Gesamtlänge aller Episoden: 15 days 8 hours 17 minutes
This week, we welcome Manish Gupta, CEO and Co-Founder at ShiftLeft, to discuss Bringing Appsec to a Modern CI Pipeline! Appsec in a modern CI pipeline needs a combination of tools, collaboration, and processes to be successful. Importantly, it also...
This week, we welcome Aanand Krishnan, CEO at Tala Security, Inc., to discuss Third Party Software Risk on the Web! Web applications are highly dependent on third party content and JavaScript. This creates a significant set of vulnerabilities that...
While the vision for app security is relatively clear, executing on that vision is still somewhat of a work in progress. Fast-moving, interdependent pieces—custom code and open source packages, infrastructure and network configurations, user...
Rey Bango will be digging into the developer security training conundrum based on his own experiences with secure coding and security training. He'll cover: • The types of security training that work • The role of security champions • How the...
We start with the article about "Researchers Secretly Tried To Add Vulnerabilities to Linux Kernel, Ended Up Getting Banned" and explore its range of issues from ethics to securing huge, distributed software projects. It's hardly novel to point out...
This week, we welcome Doug Barbin, Managing Partner at Schellman & Company, LLC, to discuss Supply Chain Management! Supply chain security isn't new, despite the renewed attention from the Solar Winds attack. It has old challenges, like having an...
This week, we welcome Leif Dreizler - Engineering Manager, Product Security - Segment, to talk about Shifting Right: What Security Engineers Can Learn From DevSecOps! In the AppSec News, PHP deals with two malicious commits, SSO and OAuth attack...
This week, we welcome Andrew van der Stock, Executive Director at OWASP Foundation, to talk about the OWASP Top 10 of 2021! The OWASP Top 10 2021 is in development. A public survey has just been released. We have finished collecting data. I would like...
This week, we welcome Johanna Ydergard, VP of Detectify Crowdsource at Detectify, and Roberto Giachetta, Engineering Manager at Detectify, to discuss Approaching AppSec Like a Hacker! Security is struggling to keep up with securing modern web...
This week, we welcome John Morello, VP of Product at Palo Alto Networks, joins us to talk about Cloud Native Security Platforms! Modern appsec demonstrates the importance of a cloud native strategy for enterprise security and how much that strategy...