Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application Security space - as well as enabling “Cyber Curious” developers to get involved in the Application Security process at their organizations. To a lesser extent, we hope to arm Security Managers and Executives with the knowledge to be conversational in the realm of DevOps - and to provide the right questions to ask their colleagues in development, along with the metrics to think critically about the answers they receive.
https://securityweekly.com/
recommended podcasts
Breaking Down the Walls - Application Security Weekly #66
This week, Matt, John, and Mike discuss a guide to API Security! They also discuss Public vs. Private APIs, and if the best practice should be segregation of the two! In the Application Security News, Mozilla pushes a patch onto an Array, Netflix...
Buzzword Bingo - Application Security Weekly #65
This week, we interview Shannon Lietz, the Director Information Security at Intuit, to talk about DevOps! In the Application Security News, there's no escape that will save you..., the privilege of running a Chrome extension, and Four practices...
Everyone Looks Smart - Application Security Weekly #64
This week, we welcome Tanya Janca, also known as SheHacksPurple, a senior cloud advocate for Microsoft, specializing in application, cloud security, and more! Tanya is joining us on the show to talk about DevSecOps and Securing Software Supply Chains!...
Rainbows - Application Security Weekly #63
This week, Mike and John delve into some DevSecOps topics. They discuss good design patterns that emerged from cloud native environments, Kubernetes and containers, and building blocks of unique services in the AppSec world. In the Application...
Third Degree Sunburns - Application Security Weekly #62
This week, we welcome Cody Wood, AppSec Product Support Engineer at Signal Sciences! In the AppSec News, Cisco Expressway goes off path and a Cisco IOS XE vuln goes for emojis, More erosion of CPU data boundaries, RDP patches a pre-auth problem and...
The Right Direction - Application Security Weekly #61
This week, Derek Weeks joins us to talk about DevSecOps and Securing Software Supply Chains! Derek is the VP and DevOps Advocate at Sonatype! In the Application News, Chrome constrains the cookies and Edge pushes privacy, Windows builds a sandbox for...
Defense In Depth - Application Security Weekly #60
This week, we welcome Sven Morgenroth, Security Researcher at Netsparker to talk about securing our applications, web applications, and how we can make it easier to build applications! In the AppSec News, Firefox gives more scrutiny to add-ons but...
The Other Side - Application Security Weekly #59
This week, we welcome Larry Maccherone, Senior Director of Comcast, to talk about the world of SecOps vs. DevSecOps! In the Application Security News, Software update gums up fingerprints, a counterproductive security practice expires thanks...
Hacking for Lazy People - Application Security Weekly #58
This week, we welcome Thomas Hatch, the creator of the Salt open source software project, and is the CTO of SaltStack, the company behind Salt! In the Application Security News, Breach at IT outsourcer Wipro, SCP serves the file it wants, Confluence...
Containers and Kubernetes - Application Security Weekly #57
This last week was pretty busy with announcements and presentations from the Google Next Conference. In 2018 they previewed some security tools and this year many of them are now GA along with a lot of other developer-focused services. In the news, 3D...