A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
http://www.brakeingsecurity.com
2015-021: 24 Deadly Sins: Command injection
We continue our journey on the 24 Deadly Programming Sins. If you listened to last week's podcast, we introduced the book we were using as a study tool:
http://www.amazon.com/Deadly-Sins-Software-Security-Programming/dp/0071626751
This week is on command injection. We first discussed command injection as part of our OWASP Top 10 for 2013, but you'll be surprised just how easy devs compile conditions that allow for command injection into their code as well.