Mitigating at Design Time – Shaun Lamb – ASW #95



In this interview segment, Mike and John interview Shaun Lamb about strategies for how best to design applications so they are “secure by default” and have fewer incidents and vulnerabilities, How DevOps or DevSecOps positively changes the relationship between security and development/operations including: the application design process, security testing, and security education programs, and the security impact of applications moving to a microservices-based architecture running on Docker/Kubernetes and the role of an API Gateway.

Visit for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Mitigating at Design Time


John Kinsella
John Kinsella – Vice President of Container Security
Mike Shema
Mike Shema – Product Security Lead


Shaun Lamb
Shaun Lamb – Principal Application Security Architect


  • Our next webcast is February 13th with Sri Sundaralingam, Vice President, Product and Solutions Marketing at ExtraHop where we will discuss Cloud Native Network Detection and Response! Register for our upcoming webcasts by visiting, selecting the webcast drop down from the top menu bar and clicking registration.
  • Join us at InfoSecWorld 2020 – March 30 – April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
  • Attend RSA Conference 2020, February 24-28 in San Francisco, CA! Visit to sponsor an interview with us on-site at the conference or register using our code to save $150!