Gesamtlänge aller Episoden: 15 days 8 hours 17 minutes
Android platform certs leaked, SQL injection to leaked credentials to cross-tenant access in IBM's Cloud Database, hacking cars through web-based APIs, technical and social considerations when getting into bug bounties, a brief note on memory safety...
Crossing tenants with AWS AppSync, more zeros in C++ to defeat vulns, HTTP/3 connection contamination, Thinkst Quarterly review of research, building a research team MongoDB recently announced the industry’s first encrypted search scheme...
CosMiss in Azure, $70k bounty for a Pixel Lock Screen bypass, finding path traversal with Raspberry Pi-based emulators, NSA guidance on moving to memory safe languages, implementing phishing-resistant MFA, egress filtering, and how to approach code...
While APIs enable innovation, they’re increasingly targeted as a pathway to data. API abuses are often carried out through automated attacks, in which a botnet floods the API with unwanted traffic—seeking vulnerable applications and unprotected...
A critical OpenSSL vuln is coming this Tuesday, a SQLite vuln, Apple blogs about memory safety and bug bounties, determining a random shuffle The Web3 ecosystem is chock full of applications and projects that have lost money (and their...
Learn what keeps DevOps and SecOps up at night when securing Kubernetes, container, and cloud native applications, what tactics are best for developers and application architects to consider when securing your latest cloud application and hardening...
Exploiting FortiOS with HTTP client headers, mishandling memory in Linux kernel Wi-Fi stack, a field guide to security communities, secure coding resources from the OpenSSF, Linux kernel exploitation Cybersecurity is a data problem. Accelerated AI...
We talk with Akira Brand about appsec educational resources and crafting better resources for developers to learn about secure coding. Segment Resources: - - - - Rust arrives in the Linux Kernel, verdict in the Uber security case,...
The core focus of this podcast is to provide the listeners with food for thoughts for what is required for releasing secured cloud native applications - Continuous, Multi-layer, and Multi-service analysis and focusing not only on the code, but also on...
Applications are the most frequent external attack vector for companies. However, application security can improve only if developers either code securely or remediate existing security flaws — unfortunately, many don’t receive training with...