ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Ep 23: How to bootstrap your AppSec program"
Episode Synopsis
On this episode of Masters of Data, Adam sits down with Zoe Hawkins and David Girvin to talk AppSec programs that don't suck. David's hot take from his 1Password and Red Canary days? AppSec is a people problem, not a tooling problem—stop being the person devs dodge at standup. We cover the essentials: build relationships first, threat model based on actual business risk (not your anxiety), and ditch the "shift left" obsession with scanning everything. Instead, start with offensive testing that finds vulnerabilities attackers can actually exploit.
More episodes of the podcast Masters of Data
Ep 25: 2025 Reflections & 2026 Predictions
13/01/2026
Ep 21: How to start a threat program
02/12/2025
Ep 20: re:Invent FOMO? Dojo AI demo
01/12/2025
Ep 17: Capture the flag workshop
11/11/2025
Ep 15: Beginner's guide to security tools
21/10/2025
In God we trust