Podcasts about application security weekly

  • 10PODCASTS
  • 450EPISODES
  • 42mAVG DURATION
  • ?INFREQUENT EPISODES
  • Dec 16, 2024LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about application security weekly

Latest podcast episodes about application security weekly

Application Security Weekly (Video)
Applying Usability and Transparency to Security - Hannah Sutor - ASW #311

Application Security Weekly (Video)

Play Episode Listen Later Dec 16, 2024 34:09


Practices around identity and managing credentials have improved greatly since the days of infosec mandating 90-day password rotations. But those improvements didn't arise from a narrow security view. Hannah Sutor talks about the importance of balancing security with usability, the importance of engaging with users when determining defaults, and setting an example for transparency in security disclosures. Segment resources https://youtu.be/ydg95R2QKwM 00:00 Welcome to Application Security Weekly! 01:49 Meet the Experts 03:28 What Are Non-Human Identities? 06:17 Balancing Security & Usability 08:24 MFA Challenges & Admin Security 12:09 Navigating Breaking Changes 16:05 Security by Design in Action 18:42 Identity Management for Startups 20:18 Secure by Design: Real Impact 24:03 Transparency After a Critical Vulnerability 31:39 Looking Ahead to 2025 32:45 Application Security in Three Words Show Notes: https://securityweekly.com/asw-311

Paul's Security Weekly
All the News - Just Six Months Later - Application Security Weekly #265

Paul's Security Weekly

Play Episode Listen Later Dec 5, 2023 70:21


We cover appsec news on a weekly basis, but sometimes that news is merely about the start of a new project, sometimes it's yet another example of a vuln class, and sometimes it's a topic we hope doesn't become a trend. So, what themes have we seen and where do we see them going? Here are a few headline topics that have alternately generated yays and yawns. CISA's Secure by Design and Secure by Default CVSS 4.0 Generative AI MFA mandates Microsoft, Rust, and Memory Safety New TLDs OAuth OpenSSF and OWASP In the news, repetition extracts data from ChatGPT, more vulns in the software that surrounds AI, guidelines for secure AI, LogoFAIL trips a boot, BLUFFS attack on Bluetooth, CISA's first secure by design alert, Okta's updated breach disclosure, and more!   Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/asw-265

Application Security Weekly (Audio)
All the News - Just Six Months Later - Application Security Weekly #265

Application Security Weekly (Audio)

Play Episode Listen Later Dec 5, 2023 70:21


We cover appsec news on a weekly basis, but sometimes that news is merely about the start of a new project, sometimes it's yet another example of a vuln class, and sometimes it's a topic we hope doesn't become a trend. So, what themes have we seen and where do we see them going? Here are a few headline topics that have alternately generated yays and yawns. CISA's Secure by Design and Secure by Default CVSS 4.0 Generative AI MFA mandates Microsoft, Rust, and Memory Safety New TLDs OAuth OpenSSF and OWASP In the news, repetition extracts data from ChatGPT, more vulns in the software that surrounds AI, guidelines for secure AI, LogoFAIL trips a boot, BLUFFS attack on Bluetooth, CISA's first secure by design alert, Okta's updated breach disclosure, and more!   Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/asw-265

Hacker Public Radio
HPR3334: Infosec Podcasts Part 2 - General Information Security

Hacker Public Radio

Play Episode Listen Later May 13, 2021


Inoffensive in every region of the world Hello, again. My name is Trey. This is part 2 of a 6 part series related to information security podcasts. To recap Why am I recording this series? "What podcasts you listen to" was on the list of recommended topics I am passionate about information security We desperately need people to fill infosec jobs in many different specialties Infosec is a rapidly changing field, and it is critical to stay current As a result I listen to TONS of infosec related podcasts Because there are so many podcasts to list, I have broken them down into 6 different episodes based on topics: Part 1 – News & Current Events Part 2 – General Information Security Part 3 - Career & Personal Development Part 4 – Social Engineering Part 5 - Hacks & Attacks Technical Information & Learning Infosec Community / Social / History Part 6 – Infosec Leadership Part 2 General Information Security Caveat – Dave Bittner & Ben Yelin (Weekly) Weekly discussion of cybersecurity law and policy, with a particular focus on surveillance and digital privacy https://thecyberwire.com/podcasts/caveat.html Defense in Depth - David Spark & Guests (Weekly) Weekly podcast digging deeper into a currently trending infosec topic https://cisoseries.com/subscribe-podcast/ Recorded Future - Dave Bittner & Recorded Future (Weekly) A weekly podcast about practical applications of security intelligence https://www.recordedfuture.com/resources/podcast/ Brakeing Down Security - Bryan Brake, Brian Boettcher, and Amanda Berlin (Weekly) A weekly discussion of current infosec topics and events Covers concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans. https://www.brakeingsecurity.com/ Down the Security Rabbit Hole - Rafal Los (Weekly) A weekly interview based podcast discussing various challenges of implementing infosec http://podcast.wh1t3rabbit.net/ Security Weekly Podcast Network - Network of shows with various hosts A collection of podcasts including: Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, Security & Compliance Weekly, Security Weekly News, Tradecraft Security Weekly, & Secure Digital Life. Interesting and diverse discussions. Warning: Discussions sometimes promote the consumption of alcohol and smoking cigars These podcasts are long https://securityweekly.com/ Security Stories - Cisco with Hazel Burton, Ben Nahorney, & Noureen Njoroge (Weekly) A unique weekly interview-based podcast by sponsored by Cisco focusing on infosec stories https://www.cisco.com/c/en/us/products/security/securitystories.html The Confident Defense Podcast - Conor Sherman (Weekly) Interviews with influential and inspirational people in all areas of security https://linktr.ee/ConfidentDefense Open Source Security Podcast - Kurt Seifried & Josh Bressers (Weekly) Lighthearted discussions of information security topics related to open source https://opensourcesecurity.io/category/podcast/ See? I told you I listen to lots of podcasts! I hope that this episode has introduced you to some new sources of information. Give some of them a try, and I would love to get your feedback. The next episode will be about Information Security Careers & Personal Development Thank you for listening.

news podcasts career security hacks cisco information security infosec general information security weekly warning discussions enterprise security weekly secure digital life application security weekly business security weekly
The Secure Developer
Ep. #82, Two Angles of Application and Product Security with Mike Shema

The Secure Developer

Play Episode Listen Later Nov 26, 2020 38:12


Today's guest, Mike Shema, is no stranger to podcasts. As the host of the Application Security Weekly show, he has firsthand insights into the trends and movements in the industry. When he is not on air, Mike works with developers at Square to protect applications, their data, and their users. With a broad range of AppSec experience, from manual security testing to building a commercial web scanner and helping teams build secure products, he has seen it all. In this episode, we hear about Mike's moderator role at Square and how it ties into the organization's engineering-biased security approach. We learn about their partnership strategy, how they split up cloud and governance security, and the benefits of specialist teams. Mike candidly shares how his empathy for developers has grown over the years, and as such, he is cognizant of not playing the gatekeeper role. The conversation goes to tooling, where Mike sheds light on his ‘why bother?' addition to the age-old question of whether to build or buy. Moving away from his work at Square, we then take a look at some of the industry developments he has picked up on as a podcast host himself. He talks about how developers have leapfrogged security teams over the past few years and why this is a good thing for the industry. Be sure to tune in to hear this and much more.

moving security product square application angles appsec mikeshema application security weekly
Application Security Weekly (Audio)
Snowy Clouds - ASW #129

Application Security Weekly (Audio)

Play Episode Listen Later Nov 10, 2020 76:17


This week, we have the pleasure to welcome back Keith Hoodlet, Senior Manager, Application Experience at Thermo Fisher Scientific, and former Host of Application Security Weekly, to discuss how Security Is a Feature! In the Application Security News, China's top hacking contest turns months of effort into 15 minutes of exploits, an injection flaw in GitHub Actions, understanding post-compromise activity in exploits targeting Solaris and VoIP, security and quality challenges in integrating software from multiple vendors, and CVE naming turns into wibbly wobbly timey wimey stuff!   Show Notes: https://wiki.securityweekly.com/asw129 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly
Snowy Clouds - ASW #129

Paul's Security Weekly

Play Episode Listen Later Nov 10, 2020 76:17


This week, we have the pleasure to welcome back Keith Hoodlet, Senior Manager, Application Experience at Thermo Fisher Scientific, and former Host of Application Security Weekly, to discuss how Security Is a Feature! In the Application Security News, China's top hacking contest turns months of effort into 15 minutes of exploits, an injection flaw in GitHub Actions, understanding post-compromise activity in exploits targeting Solaris and VoIP, security and quality challenges in integrating software from multiple vendors, and CVE naming turns into wibbly wobbly timey wimey stuff!   Show Notes: https://wiki.securityweekly.com/asw129 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Hacking into Security - Career Talks
Hacking into Security #29 - "we need Security to become part of the Software Engineering team", with Keith Hoodlet (@securingdev)

Hacking into Security - Career Talks

Play Episode Listen Later Oct 16, 2020 51:13


In this episode, we catch up with Keith Hoodlet (@securingdev) Senior Manager, Application Experience at Thermo Fisher Scientific. Keith has a strong background in application security and is the former host for 55 episodes on the Application Security Weekly podcast. I saw a tweet by Keith and wanted to dig deeper in that. The tweet was responding to Dino Dai Zovi who said "Security" as a single dimension of expertise increasingly makes no sense. Saying that you are a "security expert" is like saying you are a "computer expert." Computing is a part of everything we do and we don't isolate expertise on all of it within the "computers team.", Keith said "Agreed; in the same way that Ops became part of the Software Engineering team, we need Security to become part of the Software Engineering team. This is why I say that Security is a Feature, because features are: - Funded - Have time allocated to them - Are tested and maintained" We also walk through Keith's journey into the industry and also share advice to companies looking to mature their Application Security and DevSecOps. You can watch Keith's keynote talk at OWASP AppSec Day Melbourne 2018 https://www.youtube.com/watch?v=QT_omddhJzo&list=PLPvxR0i93gjQjrIJK0PdMdFkUbnHhRBRN&index=2&t=0s

Paul's Security Weekly TV
Protecting Mobile Applications - Catherine Chambers, Will Hickie - ASW #113

Paul's Security Weekly TV

Play Episode Listen Later Jul 6, 2020 35:13


What do you do if your ambition is to provide security for all the mobile apps in the world? You hire a data scientist! Machine Learning is more than just a buzz word, it is the science behind making decisions quickly and at scale. Catherine Chambers returns to Application Security Weekly with Irdeto's lead data scientist Will Hickie to describe how they turned Mobile Application Security into a data science problem, and what that means for your mobile app.   To download the white paper, visit: https://securityweekly.com/irdeto Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode113

Application Security Weekly (Video)
Protecting Mobile Applications - Catherine Chambers, Will Hickie - ASW #113

Application Security Weekly (Video)

Play Episode Listen Later Jul 6, 2020 35:13


What do you do if your ambition is to provide security for all the mobile apps in the world? You hire a data scientist! Machine Learning is more than just a buzz word, it is the science behind making decisions quickly and at scale. Catherine Chambers returns to Application Security Weekly with Irdeto's lead data scientist Will Hickie to describe how they turned Mobile Application Security into a data science problem, and what that means for your mobile app.   To download the white paper, visit: https://securityweekly.com/irdeto Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode113

Risky Business
Risky Business #588 -- Catastrophic bugs to plague ICS for years

Risky Business

Play Episode Listen Later Jun 16, 2020


On this week’s show Patrick and Adam discuss the week’s security news, including: Facebook commissioned custom 0day to de-cloak child sex predator IP stack bugs to plague IoT, ICS for years Sandworm was doxxed by the NSA and hardly anyone noticed Congress demands answers on 2015 Juniper NetScreen back door investigation Amazon, Microsoft join moratorium on sale of facial recognition to police Much, much more This week’s show is brought to you by Signal Sciences. And instead of having one of their staff on the show, they nominated one of their customers to appear instead. So in this week’s sponsored segment we’re going to hear from Keith Hoodlet. Keith is currently the Senior Manager of Application Experience at Thermo Fisher Scientific, a $137 billion company. He built their appsec program and he’ll be along later on to talk through all of that. It’s a rapid-fire interview about how he was able to get started and make a dent quickly. Keith used to co-host the Application Security Weekly podcast and he’s worked for Bugcrowd and Veracode. He’s a cool guy, it’s a great interview, make sure you stick around for that one. You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here. You can subscribe to our new YouTube channel here. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Facebook Helped the FBI Hack a Child Predator - VICE gov.uscourts.insd.77308.131.0.pdf Ripple20 vulnerabilities will haunt the IoT landscape for years to come | ZDNet Exclusive: Sandworm's Exim hacks reveal wider Russian activity - Risky Business Driving Discord through Disinformation and Disruption – Stranded on Pylos Wyden seeks details on spies' data protection after scathing CIA audit on Vault 7 leaks wyden-cybersecurity-lapses-letter-to-dni.pdf Congress asks Juniper for the results of its 2015 NSA backdoor investigation | ZDNet Wyden House Juniper Letter Juniper 'fesses up to TWO attacks from 'unauthorised code' • The Register Amazon Won’t Let Police Use Its Facial-Recognition Tech for One Year | WIRED Microsoft Won’t Sell Facial Recognition To American Cops After Protests (5) Richard Grenell on Twitter: "They should now be barred from federal government contracts - there should be consequences for not selling technology to police departments. @realDonaldTrump" / Twitter Research shows human rights activists in India were targeted with spyware Italian company exposed as a front for malware operations | ZDNet US intelligence bill takes aim at commercial spyware makers | TechCrunch Text - S.3905 - 116th Congress (2019-2020): Intelligence Authorization Act for Fiscal Year 2021 | Congress.gov | Library of Congress Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More | WIRED South African bank to replace 12m cards after employees stole master key | ZDNet Intel will soon bake anti-malware defenses directly into its CPUs | Ars Technica Arm CPUs impacted by rare side-channel attack | ZDNet Twitter bans 32k accounts pushing Chinese, Russian, and Turkish propaganda | ZDNet COVID-19 Tracking Apps ‘A Privacy Trash Fire’ As Norway Nixes Its Own Zoom Promises To Do Better After Banning Tiananmen Square Protests—Then Builds Tech To Help China’s Censorship Chinese users saw Zoom as a window through the 'Great Firewall' - Reuters Coder-Turned-Kingpin Paul Le Roux Gets His Comeuppance | WIRED Stalkerware detection rates are improving across antivirus products | ZDNet Lamphone attack lets threat actors recover conversations from your light bulb | ZDNet Hackers breached A1 Telekom, Austria's largest ISP | ZDNet Google email domains spoofed by SMTP exploit in G Suite | The Daily Swig Former eBay Employees Sent Cockroaches, Bloody Pig Mask to Mass. Couple In Harassment Campaign: US Attorney – NBC Boston

Application Security Weekly (Video)
Privacy by Design - ASW #90

Application Security Weekly (Video)

Play Episode Listen Later Jan 7, 2020 29:06


This week on Application Security Weekly, Mike Shema and Matt Alderman discuss Privacy by Design - The 7 Foundational Principles. This discussion includes these topics: Proactive not Reactive; Preventative not Remedial, Privacy as the Default, Privacy Embedded into Design, Full Functionality - Positive-Sum, not Zero-Sum, End-to-End Security - Lifecycle Protection, Visibility and Transparency, Respect for User Privacy, and OWASP API Security Project. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode90

Application Security Weekly (Audio)
Learn & Improve - ASW #90

Application Security Weekly (Audio)

Play Episode Listen Later Jan 7, 2020 57:21


This week on Application Security Weekly, Mike Shema and Matt Alderman discuss Privacy by Design - The 7 Foundational Principles! In the Application Security News, Featured Flaws and Big Breaches, Cloud, Code and Controls (Python is dead. Long live Python!), Learning and Tools (Breaking Down the OWASP API Security Top 10), and Food for Thought (Facebook will stop mining contacts with your 2FA number, 6 Security Team Goals for DevSecOps in 2020, 7 security incidents that cost CISOs their jobs)!   Show Notes: https://wiki.securityweekly.com/ASWEpisode90 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly
Learn & Improve - ASW #90

Paul's Security Weekly

Play Episode Listen Later Jan 7, 2020 57:21


This week on Application Security Weekly, Mike Shema and Matt Alderman discuss Privacy by Design - The 7 Foundational Principles! In the Application Security News, Featured Flaws and Big Breaches, Cloud, Code and Controls (Python is dead. Long live Python!), Learning and Tools (Breaking Down the OWASP API Security Top 10), and Food for Thought (Facebook will stop mining contacts with your 2FA number, 6 Security Team Goals for DevSecOps in 2020, 7 security incidents that cost CISOs their jobs)!   Show Notes: https://wiki.securityweekly.com/ASWEpisode90 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly TV
Privacy by Design - ASW #90

Paul's Security Weekly TV

Play Episode Listen Later Jan 7, 2020 29:06


This week on Application Security Weekly, Mike Shema and Matt Alderman discuss Privacy by Design - The 7 Foundational Principles. This discussion includes these topics: Proactive not Reactive; Preventative not Remedial, Privacy as the Default, Privacy Embedded into Design, Full Functionality - Positive-Sum, not Zero-Sum, End-to-End Security - Lifecycle Protection, Visibility and Transparency, Respect for User Privacy, and OWASP API Security Project. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode90

Paul's Security Weekly TV
The World Runs On Open-Source, But Who's Paying For Gas? - ASW #88

Paul's Security Weekly TV

Play Episode Listen Later Dec 11, 2019 30:46


In the Application Security News, GitHub Seeks Security Dominance With Developers, IoT and Agile Framework Partners in Efficacy, WhiteSource acquires & open sources Renovate dependency update tool set, and Java vs. Python: Which should you choose? So stay tuned, for Application Security Weekly! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode88

Application Security Weekly (Video)
The World Runs On Open-Source, But Who's Paying For Gas? - ASW #88

Application Security Weekly (Video)

Play Episode Listen Later Dec 11, 2019 30:46


In the Application Security News, GitHub Seeks Security Dominance With Developers, IoT and Agile Framework Partners in Efficacy, WhiteSource acquires & open sources Renovate dependency update tool set, and Java vs. Python: Which should you choose? So stay tuned, for Application Security Weekly! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode88

Paul's Security Weekly TV
Container Security Today - Application Security Weekly #71

Paul's Security Weekly TV

Play Episode Listen Later Jul 31, 2019 36:44


Murray Goldschmidt is the COO & Co-founder of Sense of Security. Murray talks about The state of container security in the enterprise. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode71 Visit https://www.securityweekly.com/asw for all the latest episodes!

Application Security Weekly (Video)
Application News - Application Security Weekly #71

Application Security Weekly (Video)

Play Episode Listen Later Jul 31, 2019 37:32


Rare Steganography Hack Can Compromise Fully Patched Websites, Bug Bounties Continue to Rise as Google Boosts its Payouts, Snyk Acquires DevSecCon to Boost DevSecOps Community, and much more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode71 Visit https://www.securityweekly.com/asw for all the latest episodes!

sharing secure careers file linux payouts application security weekly
Application Security Weekly (Audio)
Off Guard - Application Security Weekly #71

Application Security Weekly (Audio)

Play Episode Listen Later Jul 30, 2019 74:13


This week, in the Application Security News, Rare Steganography Hack Can Compromise Fully Patched Websites, Bug Bounties Continue to Rise as Google Boosts its Payouts, Snyk Acquires DevSecCon to Boost DevSecOps Community, and much more! In our second segment, we welcome Murray Goldschmidt, COO & Co-founder of Sense of Security, to talk about The State of Container Security in the Enterprise!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode71 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly
Off Guard - Application Security Weekly #71

Paul's Security Weekly

Play Episode Listen Later Jul 30, 2019 74:13


This week, in the Application Security News, Rare Steganography Hack Can Compromise Fully Patched Websites, Bug Bounties Continue to Rise as Google Boosts its Payouts, Snyk Acquires DevSecCon to Boost DevSecOps Community, and much more! In our second segment, we welcome Murray Goldschmidt, COO & Co-founder of Sense of Security, to talk about The State of Container Security in the Enterprise!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode71 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly TV
Application News - Application Security Weekly #71

Paul's Security Weekly TV

Play Episode Listen Later Jul 30, 2019 37:32


Rare Steganography Hack Can Compromise Fully Patched Websites, Bug Bounties Continue to Rise as Google Boosts its Payouts, Snyk Acquires DevSecCon to Boost DevSecOps Community, and much more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode71 Visit https://www.securityweekly.com/asw for all the latest episodes!

sharing secure careers file payouts application security weekly
Application Security Weekly (Video)
Container Security Today - Application Security Weekly #71

Application Security Weekly (Video)

Play Episode Listen Later Jul 30, 2019 36:44


Murray Goldschmidt is the COO & Co-founder of Sense of Security. Murray talks about The state of container security in the enterprise. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode71 Visit https://www.securityweekly.com/asw for all the latest episodes!

Paul's Security Weekly TV
Application News - Application Security Weekly #70

Paul's Security Weekly TV

Play Episode Listen Later Jul 24, 2019 31:47


SupPy Chain Malware - Detecting malware in package manager repositories, Attacking SSL VPN, Solving Digital Transformation Cybersecurity Concerns With DevSecOps, How I Could Have Hacked Any Instagram Account, Tracking Anonymized Bluetooth Devices and Bluetooth Bug, Enables Tracking on Windows 10, iOS & macOS Devices, 2019 Global Developer Report: DevSecOps finds security roadblocks divide teams and GitLab Survey Surfaces Major DevSecOps Challenges Ahead. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode70 Visit https://www.securityweekly.com/asw for all the latest episodes!

news ios windows cybersecurity vpn devops macos ssl gitlab devsecops appsec bluetooth bug application security weekly suppychain asw episode70 visit
Application Security Weekly (Video)
Application News - Application Security Weekly #70

Application Security Weekly (Video)

Play Episode Listen Later Jul 24, 2019 31:47


SupPy Chain Malware - Detecting malware in package manager repositories, Attacking SSL VPN, Solving Digital Transformation Cybersecurity Concerns With DevSecOps, How I Could Have Hacked Any Instagram Account, Tracking Anonymized Bluetooth Devices and Bluetooth Bug, Enables Tracking on Windows 10, iOS & macOS Devices, 2019 Global Developer Report: DevSecOps finds security roadblocks divide teams and GitLab Survey Surfaces Major DevSecOps Challenges Ahead. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode70 Visit https://www.securityweekly.com/asw for all the latest episodes!

news ios windows cybersecurity vpn devops macos ssl gitlab devsecops appsec bluetooth bug application security weekly suppychain asw episode70 visit
Application Security Weekly (Audio)
Help Us! - Application Security Weekly #70

Application Security Weekly (Audio)

Play Episode Listen Later Jul 23, 2019 65:20


This week, we welcome Ian Eyberg, CEO of NanoVMs! In the Application Security News, detecting malware in package manager repositories, Attacking SSL VPN, Solving Digital Transformation Cybersecurity Concerns With DevSecOps, How I Could Have Hacked Any Instagram Account, Tracking Anonymized Bluetooth Devices and Bluetooth Bug, and more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode70 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

ceo news ios cybersecurity vpn devops macos deployment ssl gitlab devsecops appsec unikernels bluetooth bug application security weekly suppychain application security news asw episode70 visit secureapplications
Paul's Security Weekly
Help Us! - Application Security Weekly #70

Paul's Security Weekly

Play Episode Listen Later Jul 23, 2019 65:20


This week, we welcome Ian Eyberg, CEO of NanoVMs! In the Application Security News, detecting malware in package manager repositories, Attacking SSL VPN, Solving Digital Transformation Cybersecurity Concerns With DevSecOps, How I Could Have Hacked Any Instagram Account, Tracking Anonymized Bluetooth Devices and Bluetooth Bug, and more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode70 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

ceo news ios cybersecurity vpn devops macos deployment ssl gitlab devsecops appsec unikernels bluetooth bug application security weekly suppychain application security news asw episode70 visit secureapplications
Paul's Security Weekly TV
Secure App Deployment With Unikernels - Application Security Weekly #70

Paul's Security Weekly TV

Play Episode Listen Later Jul 23, 2019 33:34


Ian Eyber is the CEO of NanoVMs. Unikernels are an emerging trend in software deployment because of their isolation, performance and size. However they are still very much new so it's good to learn what benefits they bring and what their current drawbacks are. Listeners might be surprised to learn how many unikernel implementations there are and what organizations are actively using them. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode70 Visit https://www.securityweekly.com/asw for all the latest episodes!

ceo secure deployment appsec unikernels application security weekly asw episode70 visit secureapplications
Application Security Weekly (Video)
Secure App Deployment With Unikernels - Application Security Weekly #70

Application Security Weekly (Video)

Play Episode Listen Later Jul 23, 2019 33:34


Ian Eyber is the CEO of NanoVMs. Unikernels are an emerging trend in software deployment because of their isolation, performance and size. However they are still very much new so it's good to learn what benefits they bring and what their current drawbacks are. Listeners might be surprised to learn how many unikernel implementations there are and what organizations are actively using them. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode70 Visit https://www.securityweekly.com/asw for all the latest episodes!

ceo secure deployment appsec unikernels application security weekly asw episode70 visit secureapplications
Application Security Weekly (Video)
Application News - Application Security Weekly #69

Application Security Weekly (Video)

Play Episode Listen Later Jul 17, 2019 35:19


Yes, the zoom thing, 50 Ways to Leak Your Data in 1,300 Popular Android Apps Access Data, Without Proper Permissions, GE Aviation exposed internal configs via open Jenkins instance, Preparing your enterprise to eliminate passwords, DevSecOps Survey Finds Failure to Communicate, What Quality Metrics Matter Most for DevOps? Full Show Notes: https://wiki.securityweekly.com/ASW_Episode69 Follow us on Twitter: https://www.twitter.com/securityweekly

news zoom preparing communicate jenkins devops android apps ge aviation application security weekly applicationnews 50waystoleakdata
Application Security Weekly (Video)
Securing Multi-Cloud Environments - Application Security Weekly #69

Application Security Weekly (Video)

Play Episode Listen Later Jul 16, 2019 39:41


Gururaj Pandurangi is a founder and CEO of Cloudneeti, a software-as-a-service company focused on continuous cloud security, data privacy and compliance assurance. Gururaj is coming on the show to discuss security in multi-cloud environments. To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti Full Show Notes: https://wiki.securityweekly.com/ASW_Episode69 Follow us on Twitter: https://www.twitter.com/securityweekly

ceo security cloud securing environments multicloud gururaj application security weekly cloudneeti gururajpandurangi
Paul's Security Weekly TV
Application News - Application Security Weekly #69

Paul's Security Weekly TV

Play Episode Listen Later Jul 16, 2019 35:19


Yes, the zoom thing, 50 Ways to Leak Your Data in 1,300 Popular Android Apps Access Data, Without Proper Permissions, GE Aviation exposed internal configs via open Jenkins instance, Preparing your enterprise to eliminate passwords, DevSecOps Survey Finds Failure to Communicate, What Quality Metrics Matter Most for DevOps? Full Show Notes: https://wiki.securityweekly.com/ASW_Episode69 Follow us on Twitter: https://www.twitter.com/securityweekly

news zoom preparing communicate jenkins devops android apps ge aviation application security weekly applicationnews 50waystoleakdata
Paul's Security Weekly
Paving the Road - Application Security Weekly #69

Paul's Security Weekly

Play Episode Listen Later Jul 16, 2019 74:59


This week, we welcome Gururaj Pandurangi, Founder and CEO of Cloudneeti, to discuss Security in Multi-Cloud Environments! In the Application Security News, yes, the Zoom thing, 50 ways to leak your data in 1,300 popular Android apps access data, without proper permissions, GE Aviation exposed internal configs via open Jenkins instance, and more!   To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti Full Show Notes: https://wiki.securityweekly.com/ASW_Episode69   Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

ceo founders news zoom security android cloud jenkins environments devops paving android apps ge aviation gururaj application security weekly cloudneeti gururajpandurangi application security news applicationnews 50waystoleakdata
Application Security Weekly (Audio)
Paving the Road - Application Security Weekly #69

Application Security Weekly (Audio)

Play Episode Listen Later Jul 16, 2019 74:59


This week, we welcome Gururaj Pandurangi, Founder and CEO of Cloudneeti, to discuss Security in Multi-Cloud Environments! In the Application Security News, yes, the Zoom thing, 50 ways to leak your data in 1,300 popular Android apps access data, without proper permissions, GE Aviation exposed internal configs via open Jenkins instance, and more!   To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti Full Show Notes: https://wiki.securityweekly.com/ASW_Episode69   Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

ceo founders news zoom security android cloud jenkins environments devops paving android apps ge aviation gururaj application security weekly cloudneeti gururajpandurangi application security news applicationnews 50waystoleakdata
Paul's Security Weekly TV
Securing Multi-Cloud Environments - Application Security Weekly #69

Paul's Security Weekly TV

Play Episode Listen Later Jul 16, 2019 39:41


Gururaj Pandurangi is a founder and CEO of Cloudneeti, a software-as-a-service company focused on continuous cloud security, data privacy and compliance assurance. Gururaj is coming on the show to discuss security in multi-cloud environments. To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti Full Show Notes: https://wiki.securityweekly.com/ASW_Episode69 Follow us on Twitter: https://www.twitter.com/securityweekly

ceo security cloud securing environments multicloud gururaj application security weekly cloudneeti gururajpandurangi
Paul's Security Weekly TV
Application News - Application Security Weekly #68

Paul's Security Weekly TV

Play Episode Listen Later Jul 11, 2019 32:28


WordPress Plugin WP Statistics Patches XSS Flaw, Three RCEs in Android's Media framework, Nine Best Practices For Integrating Application Security Testing Into DevOps, 6 Traits That Define DevSecOps, and much more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode68 Follow us on Twitter: https://www.twitter.com/securityweekly

wordpress devops plugin devsecops xss security weekly application security weekly 6traits applicationnews android's media traits that define devsecops
Application Security Weekly (Video)
Application News - Application Security Weekly #68

Application Security Weekly (Video)

Play Episode Listen Later Jul 10, 2019 32:28


WordPress Plugin WP Statistics Patches XSS Flaw, Three RCEs in Android's Media framework, Nine Best Practices For Integrating Application Security Testing Into DevOps, 6 Traits That Define DevSecOps, and much more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode68 Follow us on Twitter: https://www.twitter.com/securityweekly

wordpress devops plugin devsecops xss security weekly application security weekly 6traits applicationnews android's media traits that define devsecops
Paul's Security Weekly TV
Cloud Native - Application Security Weekly #68

Paul's Security Weekly TV

Play Episode Listen Later Jul 10, 2019 31:46


Mike Shema, John Kinsella, and Matt Alderman talk cloud native from an application perspective. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode68 Follow us on Twitter: https://www.twitter.com/securityweekly

applications devops cloud native asw appsec john kinsella security weekly matt alderman mikeshema application security weekly
Application Security Weekly (Audio)
Wise Words - Application Security Weekly #68

Application Security Weekly (Audio)

Play Episode Listen Later Jul 9, 2019 64:11


This week, Mike Shema, John Kinsella, and Matt Alderman talk Cloud Native from an application perspective! In the Application Security News, WordPress Plugin WP Statistics Patches XSS Flaw, Three RCEs in Android's Media framework, Nine Best Practices For Integrating Application Security Testing Into DevOps, 6 Traits That Define DevSecOps, and much more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode68 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

security applications wordpress devops wise words plugin devsecops cloud native asw appsec xss john kinsella security weekly matt alderman mikeshema application security weekly 6traits application security news applicationnews android's media traits that define devsecops
Application Security Weekly (Video)
Cloud Native - Application Security Weekly #68

Application Security Weekly (Video)

Play Episode Listen Later Jul 9, 2019 31:46


Mike Shema, John Kinsella, and Matt Alderman talk cloud native from an application perspective. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode68 Follow us on Twitter: https://www.twitter.com/securityweekly

applications devops cloud native asw appsec john kinsella security weekly matt alderman mikeshema application security weekly
Paul's Security Weekly
Wise Words - Application Security Weekly #68

Paul's Security Weekly

Play Episode Listen Later Jul 9, 2019 64:11


This week, Mike Shema, John Kinsella, and Matt Alderman talk Cloud Native from an application perspective! In the Application Security News, WordPress Plugin WP Statistics Patches XSS Flaw, Three RCEs in Android's Media framework, Nine Best Practices For Integrating Application Security Testing Into DevOps, 6 Traits That Define DevSecOps, and much more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode68 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

security applications wordpress devops wise words plugin devsecops cloud native asw appsec xss john kinsella security weekly matt alderman mikeshema application security weekly 6traits application security news applicationnews android's media traits that define devsecops
Application Security Weekly (Video)
Security Training for Devs - Application Security Weekly #67

Application Security Weekly (Video)

Play Episode Listen Later Jul 3, 2019 34:18


Mike Shema, John Kinsella, & Matt Alderman discuss security training for Devs! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode67 Follow us on Twitter: https://www.twitter.com/securityweekly

Paul's Security Weekly TV
Security Training for Devs - Application Security Weekly #67

Paul's Security Weekly TV

Play Episode Listen Later Jul 3, 2019 34:18


Mike Shema, John Kinsella, & Matt Alderman discuss security training for Devs! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode67 Follow us on Twitter: https://www.twitter.com/securityweekly

Application Security Weekly (Audio)
Everybody Learns Differently - Application Security Weekly #67

Application Security Weekly (Audio)

Play Episode Listen Later Jul 2, 2019 64:28


This week, Mike Shema, John Kinsella, & Matt Alderman discuss security training for Devs! In the Application Security News, GKE improves authentication with Workload Identity, AWS reinforce reveals traffic tools and security solutions that improve support for DevOps, Brief history of Trusted Execution Environments, From the Enterprise's Project: How to Explain Service Mesh in Plain English, and Developers and Security Teams Under Pressure to Collaborate!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode67 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

security developers applications aws collaborate learns devops devs plain english asw appsec john kinsella gke security weekly matt alderman mikeshema application security weekly application security news applicationnews enterprise's project how explain service mesh security teams under pressure s3buckets workloadidentity
Application Security Weekly (Video)
GKE, AWS, & S3 Buckets - Application Security Weekly #67

Application Security Weekly (Video)

Play Episode Listen Later Jul 2, 2019 30:40


GKE improves authentication with Workload Identity, AWS reinforce reveals traffic tools and security solutions that improve support for DevOps, Brief history of Trusted Execution Environments, From the Enterprise's Project: How to Explain Service Mesh in Plain English, Developers and Security Teams Under Pressure to Collaborate! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode67 Follow us on Twitter: https://www.twitter.com/securityweekly

developers aws collaborate devops buckets plain english asw appsec gke application security weekly enterprise's project how explain service mesh security teams under pressure s3buckets workloadidentity applicationnews
Paul's Security Weekly
Everybody Learns Differently - Application Security Weekly #67

Paul's Security Weekly

Play Episode Listen Later Jul 2, 2019 64:28


This week, Mike Shema, John Kinsella, & Matt Alderman discuss security training for Devs! In the Application Security News, GKE improves authentication with Workload Identity, AWS reinforce reveals traffic tools and security solutions that improve support for DevOps, Brief history of Trusted Execution Environments, From the Enterprise's Project: How to Explain Service Mesh in Plain English, and Developers and Security Teams Under Pressure to Collaborate!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode67 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

security developers applications aws collaborate learns devops devs plain english asw appsec john kinsella gke security weekly matt alderman mikeshema application security weekly application security news applicationnews enterprise's project how explain service mesh security teams under pressure s3buckets workloadidentity
Paul's Security Weekly TV
GKE, AWS, & S3 Buckets - Application Security Weekly #67

Paul's Security Weekly TV

Play Episode Listen Later Jul 2, 2019 30:40


GKE improves authentication with Workload Identity, AWS reinforce reveals traffic tools and security solutions that improve support for DevOps, Brief history of Trusted Execution Environments, From the Enterprise's Project: How to Explain Service Mesh in Plain English, Developers and Security Teams Under Pressure to Collaborate! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode67 Follow us on Twitter: https://www.twitter.com/securityweekly

developers aws collaborate devops buckets plain english asw appsec gke application security weekly enterprise's project how explain service mesh security teams under pressure s3buckets workloadidentity applicationnews
Paul's Security Weekly TV
Don't Ignore APIs - Application Security Weekly #66

Paul's Security Weekly TV

Play Episode Listen Later Jun 27, 2019 24:06


API are now over 80% of the HTTP traffic and enterprise application breaches through compromised APIs are mounting!. A guide to API Security. They also discuss Public VS Private APIs and if the best practice should be segregation of the two. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode66 Follow us on Twitter: https://www.twitter.com/securityweekly

api apis devops asw appsec apisecurity security weekly application security weekly dontignoreapis
Paul's Security Weekly TV
Osquery, Netflix, & Mozilla - Application Security Weekly #66

Paul's Security Weekly TV

Play Episode Listen Later Jun 26, 2019 41:56


Mozilla pushes a patch onto an Array, Netflix shares a stream of patches, Breach to bankruptcy for healthcare company, Osquery becomes a foundational tool, Avoiding DevOps dangers, and Assigning DevOps directions! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode66 Follow us on Twitter: https://www.twitter.com/securityweekly

netflix healthcare bankruptcy breach devops mozilla array asw security weekly osquery application security weekly avoiding devops assigning devops
Application Security Weekly (Video)
Don't Ignore APIs - Application Security Weekly #66

Application Security Weekly (Video)

Play Episode Listen Later Jun 26, 2019 24:06


API are now over 80% of the HTTP traffic and enterprise application breaches through compromised APIs are mounting!. A guide to API Security. They also discuss Public VS Private APIs and if the best practice should be segregation of the two. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode66 Follow us on Twitter: https://www.twitter.com/securityweekly

api apis devops asw appsec apisecurity security weekly application security weekly dontignoreapis