Hi, I’m Gerald Benischke and I’m a software engineering consultant. But don’t worry about the consultant bit! I’ve worked with Ooredoo FinTech, Equal Experts, HMRC, MoneySuperMarket, Barclays, MBNA and others spanning over 25 years of engineering in the public, financial and telecoms sectors.I tend to describe myself as both an Agile Fundamentalist and an AppSec Snooper. What does this mean? On the one hand my software development experience has led me to think that the principles of the agile manifesto form the basis of good practices. It boils down to lots of common sense, small steps, learning along the way, not writing code that nobody will want or need and taking processes and procedures with a pinch of salt. As an AppSec Snooper, I have been working to make security more approachable and more pragmatic. You could even say, more agile. The only way to deal with a deluge of supply chain vulnerabilities, bad practices copied from StackOverflow or hallucinated by an LLM is to bring security together with development (this is where the “shift left” buzzword applies). Aside from Agile and AppSec, I’m interested in people, middle-tier services, databases, security automation and functional programming.