All Sessions>

Talk: “Why Devs Struggle with Application and API Security”

Talk: “Why Devs Struggle with Application and API Security”

We’ve all heard the buzz around pushing application security into the hands of developers, but if you’re like most companies, it has been hard to actually make this a reality. You aren’t alone - putting the culture, processes, and tooling into place to make this happen is tough. Join Stackhawk CSO Scott Gerlach as he shares his triumphs and failures while building devsecops practices and tools at companies such as godaddy, sendgrid, and Twilio. Dig into specific reasons why developers struggle with appsec and what you can do to make it work better.

Scott Gerlach, CSO and Co-founder at StackHawk.

Scott Gerlach

CSO and Co-founder


Interested in Postman Galaxy 2022?

Join the mailing list for the latest Galaxy updates.

Stars background
Stars background

View More Talks from Postman Galaxy

More on Security from the Postman Blog

Fri Apr 09 2021

New Custom Alerts to Monitor Your Public Footprint on Postman

At Postman, over the past year, we’ve introduced several new features to ease the collaboration between multiple stakeholders during the API development lifecycle. The launch of Postman public workspaces gave users access to a massively multiplayer API experience across the entire Postman ecosystem. It was the most significant release to date, demonstrating our commitment to…

Wed Jan 27 2021

Top 5 API Security Best Practices for 2021

With APIs being the new norm in the modern software development era, a rise in security concerns related to APIs is also inevitable. Gartner predicts that by 2022, API security will be the topmost cause of concern for enterprises working with web applications. In fact, the notorious Equifax data breach of 2017 that led to…

Fri Jan 22 2021

Introducing Postman Security Scans

According to the 2020 State of the API Report, businesses worldwide are becoming more reliant on APIs for their day-to-day work. And with the increasing number of APIs made available for public consumption today, it’s extremely important that any linked API documentation and saved examples demonstrating how to use an API don’t contain sensitive information…