponsors
This episode of Software Engineering Daily is brought to you by Vantage. Do you know what your cloud bill will be for this month?
For many companies, cloud costs are the number two line item in their budget and the number one fastest growing category of spend.
Vantage helps you get a handle on your cloud bills, with self-serve reports and dashboards built for engineers, finance, and operations teams. With Vantage, you can put costs in the hands of the service owners and managers who generate them—giving them budgets, alerts, anomaly detection, and granular visibility into every dollar.
With native billing integrations with dozens of cloud services, including AWS, Azure, GCP, Datadog, Snowflake, and Kubernetes, Vantage is the one FinOps platform to monitor and reduce all your cloud bills.
To get started, head to vantage.sh, connect your accounts, and get a free savings estimate as part of a 14-day free trial.
WorkOS is a modern identity platform built for B2B SaaS, providing a quicker path to land enterprise deals.
It provides flexible APIs for authentication, user identity, and complex features like SSO and SCIM provisioning.
It’s a drop-in replacement for Auth0 (auth-zero) and supports up to 1 million monthly active users for free. Today, hundreds of high-growth scale-ups are already powered by WorkOS, including ones you probably know, like Vercel, Webflow, Perplexity, and Drata.
Recently, WorkOS announced the acquisition of Warrant, the Fine Grained Authorization service. Warrant’s product is based on a groundbreaking authorization system called Zanzibar, which was originally designed by Google to power Google Docs and YouTube. This enables fast authorization checks at enormous scale while maintaining a flexible model that can be adapted to even the most complex use cases.
If you are currently looking to build Role-Based Access Control or other enterprise features like SAML , SCIM, or user management, check out workos.com/SED to get started for free.