Application Security Management and the new SBOM with Idan Plotnik

In this episode of SecureTalk, host Justin Beals speaks with Idan Plotnik, co-founder and CEO of Apiiro, about the complexities of application security and innovation. They discuss Idan's career, which began with his early interest in secure computing as an engineer for the Israeli Defence Force. Later, while at Microsoft, Idan was frustrated by the inefficiencies in current application security reviews that slowed down software delivery. Idan explains opportunities to improve the application security posture throughout the software development lifecycle, emphasizing their methods for deep code analysis and extended Software Bill of Materials (SBOMs). The conversation also covers the role of AI in security, the significance of automation, and the integration of graph data models for effectively visualizing and managing security threats. 00:00 Welcome to SecureTalk 00:32 Introduction to Application Security 01:44 Meet Idan Plotnik 02:52 Idan’s Journey in Cybersecurity 04:31 Early Encounters with Computers and Security 08:44 Military Service and Professional Growth 12:19 Founding Apiiro and Innovations in Security 14:06 Challenges in Modern Software Development 15:33 Comprehensive Security Measures 19:47 Understanding the Risk Landscape 24:35 Understanding Risk in Software Architecture 25:30 The Role of AI in Software Security 26:29 Translating Code into Components 27:50 The Importance of Software Inventory 31:47 The Limitations of SBOMs 40:02 Automation in Security Design 46:00 The Power of Graph Data Models 48:35 Conclusion and Final Thoughts