Transcript
Hi Mike Matchett with Small World Big Data. We are here at RSAC 2025 live. We are talking to all the latest and greatest cybersecurity vendors. We are now talking to Traceable up here about more application security paradigms and models and domains and what you're doing. Uh, so would you introduce yourself? Uh, first of all, thank you for having me, Mike. Uh, my name is Sudeep Reddy. I'm the senior director of product management at Traceable by Harness. And, uh, we are an AI ready appsec platform. All right, all right, we're gonna have to unpack that a little bit. Okay, so I understand what application security is. Uh, are we. Let's just take that. Are we are we talking about security? Uh, for application developers or people who are building applications? So we are a AI native DevSecOps platform. So what I mean by that is DevSecOps. So security is embedded in every phase of the SDLC all the way from design to runtime. So we offer security at every phase of the SDLC and we help developers ship secure code faster. So that's our mission. Okay. So yeah. So app app DevSecOps, right? Is like on the on their on their. So just as a side question, um, we're here obviously at a security conference. So the dev set part is important. Uh, do you find that it's challenging for a lot of companies to merge the application development people with the security people and get to a coherent, uh, plan moving forward? Definitely. Uh, traditionally, there has been a challenge to bring the engineering and security teams together. There was always this friction between security teams coming up with a lot of vulnerabilities, and engineering team doesn't have enough time to fix them. So with harness, which is a DevSecOps platform, there's one platform where security and engineering teams can collaborate more effectively. And it reduces that friction, where security is embedded very early in the life cycle and also in runtime. So it makes developers life easier to ship secure code faster. All right. Tell me a little bit. And we don't have a lot of time today, but just really quickly. What are we talking about when you're looking at application security? Give us some examples. Definitely. So when when you write your code you're trying to understand basically if there are any vulnerabilities in the code. So there's some static scanning that happens at that time. There's also supply chain security where you'd like to understand third party libraries that you're using in your software. And once your code goes through the build process then you look at artifact security. Then once your code is shipped in production, that's where runtime security comes in, where you want to secure your applications and APIs against a wide range of threats from bots and different attackers when your app is actually running live in production. I mean, I like I like the stories about how we're taking and looking at a life cycle approach and not making it different silos either by the time of development versus CI, CD versus deployment. But we're looking at that whole thing together. Code is just getting shipped faster and faster and faster on there. If you look around at the 25,000 people out of here on the show floor. If you wanted them to understand something about traceable, one of the key most message you'd want to get to them, what would you tell them all? Definitely. Uh, the the narrative is harness is an AI native DevSecOps platform that helps software developers ship secure code faster. And we make it easy for developers by embedding security in every phase of the SDLC. Yeah, and that's just you can just keep hammering that message, probably getting that home. Uh, if someone wants to, uh, get started on that, maybe dig a little deeper, uh, particularly from the security side, since it's a security show. Is there something specific you point them at? Definitely. You can visit our website. To learn more about our products and reach out to us for any questions. All right. Thank you so much Sudhir. Thank you. Mike. All right.
