Application Security: the Importance of Collaboration, Automation, and Infrastructure as Code


In Episode S3E4, we talk with Abhay Bhargav, founder of we45 – an Application Security Company and he is also the Chief Research Officer of AppSecEngineer – a hands-on online training platform for AppSec, Cloud-Native Security, Kubernetes Security, and DevSecOps.

We talk about why it’s important to foster a culture of collaboration between security and engineering teams, and what can happen if you don’t collaborate. We discuss the role of automation in DevSecOps and how it can be implemented. Finally, we touch on Infrastructure as Code (IaC). 

Please join us for an interesting conversation.

Abhay Bhargav started his career as a breaker of apps, in pen testing and red-teaming, but today is more involved in scaling AppSec with Cloud-Native Security and DevSecOps

He has created some pioneering works in the area of DevSecOps and AppSec Automation, including the world’s first hands-on training program on DevSecOps, focused on Application Security Automation. In addition to this, Abhay is active in his research of new technologies and their impact on Application Security, specifically Cloud-Native Security. In addition, Abhay has contributed to pioneering work in the Vulnerability Management space, being the architect of a leading Vulnerability Management and Correlation Product, Orchestron, from we45. Abhay is also committed to Open-Source and has developed the first-ever Threat Modeling solution at the crossroads of Agile and DevSecOps, called ThreatPlaybook.

Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA, EU, and AppSecCali. His trainings have been sold-out events at conferences like AppSecUSA, EU, AppSecDay Melbourne, CodeBlue (Japan), BlackHat USA, SHACK, and so on. He’s authored two international publications on Java Security and PCI Compliance as well.

Click the image below to listen to this episode on Brilliance Security Magazine Podcast.


Steven Bowcut is an award-winning journalist covering cyber and physical security. He is an editor and writer for Brilliance Security Magazine as well as other security and non-security online publications. Follow and connect with Steve on Twitter, Facebook, Instagram, and LinkedIn.