Application Security Weekly (Audio)

Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application Security space - as well as enabling “Cyber Curious” developers to get involved in the Application Security process at their organizations. To a lesser extent, we hope to arm Security Managers and Executives with the knowledge to be conversational in the realm of DevOps - and to provide the right questions to ask their colleagues in development, along with the metrics to think critically about the answers they receive.

Eine durchschnittliche Folge dieses Podcasts dauert 1h8m. Bisher sind 263 Folge(n) erschienen. Dies ist ein wöchentlich erscheinender Podcast.

Gesamtlänge aller Episoden: 12 days 7 hours 23 minutes


recommended podcasts

ASW #226 - Marudhamaran Gunasekaran

Breach disclosures from T-Mobile and PayPal, SSRF in Azure services, Google Threat Horizons report, integer overflows and more, Rust in Chromium, ML for web scanning, Top 10 web hacking techniques of 2022 Developers write code. Ideally, secure code....



Throwback Episode - Dev(Sec)Ops Scanning Challenges & Tips - ASW170

We're aren't recording this holiday week, so enjoy this ASW throwback episode! Main host Mike Shema selected this episode to share as it's still relevant to the AppSec community today.    This week, we welcome Nuno Loureiro, CEO at Probely,...



ASW #225 - Dan Moore

Exposed secrets from CircleCI, web hackers target the auto industry, $100K bounty for making Google smart speakers listen, inspiration from Office Space, AWS making better defaults for S3, resources for learning Rust   This segment will discuss...



ASW #224 - Keith Hoodlet

How do you mature a team responsible for securing software? What are effective ways to prioritize investments? We'll discuss a set of posts on building talent, building capabilities, and what mature teams look like. Segment resources: -  ...



ASW #223 - Jeevan Singh

FreeBSD joins the ping of death list, exploiting a SQL injection through JSON manipulation, Apple's design for iCloud encryption, attacks against machine learning systems and AIs like ChatGPT   Threat modeling is an important part of a security...


 2022-12-13  1h20m

ASW #222 - Aviv Grafi

Android platform certs leaked, SQL injection to leaked credentials to cross-tenant access in IBM's Cloud Database, hacking cars through web-based APIs, technical and social considerations when getting into bug bounties, a brief note on memory safety...


 2022-12-06  1h21m

ASW #221 - Kenn White

Crossing tenants with AWS AppSync, more zeros in C++ to defeat vulns, HTTP/3 connection contamination, Thinkst Quarterly review of research, building a research team   MongoDB recently announced the industry’s first encrypted search scheme...


 2022-11-29  1h20m

ASW #220 - Daniel Krivelevich

CosMiss in Azure, $70k bounty for a Pixel Lock Screen bypass, finding path traversal with Raspberry Pi-based emulators, NSA guidance on moving to memory safe languages, implementing phishing-resistant MFA, egress filtering, and how to approach code...


 2022-11-15  1h27m

ASW #219 - Karl Triebes

While APIs enable innovation, they’re increasingly targeted as a pathway to data. API abuses are often carried out through automated attacks, in which a botnet floods the API with unwanted traffic—seeking vulnerable applications and unprotected...


 2022-11-08  1h21m

ASW #218 - Sandy Carielli, Martha Bennett

A critical OpenSSL vuln is coming this Tuesday, a SQLite vuln, Apple blogs about memory safety and bug bounties, determining a random shuffle   The Web3 ecosystem is chock full of applications and projects that have lost money (and their...


 2022-11-01  1h21m