Application Security Weekly (Audio)

Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application Security space - as well as enabling “Cyber Curious” developers to get involved in the Application Security process at their organizations. To a lesser extent, we hope to arm Security Managers and Executives with the knowledge to be conversational in the realm of DevOps - and to provide the right questions to ask their colleagues in development, along with the metrics to think critically about the answers they receive.

https://securityweekly.com/category-shows/application-security-weekly/

Eine durchschnittliche Folge dieses Podcasts dauert 1h7m. Bisher sind 243 Folge(n) erschienen. Dieser Podcast erscheint wöchentlich.

Gesamtlänge aller Episoden: 11 days 4 hours 53 minutes

subscribe
share






recommended podcasts


ASW #207 - Chen Gour Arie


In today's high-tech industries, security is struggling to keep up with rapidly changing production systems and the chaos that agile development introduces into workflows. Application security (AppSec) teams are fighting an uphill battle to gain...


share








   1h18m
 
 

ASW #206 - Manish Gupta


In our first segment, we are joined by Manish Gupt, the CEO and Co-Founder of ShiftLeft for A discussion of how the changes and advancements in static application security testing (SAST) and intelligent software composition analysis (SCA) have helped...


share








   1h15m
 
 

ASW #199 - Nikhil Gupta


Nikhil will be discussing the pain points that leaders in the application security space are facing, which can cover how software development has evolved, as well as how this has impacted development teams and security teams as well as the occurrence...


share








   1h16m
 
 

ASW #205 - Ferruh Mavituna


Vuln in an Atlassian Confluence app, "Dirty Dancing" in OAuth flows, security audits of sigstore and slf4j, flaws in fleet management app, conducting tabletop exercises.   Pressured by the speed of innovation, organizations are struggling to...


share








   1h16m
 
 

ASW #204 - Larry Maccherone


0-day vulnerabilities pose a high risk because cybercriminals race to exploit them and vulnerable systems are exposed until a patch is issued & installed. These types of software vulnerabilities can be found through continuous detection but even...


share








   1h14m
 
 

ASW #203 - Farshad Abasi


This week in the AppSec News: Apple introduces Lockdown Mode, PyPI hits 2FA trouble, cataloging cloud vulns, practical attacks on ML, NIST's post-quantum algorithms, & more!   Appsec starts with the premise that we need to build secure code,...


share








   1h9m
 
 

ASW #202 - Mike Benjamin


Both GraphQL and template engines have the potential for injection attacks, from potentially exposing data due to weak authorization in APIs to the slew of OGNL-related vulns in Java this past year. We take a look at both of these technologies in...


share








   1h15m
 
 

ASW #201 - IE11 Goes to Zero


This week in the AppSec News: SynLapse shows shell injection via ODBC, Java deserialization example, MFA for Ruby Gems ecosystem, simple flaws in firmware, the decade-long journey of a Safari vuln, & more!   IE has gone to 11 and is no more....


share








   1h3m
 
 

ASW #200 - Keith Hoodlet


HTTP RFCs have evolved: A Cloudflare view of HTTP usage trends, Career Advice and Professional Development, Active Exploitation of Confluence CVE-2022-26134 Seamlessly Connect & Protect Entire IT Ecosystem The new business reality is that...


share








 2022-07-08  1h8m
 
 

ASW #198 - Matias Madou


Developers want bug-free code -- it frees up their time and is easier to maintain. They want secure code for the same reasons. Matias Madou joins to talk about how the definition of secure coding varies among developers and appsec teams, why it's...


share








 2022-06-23  1h11m