Application Security Weekly (Audio)

Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application Security space - as well as enabling “Cyber Curious” developers to get involved in the Application Security process at their organizations. To a lesser extent, we hope to arm Security Managers and Executives with the knowledge to be conversational in the realm of DevOps - and to provide the right questions to ask their colleagues in development, along with the metrics to think critically about the answers they receive.

Eine durchschnittliche Folge dieses Podcasts dauert 1h5m. Bisher sind 189 Folge(n) erschienen. Dies ist ein wöchentlich erscheinender Podcast.

Gesamtlänge aller Episoden: 8 days 11 hours 3 minutes


recommended podcasts

Something's Out There - ASW #153

This week, we welcome Daniel Hampton, Senior Solutions Architect at Fastly, to discuss API Security: Understanding Threats to Better Protect Your Organization! In the AppSec News, Tyler Robinson joins Mike & John to discuss: HTTP/3 and QUIC,...



Everybody's Looking For Something - ASW #152

This week, we welcome Manish Gupta, CEO and Co-Founder at ShiftLeft, to discuss Bringing Appsec to a Modern CI Pipeline! Appsec in a modern CI pipeline needs a combination of tools, collaboration, and processes to be successful. Importantly, it also...



Hot Potato - ASW #151

This week, we welcome Aanand Krishnan, CEO at Tala Security, Inc., to discuss Third Party Software Risk on the Web! Web applications are highly dependent on third party content and JavaScript. This creates a significant set of vulnerabilities that...



Talking Heads - ASW #150

While the vision for app security is relatively clear, executing on that vision is still somewhat of a work in progress. Fast-moving, interdependent pieces—custom code and open source packages, infrastructure and network configurations, user...


 2021-05-11  1h14m

Alert Your Star Destroyers - ASW #149

Rey Bango will be digging into the developer security training conundrum based on his own experiences with secure coding and security training. He'll cover: • The types of security training that work • The role of security champions • How the...


 2021-05-04  1h11m

Minimum Safe Distance - ASW #148

We start with the article about "Researchers Secretly Tried To Add Vulnerabilities to Linux Kernel, Ended Up Getting Banned" and explore its range of issues from ethics to securing huge, distributed software projects. It's hardly novel to point out...


 2021-04-27  1h13m

That Will Bite Ya - ASW #147

This week, we welcome Doug Barbin, Managing Partner at Schellman & Company, LLC, to discuss Supply Chain Management! Supply chain security isn't new, despite the renewed attention from the Solar Winds attack. It has old challenges, like having an...


 2021-04-20  1h8m

Contortions - ASW #146

This week, we welcome Leif Dreizler - Engineering Manager, Product Security - Segment, to talk about Shifting Right: What Security Engineers Can Learn From DevSecOps! In the AppSec News, PHP deals with two malicious commits, SSO and OAuth attack...


 2021-04-06  1h12m

Grab A Sword - ASW #145

This week, we welcome Andrew van der Stock, Executive Director at OWASP Foundation, to talk about the OWASP Top 10 of 2021! The OWASP Top 10 2021 is in development. A public survey has just been released. We have finished collecting data. I would like...


 2021-03-30  1h11m

The Cure - ASW #144

This week, we welcome Johanna Ydergard, VP of Detectify Crowdsource at Detectify, and Roberto Giachetta, Engineering Manager at Detectify, to discuss Approaching AppSec Like a Hacker! Security is struggling to keep up with securing modern web...


 2021-03-23  1h7m