Shifting Left and Automating Code Review

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | RSS

TechSpective Podcast Episode 112

In 2000 Marc Andreessen noted software is eating the world. Fast forward a couple decades, and I think it’s fair to say he wasn’t wrong.

Now that pretty much everything is code, and there are billions upon billions of lines of code, it is also more important to identify and resolve issues in the code to prevent or remove vulnerabilities and flaws that might be exploited.

The evolution from Waterfall to Agile to DevOps has dramatically accelerated the development lifecycle. It has also elevated the need for security to “shift left”–to incorporate security and code review earlier in the development process. Code review needs to be woven throughout the development lifecycle rather than a task that is performed at the “end” of development. To be fair, with DevOps principles and software development today, there is no “end.” It’s a self-feeding cycle.

Florian Noeding, Principal Security Researcher at Adobe, joins me on this episode to talk about Project Kodiak–an Adobe initiative that automates code review. We talk about the concept of security-as-code, or quality-assurance-as-code, and the benefits of automating code review.

Check out the full episode to hear more about the need to “shift left” and how automating code review streamlines development and helps ensure that code that goes into production is more secure.

The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer:

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

• About
• Latest Posts

Tony Bradley

Editor-in-Chief at TechSpective

I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 4 dogs, 7 cats, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Twitter, Facebook, Instagram and LinkedIn.

Latest posts by Tony Bradley (see all)

• Cybersecurity Priorities and Challenges for 2024 - April 25, 2024
• Key Insights from Coalition’s 2024 Cyber Claims Report - April 24, 2024
• Unpacking the Marketing Challenges of Small Businesses in 2024 - April 23, 2024