David Mytton on Developer-Centric Security with ArcJet

Summary:

In this episode of Exploring Information Security, host Timothy De Block talks with David Mytton, founder of ArcJet, about enabling developers to build secure applications seamlessly. David shares his journey from running a cloud monitoring business to developing ArcJet, a security-as-code platform that integrates security measures directly into an application's codebase.

They discuss ArcJet's approach to empowering developers with tools for bot detection, rate limiting, and more, all without compromising the developer experience. David and Timothy explore the challenges of bridging the gap between development and security, the philosophy behind "DevSecOps," and how ArcJet addresses real-world issues like bot abuse and API misuse. Whether you're a developer, security professional, or tech enthusiast, this episode offers unique insights into making application security more accessible.

Key Topics Covered

  • What is ArcJet and the problem it’s solving?: A security-as-code platform designed for developers to integrate protections directly into their applications.

  • Developer-Centric Security: How ArcJet enhances security workflows by providing developers with intuitive SDKs and tools.

  • Real-World Use Cases: Stories of companies reducing infrastructure costs and mitigating bot-driven abuse with ArcJet.

  • The Evolution of DevSecOps: Challenges and opportunities in integrating security into the development lifecycle.

  • David's Philosophy: The importance of documentation, user experience, and building tools developers love.

Highlights

  • Developers can start using ArcJet with just a few lines of code.

  • ArcJet helps teams address spam, API abuse, and fraud while focusing on feature development.

  • David's perspective on the state of security tooling and how ArcJet stands out.

Guest Bio

David Mytton is the founder of ArcJet, a security-as-code platform. He previously founded a cloud monitoring business and has extensive experience with developer tools and application security. David is passionate about creating seamless developer experiences and advancing security tooling to meet modern demands.

Links and Resources

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How to build an AppSec Pipeline

In this foundational episode of the Exploring Information Security podcast, Matt Tesauro and Aaron Weaver join me to discuss the AppSec Pipeline.

Matt (@matt_tesauro) and Aaron (@weavera) are the project leads for the OWASP AppSec Pipeline. The project provides resources and guidance for building out your own appsec pipeline within a development team. Building a pipeline is important in helping get security embedded within software.

In this episode we discuss:

  • What is the OWASP AppSec Pipeline

  • How did it get started

  • Who should use the AppSec Pipeline

  • How to implement the AppSec Pipeline