In this episode of Ctrl-Alt-Secure, Valentina Flores, CEO of Red Sentry, sits down with Brianna Martinson, Director of Engineering at Tepia, to explore what it truly means to build secure, resilient systems around humans — not in spite of them.

Brianna shares how her background as a longtime developer shapes Tepia’s people-first engineering philosophy. Rather than treating software as isolated features, Tepia partners with clients to understand entire system flows, user behavior, and business constraints — especially when working with complex or legacy environments.

The conversation dives into why “user error” is often a design failure, how discovery and design should be just as rigorous as development, and why tiny usability decisions can make or break adoption and security outcomes. Brianna and Valentina also discuss holistic system thinking, DevOps principles, microservice architecture, and the emotional realities teams face when legacy tech becomes a liability.

The episode closes with a candid discussion on why leaning into discomfort — even when it risks short-term losses — leads to stronger trust, better systems, and more meaningful impact.

Key topics covered:

• Why human-centered design improves security outcomes
• The hidden risks of blaming users instead of systems
• Designing intuitive systems that people actually use
• Navigating legacy code, technical debt, and hard rebuild decisions
• Holistic engineering, DevOps, and microservice architecture
• Why doing things “the right way” builds long-term trust over short-term profit

Who should listen:
This episode is ideal for engineering leaders, security professionals, product teams, founders, and anyone building or securing complex systems where humans, technology, and business intersect.

About Ctrl-Alt-Secure
Ctrl-Alt-Secure is brought to you by Red Sentry, a human-led, tech-powered penetration testing firm helping companies identify and fix vulnerabilities before attackers can exploit them.

🔗 Learn more about Tepia: https://tepia.co/
🔗 Contact Red Sentry

Find more about Red Sentry.

In this episode of Ctrl-Alt-Secure, Valentina Flores sits down with Timothy Shields, Partner at Kelley Kronenberg, to unpack what data privacy law really looks like when it meets real-world technology, security, and business constraints.

Timothy brings a rare perspective to privacy law, having started his career as a software developer and academic before becoming a tech and data privacy attorney. That technical background shapes how he advises companies today—moving away from unrealistic “zero-risk” thinking and toward practical, defensible decision-making.

The conversation explores where organizations most often misunderstand data privacy requirements, why documentation and intent matter as much as tools, and how companies can reduce legal exposure before something goes wrong. Valentina and Timothy also discuss breach response, AI-related legal risk, and why small companies are just as exposed as large enterprises.

Key topics covered in this data privacy episode:

• Why legal risk in tech is rarely “zero risk” — and why that mindset fails
• How a technical background changes the way privacy law is applied in practice
• Common privacy blind spots engineers and executives overlook
• The biggest legal mistakes companies make after a breach
• Why proactive security testing and planning matter more than perfection
• The critical role of documentation when regulators or courts get involved
• Why not doing what you said you would do creates more liability than getting breached
• Where AI liability is headed and what companies should be doing now
• Why “we’re too small to be a target” is one of the most dangerous privacy myths

Who should listen?

This episode is essential for founders, executives, legal teams, engineers, security leaders, and anyone responsible for handling customer data, building software, or managing cyber risk. If your company collects, processes, or stores data—or is experimenting with AI—this conversation offers practical guidance you can actually act on.

About Ctrl-Alt-Secure

Ctrl-Alt-Secure is brought to you by Red Sentry, a human-led, tech-powered penetration testing firm helping companies identify and fix vulnerabilities before attackers can exploit them.

🔗 Learn more about Kelly Kronenberg: https://www.kelleykronenberg.com/
🔗 Contact Red Sentry

Find more about Red Sentry.

In this episode of Ctrl-Alt-Secure, Valentina Flores sits down with Madison Morrow, Director of Business Development at Blue Sages, and Farshad Esnaashari, a medical device full–lifecycle consultant, to break down one of the most urgent topics in the med-tech industry: cybersecurity requirements for FDA medical device submissions.

The conversation explores why the FDA is increasing its cybersecurity expectations, the most common mistakes manufacturers make, and how device makers can integrate security early in the product lifecycle. Madison explains how Blue Sages supports medical device companies through engineering best practices, software documentation, testing, and compliance, while Farshad brings over 30 years of experience in architectural security, risk management, and interpreting FDA cybersecurity guidance.

Key topics covered in this FDA cybersecurity episode:

• Why cybersecurity must start early in medical device design (not at the end)
• What the FDA now expects: SPDF, SBOM, traceability, threat modeling, and vulnerability management
• Why shallow SBOMs, missing traceability, and late pentesting delay submissions
• How penetration testing and offensive security strengthen FDA submissions
• Practical guidance for med-tech startups balancing speed, safety, and compliance
• How AI introduces new cybersecurity risks in medical devices and what the FDA expects for model updates, rollback plans, and integrity checks

Who needs this episode?

This discussion is essential for anyone involved in medical device development, regulatory submissions, FDA compliance, cyber risk, software validation, or connected device security. If you’re preparing a 510(k), De Novo, or PMA submission in 2025–2026, this episode gives you a clear roadmap of what to prioritize.

About Ctrl-Alt-Secure

Ctrl-Alt-Secure is brought to you by Red Sentry, a human-led, tech-powered penetration testing firm helping companies identify and fix vulnerabilities before attackers can exploit them.

🔗 Connect with Blue Sages to explore their engineering and regulatory support for medical device companies: https://www.bluesages.com/

🔗 Contact Red Sentry: https://redsentry.com/contact

Find more about Red Sentry.