Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application Security space - as well as enabling “Cyber Curious” developers to get involved in the Application Security process at their organizations. To a lesser extent, we hope to arm Security Managers and Executives with the knowledge to be conversational in the realm of DevOps - and to provide the right questions to ask their colleagues in development, along with the metrics to think critically about the answers they receive.
https://securityweekly.com/category-shows/application-security-weekly/
recommended podcasts
Thunderdome Technique - ASW #131
This week, in the first segment, Mike, Adrian, and John discuss Threat Modeling! We threat model every day without realizing it. And, of course, we often threat model with systems and products within our organizations. So how formal does our approach...
Black Friday - ASW #130
This week, we welcome Rickard Carlsson, Co-founder & CEO at Detectify, to talk about Automated Hacker Knowledge! In the Application Security News, The Platypus Attack Threatens Intel SGX, a Revitalized Attack Makes for Sad DNS, Bug Hunter Hits DOD...
Snowy Clouds - ASW #129
This week, we have the pleasure to welcome back Keith Hoodlet, Senior Manager, Application Experience at Thermo Fisher Scientific, and former Host of Application Security Weekly, to discuss how Security Is a Feature! In the Application Security News,...
Exploding Decompression - ASW #128
This week, we welcome Alfred Chung, Sr. Product Manager at Signal Sciences, to discuss Azure App Service & Cloud-Native Signal Sciences Deployments! In the Application Security News, Lax IoT security exposes smart-irrigation systems, Adobe Flash...
The Spookiest Month - ASW #127
This week, we welcome Cesar Rodriguez, Head of Developer Advocacy at Accurics, to talk about Cyber Resiliency Through Self-Healing Cloud Infrastructure! In the Application Security News, NSA publishes list of top vulnerabilities currently targeted by...
Way Over My Head - ASW #126
This week, we welcome Taylor McCaslin, Security Product Manager at GitLab, to discuss current trends in the application security testing industry! In the Application Security News, Patch Your Windows - “Ping of Death” bug revealed, 800,000...
Still Raging - ASW #125
This week, we welcome James Manico, CEO at Manicode Security, to talk about Application Security Best Practices! In the Application Security News, Redefining Impossible: XSS without arbitrary JavaScript, API flaws in an "unconventional" smart device,...
The Laughing Isn't Helping - ASW #124
This week, we welcome Chris Romeo, CEO at Security Journey, to discuss Things Every Developer Should Know About Security! In the Application Security News, DOMOS 5.8 - OS Command Injection, 4G, 5G networks could be vulnerable to exploit due to...
Hot Off the Press - ASW #123
This week, Mike, Matt, and John talk about The Difference Between Finding Vulns & Securing Apps! In the Application Security News, 6 Things to Know About the Microsoft 'Zerologon' Flaw, You can bypass TikTok's MFA by logging in via a browser,...
One Love, One Fuzz - ASW #122
This week, we welcome Justin Massey, Product Manager, Security Monitoring at Datadog, to discuss Visualizing and Detecting Threats For Your Custom Application! In the Application Security News, Microsoft announces new Project OneFuzz framework, an...