Application Security Weekly (Audio)

Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application Security space - as well as enabling “Cyber Curious” developers to get involved in the Application Security process at their organizations. To a lesser extent, we hope to arm Security Managers and Executives with the knowledge to be conversational in the realm of DevOps - and to provide the right questions to ask their colleagues in development, along with the metrics to think critically about the answers they receive.

Eine durchschnittliche Folge dieses Podcasts dauert 1h6m. Bisher sind 217 Folge(n) erschienen. Jede Woche gibt es eine neue Folge dieses Podcasts.

Gesamtlänge aller Episoden: 9 days 20 hours 40 minutes


recommended podcasts

Thinking Alike - ASW #161

This week, we welcome Tom Hudson, Security Research Team Lead at Detectify, to discuss Securing Modern Web Apps: Development Techniques are Changing! In the AppSec News, Hardware hacking for authn bypass and analyzing IoT RNG, Request Smuggling in...


 2021-08-11  1h6m

Shrug & Move On - ASW #160

This week, we welcome Maggie Jauregui, Offensive Security Researcher at Intel, to discuss Platform Firmware Security! Firmware security is complex and continues to be an industry challenge. In this podcast we'll talk about the reasons firmware...


 2021-08-03  1h12m

Policy of Truth - ASW #159

This week, we welcome Peter Klimek, Director of Technology, Office of the CTO at Imperva, to discuss Navigating the seas of security in serverless functions! In the AppSec News: CWE releases the top 25 vulns for 2021, findings bugs in similar code,...


 2021-07-27  1h14m

Fall On Our Sword - ASW #158

This week, we welcome David DeSanto, Senior Director, Product Management, Dev & Sec at Gitlab! In the wake of events such as the Solarwinds breach, there has been a lot of misinformation about the role of open source in DevSecOps. GitLab believes...


 2021-07-20  1h15m

Drink Our Own Champagne - ASW #157

In the AppSec news, a password manager makes predictable mistakes, Trusted Types terminate DOM XSS, waking up from PrintNightmare, understanding hardware fault injections.   The truth is, most web app and API security tools were designed for a...


 2021-07-13  1h12m

Everything Looks Crazy - ASW #156

This week, we welcome Clint Gibler, Head of Security Research at r2c, to discuss Scaling Your Application Security Program! In the AppSec News: Visual Studio Code's Workplace Trust, Injured Android an insecure mobile app, Microsoft accidentally signed...


 2021-06-29  1h16m

Crawling Like a Human - ASW #155

This week, we welcome Nuno Loureiro & Tiago Mendo from Probely to discuss some Challenges of DAST Scanners, and their Adoption by Developers! Then, in the AppSec News John and Mike discuss: SLSA framework for supply chain integrity, Wi-Fi network...


 2021-06-22  1h14m

Dead Simple - ASW #154

This week, we welcome Sebastian Deleersnyder, CTO at Toreon, to talk about OWASP SAMM - Software Assurance Maturity Model! In the AppSec News, Mike and John talk: ALPACA surveys protocol confusion, lessons from the EA breach, forgotten lessons about...


 2021-06-15  1h9m

Something's Out There - ASW #153

This week, we welcome Daniel Hampton, Senior Solutions Architect at Fastly, to discuss API Security: Understanding Threats to Better Protect Your Organization! In the AppSec News, Tyler Robinson joins Mike & John to discuss: HTTP/3 and QUIC,...


 2021-06-08  1h13m

Everybody's Looking For Something - ASW #152

This week, we welcome Manish Gupta, CEO and Co-Founder at ShiftLeft, to discuss Bringing Appsec to a Modern CI Pipeline! Appsec in a modern CI pipeline needs a combination of tools, collaboration, and processes to be successful. Importantly, it also...


 2021-05-25  1h11m