Episode 238 Sandy is a principal analyst at Forrester advising security and risk professionals on application security, with a particular emphasis on the collaboration among security and risk, application development, operations, and business teams. Janet is a senior analyst at Forrester advising security and risk professionals. She covers product security, proactive security design, securing new development methods, security testing in the software delivery lifecycle, and collaboration between security, development, and product management.   Links https://twitter.com/sandycarielli https://twitter.com/janetworthing https://www.linkedin.com/in/sandra-carielli-251599/ https://www.linkedin.com/in/janet-costello-worthington/   Resources SAST - https://en.wikipedia.org/wiki/Static_application_security_testing DAST - https://en.wikipedia.org/wiki/Dynamic_application_security_testing https://www.dayofshecurity.com/ https://portswigger.net/burp https://owasp.org/ https://safecode.org/ https://www.securecodewarrior.com/ https://risky.biz/ https://reverb.spokenlayer.net/publishers/v1-wired-security https://thecyberwire.com/podcasts/daily-podcast https://www.forrester.com   "Tempting Time" by Animals As Leaders used with permissions - All Rights Reserved × Subscribe now! Never miss a post, subscribe to The 6 Figure Developer Podcast! Are you interested in being a guest on The 6 Figure Developer Podcast? Click here to check availability!