The Application Security Weekly podcast delivers interviews and news from the worlds of AppSec, DevOps, DevSecOps, and all the other ways people find and fix software flaws. Join hosts Mike Shema, John Kinsella, and Akira Brand on a journey through modern security practices for apps, clouds, containers, and more.
https://securityweekly.com/asw
Gesamtlänge aller Episoden: 15 days 8 hours 17 minutes
recommended podcasts
ASW #222 - Aviv Grafi
Android platform certs leaked, SQL injection to leaked credentials to cross-tenant access in IBM's Cloud Database, hacking cars through web-based APIs, technical and social considerations when getting into bug bounties, a brief note on memory safety...
ASW #221 - Kenn White
Crossing tenants with AWS AppSync, more zeros in C++ to defeat vulns, HTTP/3 connection contamination, Thinkst Quarterly review of research, building a research team MongoDB recently announced the industry’s first encrypted search scheme...
ASW #220 - Daniel Krivelevich
CosMiss in Azure, $70k bounty for a Pixel Lock Screen bypass, finding path traversal with Raspberry Pi-based emulators, NSA guidance on moving to memory safe languages, implementing phishing-resistant MFA, egress filtering, and how to approach code...
ASW #219 - Karl Triebes
While APIs enable innovation, they’re increasingly targeted as a pathway to data. API abuses are often carried out through automated attacks, in which a botnet floods the API with unwanted traffic—seeking vulnerable applications and unprotected...
ASW #218 - Sandy Carielli, Martha Bennett
A critical OpenSSL vuln is coming this Tuesday, a SQLite vuln, Apple blogs about memory safety and bug bounties, determining a random shuffle The Web3 ecosystem is chock full of applications and projects that have lost money (and their...
ASW #217 - Kong Yew Chan
Learn what keeps DevOps and SecOps up at night when securing Kubernetes, container, and cloud native applications, what tactics are best for developers and application architects to consider when securing your latest cloud application and hardening...
ASW #216 - Jason Recla
Exploiting FortiOS with HTTP client headers, mishandling memory in Linux kernel Wi-Fi stack, a field guide to security communities, secure coding resources from the OpenSSF, Linux kernel exploitation Cybersecurity is a data problem. Accelerated AI...
ASW #215 - Akira Brand
We talk with Akira Brand about appsec educational resources and crafting better resources for developers to learn about secure coding. Segment Resources: - - - - Rust arrives in the Linux Kernel, verdict in the Uber security case,...
ASW #214 - Dean Agron
The core focus of this podcast is to provide the listeners with food for thoughts for what is required for releasing secured cloud native applications - Continuous, Multi-layer, and Multi-service analysis and focusing not only on the code, but also on...
ASW #213 - Janet Worthington
Applications are the most frequent external attack vector for companies. However, application security can improve only if developers either code securely or remediate existing security flaws — unfortunately, many don’t receive training with...