New software code is released almost as fast as new ideas are conceived in the tech industry. While this growth is necessary, it makes web applications rather vulnerable places online, as these are exposed to the online world and easily targeted. It's time to find better methods to address application security.

In this podcast, freelance analyst Bob Tarzey talks to Rapid7's Ben Glass, Manager of Enterprise Security Consulting, and Jay Paz, Director of Penetration Testing and Consultant Development, about finding better methods to address application security and building better code.

New software code is released almost as fast as new ideas are conceived in the tech industry. This makes web applications some of the most vulnerable places online, as these are exposed to the online world and easily targeted.

In the previous episode, Bob Tarzey spoke to Rapid7's Ben Glass and Jay Paz, Manager of Enterprise Security Consulting and Director of Penetration Testing and Consultant Development, respectively, about building better code to stay secure.

In this second podcast Bob, Jay and Ben look at some of the supporting technology to avoid vulnerability in companies. This includes the testing of code before releasing it, the testing of deployed software, and finding safer guides to build better and stronger software.

With organizations poised to spend more than $5B+ on endpoint security software this year, it raises the question: What should enterprises be asking from security vendors, and how can they parse signal from all the marketing noise?

In this three-part podcast series, hosted by freelance analyst Bob Tarzey, he speaks to Ian McShane who as a former Gartner analyst focuses on the endpoint security market. Ian McShane has written extensively about the failure of antivirus vendors to defend against modern attacks, and the marketing hype surrounding “next-gen” antivirus.

Part 1 - How Endpoint Security Got To Now

In this podcast, Bob Tarzey talks to VP and endpoint security expert from Endgame, Ian McShane. They discuss the history of endpoint security, the failings of signature-based anti-virus and how it is integral for all organizations.