Application Security Weekly (audio)

  • Autor: Vários
  • Narrador: Vários
  • Editor: Podcast
  • Duración: 407:51:41
  • Mas informaciones

Informações:

Sinopsis

Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organizations Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you arent a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application Security space - as well as enabling Cyber Curious developers to get involved in the Application Security process at their organizations. To a lesser extent, we hope to arm Security Managers and Executives with the knowledge to be conversational in the realm of DevOps - and to provide the right questions to ask their colleagues in development, along with the metrics to think critically about the answers they receive.

Episodios

  • Exceedingly Happy - ASW #81

    22/10/2019 Duración: 01h10min

    This week, we welcome Doug Coburn, Director of Professional Services at Signal Sciences, discussing Containers, Layer 7, and Application Security! In the Application Security News, From Stackoverflow to CVE, with some laughs along the way, Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise, Recent Site Isolation improvements in Chrome, policy_sentry is an IAM Least Privilege Policy Generator, auditor, and analysis database, and much more!   Show Notes: https://wiki.securityweekly.com/ASWEpisode81 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • Spaghetti Code - ASW #80

    15/10/2019 Duración: 01h05min

    This week, we welcome Francois Lacelles, Field CTO of Ping Identity for an interview! In the Application Security News, Key takeaways from Imperva breach, From Automated Cloud Deployment to Progressive Delivery, Designing Your First App in Kubernetes: An Overview Food for Thought, Autonomy and the death of CVEs?, and AppSec 'Spaghetti on the Wall' Tool Strategy Undermining Security!   To learn more about Ping Identity, visit: https://securityweekly.com/ping Visit https://www.securityweekly.com/asw for all the latest episodes!   Show Notes: https://wiki.securityweekly.com/ASWEpisode80 Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly  

  • A Sea of Orange - ASW #79

    08/10/2019 Duración: 01h15min

    This week, Mike, Matt, and John talk about Cloud Security for Small Teams! In the Application Security News, Ex-Yahoo Engineer Abused Access to Hack 6,000 User Accounts, American Express Insider Breaches Cardholder Information, How a double-free bug in, WhatsApp turns to RCE, Flare-on 6 2019 Writeups, and Five Trends Shaping the Future of Container Security!   Show Notes: https://wiki.securityweekly.com/ASWEpisode79 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly  

  • The Notorious Bucket - ASW #78

    01/10/2019 Duración: 01h03min

    This week, we welcome Ryan Kelso, Application Security Engineer at 10-Sec, Inc., to discuss Information Disclosure Vulnerabilities! In the Application Security News, Threat Actors Use Percentage-Based URL Encoding to Bypass Email Gateways, Intelligent Tracking Prevention 2.3 and a discussion to Limit the length of the Referer header with some background on Browser Side Channels, Serverless Security Threats Loom as Enterprises Go Cloud Native, and much more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode78 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • Something Should Exist - ASW #77

    23/09/2019 Duración: 01h08min

    This week, we welcome Nicolas Valcarcel, Security Engineer at NextRoll! In the Application Security News, BSIMM10 Emphasizes DevOps' Role in Software Security and the BSIMM10 report, Crowdsourced Security & the Gig Economy, Lessons learned through 15 years of SDL at work, Software eats the world, jobs double US employment growth rate, and more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode77 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • Pick Your Example - ASW #76

    16/09/2019 Duración: 01h13min

    This week, we welcome Jay Durga, IT Architect at CIRCOR International, to discuss the excel tool he developed, and how it can be used to measure metrics or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process! In the Application Security News, Simjacker Next Generation Spying Over Mobile, Intel CPUs Vulnerable to Sensitive Data Leakage in NetCAT Attack and NetCAT: Practical Cache Attacks from the Network, What is PSD2? And how it will impact the payments processing industry, Better Together: Why Software-Development Toolmakers Should Embrace Integration, and more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode76 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • The Man With A Plan - ASW #75

    10/09/2019 Duración: 01h11min

    Ty Sbano is the Cloud Chief Information Security Officer of Sisense. Ty will be discussing Tools in the DevOps Pipeline, Component Analysis, and Anything Application Security! ***** A very deep dive into iOS Exploit chains found in the wild followed by Heap Exploit Development, Twitter turns off SMS texting after @Jack hijacking, CVE-2019-15846: Unauthenticated Remote Command Execution Flaw Disclosed for Exim, 7 Steps to Web App Security, Fuzzing 101: Why Bug Hunters Still Love It After All These Years, and more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode75 Visit https://www.securityweekly.com/asw for all the latest episodes!

  • Still Alive - ASW #74

    27/08/2019 Duración: 01h06min

    This week, we welcome Pawan Shankar, Senior Product Marketing Manager of Sysdig! In our second segment, we air two pre-recorded interviews with Azi Cohen, Co-Founder of WhiteSource, and Jeff Hudson, CEO of Venafi from BlackHat USA 2019!   To learn more about Sysdig, visit: https://securityweekly.com/sysdig Full Show Notes: https://wiki.securityweekly.com/ASW_Episode74   Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • The Dark Data - ASW #73

    20/08/2019 Duración: 01h21min

    This week, in the Application Security News, HTTP/2 Denial of Service Advisory with seven vulns that affects the protocol implemented by several vendors, SSH certificate authentication for GitHub Enterprise Cloud works well with tools like Sharkey and BLESS, Polaris Points the Way to Kubernetes Best Practices, and much more! In our second segment, we air three pre-recorded interviews from Black Hat 2019, with Ameya Talwalker from Cequence, Mark Batchelor from PING Identity, and Michael Krueger from NowSecure!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode73 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • Highly Distributed - ASW #72

    14/08/2019 Duración: 01h04min

    This week, Mike Shema and Matt Alderman discuss Hacker Summer Camp as the Security Weekly team has returned from Las Vegas all in one piece! In the Application Security News, From Equifax to Capital One: The problem with web application security, Apple extends its bug bounty program to cover macOS with $1 million in rewards, Azure Security Lab: a new space for Azure research and collaboration, Awarding Google Cloud Vulnerability Research, and more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode72 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/asw for all the latest episodes!

  • Off Guard - Application Security Weekly #71

    30/07/2019 Duración: 01h14min

    This week, in the Application Security News, Rare Steganography Hack Can Compromise Fully Patched Websites, Bug Bounties Continue to Rise as Google Boosts its Payouts, Snyk Acquires DevSecCon to Boost DevSecOps Community, and much more! In our second segment, we welcome Murray Goldschmidt, COO & Co-founder of Sense of Security, to talk about The State of Container Security in the Enterprise!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode71 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • Help Us! - Application Security Weekly #70

    23/07/2019 Duración: 01h05min

    This week, we welcome Ian Eyberg, CEO of NanoVMs! In the Application Security News, detecting malware in package manager repositories, Attacking SSL VPN, Solving Digital Transformation Cybersecurity Concerns With DevSecOps, How I Could Have Hacked Any Instagram Account, Tracking Anonymized Bluetooth Devices and Bluetooth Bug, and more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode70 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • Paving the Road - Application Security Weekly #69

    16/07/2019 Duración: 01h14min

    This week, we welcome Gururaj Pandurangi, Founder and CEO of Cloudneeti, to discuss Security in Multi-Cloud Environments! In the Application Security News, yes, the Zoom thing, 50 ways to leak your data in 1,300 popular Android apps access data, without proper permissions, GE Aviation exposed internal configs via open Jenkins instance, and more!   To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti Full Show Notes: https://wiki.securityweekly.com/ASW_Episode69   Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • Wise Words - Application Security Weekly #68

    09/07/2019 Duración: 01h04min

    This week, Mike Shema, John Kinsella, and Matt Alderman talk Cloud Native from an application perspective! In the Application Security News, WordPress Plugin WP Statistics Patches XSS Flaw, Three RCEs in Android's Media framework, Nine Best Practices For Integrating Application Security Testing Into DevOps, 6 Traits That Define DevSecOps, and much more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode68 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • Everybody Learns Differently - Application Security Weekly #67

    02/07/2019 Duración: 01h04min

    This week, Mike Shema, John Kinsella, & Matt Alderman discuss security training for Devs! In the Application Security News, GKE improves authentication with Workload Identity, AWS reinforce reveals traffic tools and security solutions that improve support for DevOps, Brief history of Trusted Execution Environments, From the Enterprise's Project: How to Explain Service Mesh in Plain English, and Developers and Security Teams Under Pressure to Collaborate!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode67 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • Breaking Down the Walls - Application Security Weekly #66

    25/06/2019 Duración: 01h05min

    This week, Matt, John, and Mike discuss a guide to API Security! They also discuss Public vs. Private APIs, and if the best practice should be segregation of the two! In the Application Security News, Mozilla pushes a patch onto an Array, Netflix shares a stream of patches, Breach to bankruptcy for healthcare company, Osquery becomes a foundational tool, Avoiding DevOps dangers, and Assigning DevOps directions!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode66 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • Buzzword Bingo - Application Security Weekly #65

    18/06/2019 Duración: 01h09min

    This week, we interview Shannon Lietz, the Director Information Security at Intuit, to talk about DevOps! In the Application Security News, there's no escape that will save you..., the privilege of running a Chrome extension, and Four practices towards DevSecOps!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode65   Visit https://www.securityweekly.com/asw for all the latest episodes! Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly

  • Everyone Looks Smart - Application Security Weekly #64

    11/06/2019 Duración: 01h09min

    This week, we welcome Tanya Janca, also known as SheHacksPurple, a senior cloud advocate for Microsoft, specializing in application, cloud security, and more! Tanya is joining us on the show to talk about DevSecOps and Securing Software Supply Chains! In the Application Security News, "Waiting for the worms to come." -- Pink Floyd and RDP's CVE-2019-0708. Even the NSA warns about the population of exposed systems, A patch commands attention for mail servers, In macOS Catalina and iOS 13, Apples finds a way to find devices and not lose privacy, iOS App Transport Security has strong benefits, but weak adoption, and much more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode64 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • Rainbows - Application Security Weekly #63

    04/06/2019 Duración: 57min

    This week, Mike and John delve into some DevSecOps topics. They discuss good design patterns that emerged from cloud native environments, Kubernetes and containers, and building blocks of unique services in the AppSec world. In the Application Security News, Duo reveals a path from a Docker container to its host, Google fumbles some password functionality, GitHub makes dependency tracking more dependable, and more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode63 Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

  • Third Degree Sunburns - Application Security Weekly #62

    21/05/2019 Duración: 01h03min

    This week, we welcome Cody Wood, AppSec Product Support Engineer at Signal Sciences! In the AppSec News, Cisco Expressway goes off path and a Cisco IOS XE vuln goes for emojis, More erosion of CPU data boundaries, RDP patches a pre-auth problem and even resuscitates a patch process for XP, Microsoft's Attack Surface Analyzer gives DevSecOps teams more data, Clear design goals for better privacy and security, and Google Security blogs that basics are best!   To get involved with Signal Sciences, visit: https://securityweekly.com/signalsciences Full Show Notes: https://wiki.securityweekly.com/ASW_Episode62 Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

página 15 de 19