The Application Security Weekly podcast delivers interviews and news from the worlds of AppSec, DevOps, DevSecOps, and all the other ways people find and fix software flaws. Join hosts Mike Shema, John Kinsella, and Akira Brand on a journey through modern security practices for apps, clouds, containers, and more.
https://securityweekly.com/asw
Gesamtlänge aller Episoden: 15 days 8 hours 17 minutes
recommended podcasts
ASW #212 - Sam Placette
Appsec places a lot of importance on secure SDLC practices, API security, integrating security tools, and collaborating with developers. What does this look like from a developer's perspective? We'll cover API security, effective ways to test code,...
ASW #211 - Sonali Shah
Go releases their own curated vuln management resources, OSS-Fuzz finds command injection, Microsoft gets rid of Basic Auth in Exchange, NSA provides guidance on securing SDLC practices, reflections on pentesting, comments on e2e Shifting left...
ASW #210 - Doug Dooley
We will review the primary needs for cloud security: - Guardrails against misconfiguration - Continuously Identify and Remediate Vulnerabilities in Cloud APIs, Apps, and Services - Observability, Protection, and Reporting against Compliance and Risk...
ASW #209 - Kiran Kamity
The unique nature of cloud native apps, Kubernetes, and microservices based architectures introduces new risks and opportunities that require AppSec practitioners to adapt their approach to security tooling, integration with the CI/CD pipeline, and...
ASW #208 - Tanya Janca
Let's talk about adding security tools to a CI/CD, the difference between "perfect" and "good" appsec, and my upcoming book. Segment Resources: https://community.wehackpurple.com #CyberMentoringMonday on Twitter Microsoft fixes an old bounty from...
ASW #207 - Chen Gour Arie
In today's high-tech industries, security is struggling to keep up with rapidly changing production systems and the chaos that agile development introduces into workflows. Application security (AppSec) teams are fighting an uphill battle to gain...
ASW #206 - Manish Gupta
In our first segment, we are joined by Manish Gupt, the CEO and Co-Founder of ShiftLeft for A discussion of how the changes and advancements in static application security testing (SAST) and intelligent software composition analysis (SCA) have helped...
ASW #199 - Nikhil Gupta
Nikhil will be discussing the pain points that leaders in the application security space are facing, which can cover how software development has evolved, as well as how this has impacted development teams and security teams as well as the occurrence...
ASW #205 - Ferruh Mavituna
Vuln in an Atlassian Confluence app, "Dirty Dancing" in OAuth flows, security audits of sigstore and slf4j, flaws in fleet management app, conducting tabletop exercises. Pressured by the speed of innovation, organizations are struggling to...
ASW #204 - Larry Maccherone
0-day vulnerabilities pose a high risk because cybercriminals race to exploit them and vulnerable systems are exposed until a patch is issued & installed. These types of software vulnerabilities can be found through continuous detection but even...