Michael Louis grew up in South Africa, spending the first 25 years of his life there. From a young age, and being surrounded by an entrepreneurial family, he was always curious. He got into robotics and coding early, and stayed competitive and active as he grew up. Outside of tech, he loves to play squash, workout in CrossFit, run, and do anything where he has an opponent. Also, per South Africa culture, he enjoys spending time with friends at any social event involving drinking.

Michael built a successful eCommerce company, where you could order different items from stores and have them delivered. Because the margins in eCommerce are low, he and his team wanted to figure out how they could optimize their operation using machine learning. The tools out there weren't ideal, and the process was hard - but they did revolutionize their operation. Post exit, he decided to build a solution that made this optimization process easier.

This is the creation story of Cerebrium.

Sponsors

• Speakeasy
• QA Wolf
• SnapTrade

Links

• https://www.cerebrium.ai/
• https://www.linkedin.com/in/michael-louis-94104a113/

Pablo Ruiz-Múzquiz has a background in physics and computer science. At some point, he decided to ditch the science and pursue open source, which is what got him started on his 20 year passion for tech. Outside of tech, he longs to feel like a useful member of society and engages in extracurricular projects to support this. He also is into traditional archery - IE wood bow and arrows - and finds joy in connecting with the old way of doing things. He also enjoys gardening and reading, of which, fantasy is one of his favorite genres.

Pablo built a company called Kaleidos, which aids in the creation of software solutions. They hold a core belief that there should be a close connection between designers and developers. What they found in the tooling to support these disciplines is that they weren't built to embrace this concept. So, they decided to incubate a product, and make it open source.

This is the creation story of Penpot.

Sponsors

• Speakeasy
• QA Wolf
• SnapTrade

Links

• https://penpot.app/
• https://www.linkedin.com/in/pruizmuzquiz/
• https://elenya.net/
• https://kaleidos.net/

William Neill had an interesting childhood in New Zealand, rooted in being an entrepreneur. As a kid, he helped write business plans with his parents, or build makery stuff for projects. Living this type of childhood, combined with the creativity of music, it started a lifelong trend of building businesses and products. Rooted in his love for being an entrepreneur, he has always longed for a flexible life, to keep him present for his young family, and to allow for the option to travel. He loves spending time with his kids on the beach, and exploring the country as a family.

William and his co-founder met in a coffee shop in London. As they were chatting about prior projects, they figure out there was a lot of overlap in the things they were interested in. Eventually, they returned and built some solutions together - and off the back of a prior wishlist project, they decided to make an online shopping cart to end all others.

This is the creation story of Basket.

Sponsors

• Speakeasy
• QA Wolf
• SnapTrade

Links

• https://www.trybasket.com/
• https://www.linkedin.com/in/willneill/

Rohith Varanasi grew up in Jersey and had a chill childhood, playing videos games and sports from a young age. He wanted to learn how to build a video game, and upon googling it, decided he should build a website first. At that point.. he was hooked on coding. He got into jailbreaking the playstation and writing real code to mod games. Eventually, he got into hackathons and ended up building a web browser based on SMS called Cosmos - which went viral. Outside of tech, he is into paddle, loves going to the gym, and hanging with his girlfriend and their 1 year old cat.

Ro and his co-founder have been building a bunch of different consumer products. The latest product they built allows people to earn in game rewards by walking, and do so in a non-deterministic way. Under the hood, they are using generative AI to create endless outcomes, and optimal replay-ability.

This is the creation story of Block Party.

Sponsors

• Speakeasy
• QA Wolf
• SnapTrade

Links

• https://blockparty.game
• https://www.linkedin.com/in/brohith/

Jason Harbert grew up in the middle of nowhere, Ohio. He got into video games, which led him into programming... which led him to Linux and internet security and joining the hacking club. He studied computer science at the University of Cincinnati, but left his senior year to hit the startup scene in the Bay Area. Outside of tech, he lives in Ohio, and is married with a 13 month old son. He loves to travel, and spend time with his family, trying new restaurants.

Jason and his co-founder, Ben, were having a beer, coming out of their prior startup life. Over the beer, Ben was sharing some stories about tight warehouse space and product distribution. They started to ask the question - how can you add flexibility to warehousing? They decided to set out and build something to create this solution.

This is the creation story of Flowspace.

Sponsors

• Speakeasy
• QA Wolf
• SnapTrade

Links

• https://flow.space/
• https://www.linkedin.com/in/jason-harbert/

The Haunted House of API's

Today, we are releasing another episode for Cybersecurity Awareness month, in our series entitled the Haunted House of API’s, sponsored by our friends at Traceable AI. In this series, we are building awareness around API’s, their security risks – and what you can do about it. Traceable AI is building One Platform to secure every API, so you can discover, protect, and test all your API's with contextual API security, enabling organizations to minimize risk and maximize the value API's bring to their customers.

A Portal to the Beyond: Securing Gen AI and other Third-Party APIs in Your Applications

Today’s episode is titled A Portal to the Beyond: Securing Gen AI and other Third-Party APIs in Your Applications, with Allison Averill. Developers are building exciting new features with Gen AI, often leveraging 3rd party APIs. Doing this isn’t new, but are these integrations secure? These APIs open a portal to the beyond – and introduce supply chain risk to your applications. Allison is a Generative AI and product management expert at Traceable, and she will explore the risks lurking in generative AI and other 3rd party APIs, sharing best practices for securing these integrations, so you can ensure they don’t become the stuff of security horror stories.

1. How are application developers leveraging 3rd party APIs today, and how is the landscape changing?
2. How do third-party APIs introduce risks to applications and what are some common mistakes organizations make when integrating with third party APIs?
3. How are generative AI APIs different from other third party APIs? What unique risks do they introduce?
4. Have you encountered any 'nightmare' scenarios where an insecure third-party API caused a security incident?
5. What best practices should organizations follow to ensure secure integrations?
6. How can organizations balance the need for innovation with the necessity of maintaining strict security controls when working with external partners?

Sponsors

• Traceable

Links

• https://www.traceable.ai/
• https://www.linkedin.com/in/allisonaverill/

The Haunted House of API's

Today, we are releasing another episode for Cybersecurity Awareness month, in our series entitled the Haunted House of API’s, sponsored by our friends at Traceable AI. In this series, we are building awareness around API’s, their security risks – and what you can do about it. Traceable AI is building One Platform to secure every API, so you can discover, protect, and test all your API's with contextual API security, enabling organizations to minimize risk and maximize the value API's bring to their customers.

Phantom Threats: The Ghosts Haunting Your API Security

Today’s episode is titled Phantom Threats: The Ghosts Haunting Your API Security, with Adam Arellano. API security threats often go unnoticed, hiding like ghosts in your infrastructure. Bots, sophisticated fraud attempts, account takeovers and attackers disguising themselves within legit traffic… these all pose risk to your organization, and can bypass traditional security measures, wreaking havoc without detection – until it’s too late. Adam is a tech advisor, Global CISO at Traceable, and will guide listeners through the world of phantom threats haunting API security.

1. What are "phantom threats" in the context of API security, and how do they go undetected?
2. Can you explain how advanced botnets and fraud attempts exploit APIs while blending into legitimate traffic?
3. Do you have a real-world example of a phantom threat that caused significant damage to an organization?
4. What makes detecting these phantom threats so challenging, and why do traditional security measures often fail?
5. What are the best strategies or technologies organizations can adopt to detect and eliminate these hidden threats before they cause harm?

Sponsors

• Traceable

Links

• https://www.traceable.ai/
• https://www.linkedin.com/in/adamrossarellano/

Shashwat Sehgal has been in the tech industry broadly for 15 years. He started out as an engineer, but eventually, worked his way towards product and the business side. Outside of tech, he enjoys spending time with his family. He's into sports, loves to play tennis, but admits he hasn't played pickle ball yet because the courts are always booked. He also enjoys reading, in particular historical narratives or autobiographies.

In his prior years, Shashwat noticed that developers spend a large amount of time securing business assets in the cloud. He dreamt of a world where this was just an abstraction layer on top of the cloud, making it easier for developers to complete the task.

This is the creation story of P0 Security.

Sponsors

• P0 Security
• Speakeasy
• QA Wolf
• SnapTrade

Links

• https://p0.dev/
• https://www.linkedin.com/in/shashwatsehgal/

The Haunted House of API's

Today, we are releasing another episode for Cybersecurity Awareness month, in our series entitled the Haunted House of API’s, sponsored by our friends at Traceable AI. In this series, we are building awareness around API’s, their security risks – and what you can do about it. Traceable AI is building One Platform to secure every API, so you can discover, protect, and test all your API's with contextual API security, enabling organizations to minimize risk and maximize the value API's bring to their customers.

The Haunted Web: Navigating API Sprawl and Creepy Crawlers

Today’s episode is titled The Haunted Web: Navigating API Sprawl and Creepy Crawlers, with Traceable’s Chief Security Officer, Richard Bird. As organizations scale and evolve, so does the complexity of their APIs. API sprawl, the uncontrolled expansion of APIs, creates a tangled web where vulnerabilities linger in the shadows. These unseen APIs become “creepy crawlers” of your digital infrastructure, creeping through your systems and posing security risks. Richard will discuss how unmanaged and undocumented APIs contribute to blind spots in security, the risks they create for organizations and the best strategies for securing a sprawling ecosystem.

Discussion questions:

1. Can you explain what we mean by "unknown APIs" and the different types, like shadow, rogue, zombie, and undocumented?
2. Why do these APIs often go unnoticed, and how do they become security risks?
3. What makes these APIs such an attractive target for attackers, and can you share an example of how one has been exploited?
4. How can organizations begin to uncover these hidden APIs, and what tools or strategies are effective in doing so?
5. In your experience, what are some common mistakes organizations make that lead to these unknown APIs being created or overlooked?

Sponsors

• Traceable

Links

• https://www.traceable.ai/
• https://www.linkedin.com/in/rbird/
• https://richardbird.com/

The Haunted House of API's

Today, we are releasing another episode for Cybersecurity Awareness month, in our series entitled the Haunted House of API’s, sponsored by our friends at Traceable AI. In this series, we are building awareness around API’s, their security risks – and what you can do about it. Traceable AI is building One Platform to secure every API, so you can discover, protect, and test all your API's with contextual API security, enabling organizations to minimize risk and maximize the value API's bring to their customers.

The Dark Corners of APIs: Uncovering Unknown APIs Lurking in the Shadows

Our episode today is titled The Dark Corners of APIs: Uncovering Unknown API’s lurking in the shadows, where we speak with Katie Paxton-Fear. APIs are the gateway to your digital infrastructure, but hidden deep in the recesses of your system are unknown APIs – shadow, rogue, zombie, and undocumented API’s. Each of these present a unique threat to your organization and can be exploited by hackers. Katie is an API hacker and researcher, and today, she will take us on a journey through the API graveyards, where hidden APIs lurk, waiting to be exploited – sharing real life examples of how these API’s have been attacked, and best practices for ensuring they don’t become your companies next security nightmare.

Discussion questions:

1. Can you explain what we mean by "unknown APIs" and the different types, like shadow, rogue, zombie, and undocumented?
2. Why do these APIs often go unnoticed, and how do they become security risks?
3. What makes these APIs such an attractive target for attackers, and can you share an example of how one has been exploited?
4. How can organizations begin to uncover these hidden APIs, and what tools or strategies are effective in doing so?
5. In your experience, what are some common mistakes organizations make that lead to these unknown APIs being created or overlooked?

Sponsors

• Traceable

Links

• https://www.traceable.ai/
• https://www.linkedin.com/in/katiepf/
• https://insiderphd.dev/
• Katie's YouTube Channel

The Haunted House of API's

The Witch’s Brew: Stirring Up OWASP Vulnerabilities and API Testing

Today, we are kicking off an amazing series for Cybersecurity Awareness month, entitled the Haunted House of API’s, sponsored by our friends at Traceable AI. In this series, we are building awareness around API’s, their security risks – and what you can do about it. Traceable AI is building One Platform to secure every API, so you can discover, protect, and test all your API's with contextual API security, enabling organizations to minimize risk and maximize the value API's bring to their customers.

In today’s episode, we will be talking with Jayesh Ahire, an expert in API testing and OWASP, will guide us through the "brew" of common vulnerabilities that haunt API ecosystems, focusing on the OWASP Top 10 for APIs. He’ll share how organizations can use API security testing to spot and neutralize these vulnerabilities before they become major exploits. By emphasizing proactive security measures, Jayesh will offer insights into creating a strong API testing framework that keeps malicious actors at bay.

Discussion questions:

1. What are some of the most common vulnerabilities in APIs that align with the OWASP Top 10, and why are they so dangerous?
2. Why is API security testing crucial for detecting these vulnerabilities early, and how does it differ from traditional security testing?
3. Can you share an example of how an overlooked API vulnerability led to a significant security breach?
4. How can organizations create an effective API testing framework that addresses these vulnerabilities?
5. What tools or methods do you recommend for continuously testing APIs and ensuring they remain secure as they evolve?

Sponsors

• Traceable

Links

• https://www.traceable.ai/
• https://www.linkedin.com/in/jayesh-ahire/
• https://owasp.org/