Security has spent years trying to influence engineering through policies, champions, and persuasion, and mostly losing. Platform engineering changes that equation.

In this episode, Sam talks with Giovanna Faso, VP of Engineering at Dashlane, about why security is one of the fastest-growing forces inside the platform engineering movement, and why “begging teams to care” no longer works at scale.

Drawing on years of leading platform and security-adjacent teams, Gio explains how platform engineering turns security from a social problem into a structural one: baking guardrails into templates, standardizing incident response, and replacing tribal knowledge with shared systems that actually stick.

They unpack the real gaps between DevOps and platform engineering, why tooling was never the hard part, and how centralized platforms finally make DevSecOps operable in large, complex organizations. The conversation also explores the human side of security; the burnout, regulatory pressure, and legacy risk security teams carry, and why better relationships matter as much as better architecture.

In the second half, they zoom out to AI: why security teams are rightly cautious, why experimentation feels chaotic right now, and how platform engineering can be the stabilizing layer between “too strict” governance and reckless AI adoption.

In this episode:

Why security champion programs usually fail

How platform engineering removes security from persuasion politics

DevOps vs platform engineering: principles vs operating models

Incident response, standardization, and the end of tribal knowledge

Why security teams are perceived as “too strict”, and what they’re actually carrying

How to align developers, product managers, and security around shared constraints

AI governance, guardrails, and why “it’s all happening too fast”

Platform engineering as the human interface to security complexity