The Voice of Cyberยฎ

KBKAST
Episode 215 Deep Dive: Edwin Kwan | Navigating the Wild West: Tools and Techniques to Assess the Security and Integrity of Open Source Software
First Aired: October 06, 2023

In this episode, we are joined by Edwin Kwan (Head of Application Security and Advisory – Tyro Payments), as he sheds light on the meticulous risk acceptance process and shares his insights on using open source software to build applications swiftly with freely available parts. We explore the challenges of ensuring the security of open source software and the need for due diligence when downloading such software. Edwin raises thought-provoking questions about software verification, maintenance, and security, highlighting the tricky balance between maintaining security protocols and accommodating a wide range of individuals in the workplace.

Stay tuned as we examine the potential risks of using open source software and the complexities of explaining security issues to individuals who may not fully grasp their implications. Edwin shares captivating stories and real-life examples, including incidents where businesses chose to accept high-severity risks rather than investing in their mitigation.

He started out as a software engineer and transitioned into application and information security to lead a range of security initiatives when the company was working towards obtaining an unrestricted banking licence.

He has presented at several events, including RSA, AISA, All Day Dev Ops, AppSec Day, OWASP and DevSecOps Leadership Forums.

Edwin is also a contributing journalist to the It’s 5:05 Podcast, a daily podcast on open source and cybersecurity news.

Help Us Improve

Please take two minutes to write a quick and honest review on your perception of KBKast, and what value it brings to you professionally. The button below will open a new tab, and allow you to add your thoughts to either (or both!) of the two podcast review aggregators, Apple Podcasts or Podchaser.

Share This