Gary McGraw posted the following to the secure coding mailing list today.
"Episode 6 of the Reality Check security podcast features our own Andy Steingruebl chatting with me about Paypal's software security initiative. This was a fun episode for me, because though I have known Andy for a while I had little insight into his software security initiative. Thanks to Andy for participating!
http://www.cigital.com/realitycheck/show-006/" – Gary McGraw
For those of you who don't know I work on Andy's team and this provides good insight into what I do on a day to day basis (security testing strategy/software security process development/etc…). Due to legal reasons I rarely get to speak about the neat stuff I get to work on but this interview touches on many aspects of it.