Talk: “Why Devs Struggle with Application and API Security”
We've all heard the buzz around pushing application security into the hands of developers, but if you're like most companies, it has been hard to actually make this a reality. You aren't alone - putting the culture, processes, and tooling into place to make this happen is tough. Join Stackhawk CSO Scott Gerlach as he shares his triumphs and failures while building devsecops practices and tools at companies such as godaddy, sendgrid, and Twilio. Dig into specific reasons why developers struggle with appsec and what you can do to make it work better.

Scott Gerlach
CSO and Co-founder
StackHawk
Interested in Postman Galaxy 2022?
Join the mailing list for the latest Galaxy updates.
View More Talks from Postman Galaxy
From the Postman blog
What is JWT?
JWT, which stands for JSON Web Token, is an open standard for securely sharing JSON data between parties. The data is encoded…
Read more →Introducing Atlassian’s ASAP authentication in Postman
In the ever-evolving landscape of API development and testing, Postman aims to consistently ensure you have the right set of tools for…
Read more →What is PKCE?
PKCE, which stands for “Proof of Key Code Exchange” and is pronounced “pixy,” is an extension of the OAuth 2.0 protocol that…
Read more →