Today, I'm joined by Jamie Scott, a recovering cybersecurity practitioner turned founding product manager at Endor Labs. Previously, Jamie served as Product Manager of Security at Redis, where he was an active open-source contributor, and as DevSecOps Manager at Cygna Healthcare.

Jamie is also a Certified Information Systems & Cloud Security Professional and continues to contribute to the cybersecurity community. He co-authored several benchmarks and volunteers as a consultant for the Center for Internet Security.

In this episode, we dive into the topic of IDE plugins: Do they help you boost your coding security or just hopeful? Jamie has firsthand experience trying to roll out an IDE security program in his career and shares his perspective, leaning more towards the “hopium” side of things. He’s observed that developers often don't proactively use them, which raises the question—are these tools really effective?

Dive right in!

Connect with Jamie: https://www.linkedin.com/in/james-m-scott-iii/

Connect with Alexandra: https://www.linkedin.com/in/alexandra-charikova/

This podcast is brought to you by Escape: https://escape.tech — Modern DAST built to test for business logic instead of missing headers

Mentioned

CIS Benchmark for NGINX: https://www.cisecurity.org/benchmark/nginx

The Challenger Sale: Taking Control of the Customer Conversation: https://www.amazon.com/Challenger-Sale-Control-Customer-Conversation/dp/1591844355

Shannon Lietz (DevSecOps Lead at Intuit) Keynote in 2016 https://www.youtube.com/watch?v=ru11MSYPBBQ