In this episode of SecureTalk, host Justin Beals speaks with Idan Plotnik, co-founder and CEO of Apiiro, about the complexities of application security and innovation. They discuss Idan's career, which began with his early interest in secure computing as an engineer for the Israeli Defence Force. Later, while at Microsoft, Idan was frustrated by the inefficiencies in current application security reviews that slowed down software delivery. Idan explains opportunities to improve the application security posture throughout the software development lifecycle, emphasizing their methods for deep code analysis and extended Software Bill of Materials (SBOMs). The conversation also covers the role of AI in security, the significance of automation, and the integration of graph data models for effectively visualizing and managing security threats.

00:00 Welcome to SecureTalk

00:32 Introduction to Application Security

01:44 Meet Idan Plotnik

02:52 Idan’s Journey in Cybersecurity

04:31 Early Encounters with Computers and Security

08:44 Military Service and Professional Growth

12:19 Founding Apiiro and Innovations in Security

14:06 Challenges in Modern Software Development

15:33 Comprehensive Security Measures

19:47 Understanding the Risk Landscape

24:35 Understanding Risk in Software Architecture

25:30 The Role of AI in Software Security

26:29 Translating Code into Components

27:50 The Importance of Software Inventory

31:47 The Limitations of SBOMs

40:02 Automation in Security Design

46:00 The Power of Graph Data Models

48:35 Conclusion and Final Thoughts