Software Trust & Adversaries, Developer-Focused Security - Shannon Lietz, Melinda Marks - ASW #246

Infosec is still figuring out useful metrics, how to talk about risk, and how to make resilience more relevant. Shannon talks about a new community effort to measure software trust. She also covers threat modeling and adversary management as steps towards determining an org's resiliency and security.

Segment Resources: https://community.ravemetrics.com

 Melinda will share results from her study last year on developer-focused security, "Walking the Line: Shift Left and GitOps Security" and discuss trends to help security keep up with modern software development. Segment Resources: ESG Complete Survey Results: Walking the Line: GitOps and Shift Left Security: https://research.esg-global.com/reportaction/515201532/Toc 

Addressing the confusion around shift-left cloud security | TechTarget: https://www.techtarget.com/searchsecurity/opinion/Addressing-the-confusion-around-shift-left-cloud-security

 Melinda Marks’s Most Recent Content: https://www.techtarget.com/contributor/Melinda-Marks

 Visit [securityweekly.com/asw](https://securityweekly.com/asw) for all the latest episodes!

Follow us on Twitter: [@SecWeekly](https://www.twitter.com/secweekly)

Like us on Facebook: [facebook.com/secweekly](https://www.facebook.com/secweekly)

Visit https://securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-246