Empowering Developers, Elevating Security: Neha Malik on Building an AppSec Culture

Episode SummaryIn this episode of Secured, host Cole Cornford chats with Neha Malik, Head of Product Security at REA Group, about building and scaling effective application security (AppSec) programs. They delve into the importance of empathy, communication, and relationship-building between security teams and developers. Neha shares her journey from a Microsoft graduate program, through external consulting at KPMG, and into her current leadership role. They discuss making security easy for engineers, managing security champions programs with realistic expectations, and learning from other disciplines—like psychology and marketing—to better influence and engage stakeholders. Neha and Cole also highlight how tailoring approach and tooling can differ for startups and large enterprises, and emphasise that collaboration, not confrontation, leads to long-term AppSec success.Timestamps00:20 - Neha’s Role at REA Group and Positive AppSec Outcomes01:30 - Starting a Career in Security at Microsoft’s Grad Program05:45 - Building an AppSec Program from Scratch at REA10:00 - Startups: Embedding Security in Tools Over Heavy Process14:40 - Security Champions Programs: Value, Expectations, and Incentives20:25 - Learning from Other Disciplines (e.g., Psychology) to Influence TeamsMentioned in this episode:Call for FeedbackThis podcast uses the following third-party services for analysis: Podtrac - https://analytics.podtrac.com/privacy-policy-gdrpSpotify Ad Analytics - https://www.spotify.com/us/legal/ad-analytics-privacy-policy/

There are no comments yet.

Please log in to write the first comment.