Podcasts about netsparker

  • 20PODCASTS
  • 165EPISODES
  • 1h 12mAVG DURATION
  • ?INFREQUENT EPISODES
  • Jun 28, 2023LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about netsparker

Latest podcast episodes about netsparker

Paul's Security Weekly
Latest Web Vulnerability Trends & Best Practices - Patrick Vandenberg - ASW #245

Paul's Security Weekly

Play Episode Listen Later Jun 28, 2023 74:56


Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs. Segment Resources: - [AppSec Indicator Spring 2023 edition | Invicti](https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand) This segment is sponsored by Invicti. Visit [securityweekly.com/invicti](https://securityweekly.com/invicti) to learn more about them!  In the news, two XSS vulns via postMessage methods in Azure, how to choose (and move on from) a web research topic, OpenSSF finances a security developer-in-residence for Python, more infosec myths, free cybersecurity training resources. Visit [securityweekly.com/asw](https://securityweekly.com/asw) for all the latest episodes! Follow us on Twitter: [@SecWeekly](https://www.twitter.com/secweekly) Like us on Facebook: [facebook.com/secweekly](https://www.facebook.com/secweekly) Visit https://securityweekly.com/asw for all the latest episodes!  Show Notes: https://securityweekly.com/asw-245

Application Security Weekly (Audio)
Latest Web Vulnerability Trends & Best Practices - Patrick Vandenberg - ASW #245

Application Security Weekly (Audio)

Play Episode Listen Later Jun 28, 2023 74:56


Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs. Segment Resources: - [AppSec Indicator Spring 2023 edition | Invicti](https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand) This segment is sponsored by Invicti. Visit [securityweekly.com/invicti](https://securityweekly.com/invicti) to learn more about them!  In the news, two XSS vulns via postMessage methods in Azure, how to choose (and move on from) a web research topic, OpenSSF finances a security developer-in-residence for Python, more infosec myths, free cybersecurity training resources. Visit [securityweekly.com/asw](https://securityweekly.com/asw) for all the latest episodes! Follow us on Twitter: [@SecWeekly](https://www.twitter.com/secweekly) Like us on Facebook: [facebook.com/secweekly](https://www.facebook.com/secweekly) Visit https://securityweekly.com/asw for all the latest episodes!  Show Notes: https://securityweekly.com/asw-245

Paul's Security Weekly TV
Invicti AppSec Indicator: Latest Web Vulnerability Trends & Best Practices - Patrick Vandenberg - ASW #245

Paul's Security Weekly TV

Play Episode Listen Later Jun 27, 2023 37:15


Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs.   Segment Resources: AppSec Indicator Spring 2023 edition: https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand)   This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them!   Visit https://www.securityweekly.com/asw for all the latest episodes!    Show Notes: https://securityweekly.com/asw-245 

Application Security Weekly (Video)
Invicti AppSec Indicator: Latest Web Vulnerability Trends & Best Practices - Patrick Vandenberg - ASW #245

Application Security Weekly (Video)

Play Episode Listen Later Jun 27, 2023 37:15


Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs.   Segment Resources: AppSec Indicator Spring 2023 edition: https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand)   This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them!   Visit https://www.securityweekly.com/asw for all the latest episodes!    Show Notes: https://securityweekly.com/asw-245 

Helping You Tech
Hacking with Linux

Helping You Tech

Play Episode Listen Later Mar 18, 2023 13:30


Some of the most famous hacking tools in the market are Nmap (Network Mapper), Nessus, Nikto, Kismet, NetStumbler, Acunetix, Netsparker, and Intruder, Nmap, Metasploit, Aircrack-Ng, etc.

Paul's Security Weekly (Podcast-Only)
Bud's Budtender - PSW #720

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later Dec 3, 2021 211:49


This week, we kick off the show with an interview featuring Shailesh Athalye, Senior Vice President of Product Management at Qualys joins to discuss why Cybersecurity is an Unfair Game! Then, we jump straight into the Security News for this week: Stop hiding your secrets in plain sight, Detecting Wildcard DNS Abuse, $5 setup that hacks biometrics, Managing passwords with pen and paper, Windows 10 Zero Days, & why The Matrix (might be) the best hacker movie!! Finally, we close out the show with a special pre-recorded interview featuring Sven Morgenroth, Security Researcher at Netsparker, where we discussed Auth Vulnerabilities!   Show Notes: https://securityweekly.com/psw720 Segment Resources: Visit https://securityweekly.com/invicti https://www.qualys.com/cloud-platform/ Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly
Bud's Budtender - PSW #720

Paul's Security Weekly

Play Episode Listen Later Dec 3, 2021 211:49


This week, we kick off the show with an interview featuring Shailesh Athalye, Senior Vice President of Product Management at Qualys joins to discuss why Cybersecurity is an Unfair Game! Then, we jump straight into the Security News for this week: Stop hiding your secrets in plain sight, Detecting Wildcard DNS Abuse, $5 setup that hacks biometrics, Managing passwords with pen and paper, Windows 10 Zero Days, & why The Matrix (might be) the best hacker movie!! Finally, we close out the show with a special pre-recorded interview featuring Sven Morgenroth, Security Researcher at Netsparker, where we discussed Auth Vulnerabilities!   Show Notes: https://securityweekly.com/psw720 Segment Resources: Visit https://securityweekly.com/invicti https://www.qualys.com/cloud-platform/ Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly TV
Why DAST - from Project Management Perspective - Suha Akyuz - ESW #233

Paul's Security Weekly TV

Play Episode Listen Later Jul 1, 2021 30:53


More than 96% of software development projects fail across the globe because too many businesses rely on the legacy DevOps process which allows us to run security testing right before going to production. Using the legacy DevOps can lead to a downfall of the project management triangle (Budget, Scope, and Time). However, with more efficient use of dynamic application security testing tools (DAST) in every single stage/sprint, the legacy DevOps can be transformed into DevSecOps, in turn preventing our projects from failing.   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw233

Enterprise Security Weekly (Video)
Why DAST - from Project Management Perspective - Suha Akyuz - ESW #233

Enterprise Security Weekly (Video)

Play Episode Listen Later Jun 30, 2021 30:53


More than 96% of software development projects fail across the globe because too many businesses rely on the legacy DevOps process which allows us to run security testing right before going to production. Using the legacy DevOps can lead to a downfall of the project management triangle (Budget, Scope, and Time). However, with more efficient use of dynamic application security testing tools (DAST) in every single stage/sprint, the legacy DevOps can be transformed into DevSecOps, in turn preventing our projects from failing.   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw233

Paul's Security Weekly (Video-Only)
Web Cache Poisoning - Timur Guvenkaya - PSW #699

Paul's Security Weekly (Video-Only)

Play Episode Listen Later Jun 21, 2021 66:22


This presentation will cover how incorrect implementation of caching mechanism within web application might lead to the Web Cache Poisoning vulnerability that can potentially affect all the users using the web application. Segment Resources: www.netsparker.com   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw699

Paul's Security Weekly TV
Web Cache Poisoning - Timur Guvenkaya - PSW #699

Paul's Security Weekly TV

Play Episode Listen Later Jun 21, 2021 66:22


This presentation will cover how incorrect implementation of caching mechanism within web application might lead to the Web Cache Poisoning vulnerability that can potentially affect all the users using the web application. Segment Resources: www.netsparker.com   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw699

Paul's Security Weekly TV
BTS of the Cyber Fight and Building a Resilient Web App Security Program - ESW #230

Paul's Security Weekly TV

Play Episode Listen Later Jun 11, 2021 40:04


“Behind the scenes of the cyber fight” – talking about the good on the defender side, taking down cyber criminal supply chains, partnerships, taking down ransomware gangs. This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them!   Prior to building a web security program, you have to have a plan. How does one create that plan? In this segment, Kevin will focus on some concrete steps to help you create an AppSec plan using a simple framework. This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw230

Enterprise Security Weekly (Audio)
Multiple Soups - ESW #230

Enterprise Security Weekly (Audio)

Play Episode Listen Later Jun 10, 2021 108:05


This week, in our first segment, we welcome Stephen Newman Vice President of Product Marketing, at Gigamon ThreatINSIGHT, to discuss " Redefining SaaS Security so SOC/IR Teams Aren't in the Dark, Distracted, or Alone "! In the enterprise news, Proofpoint unveils people-centric innovations across its three platforms, Citrix Secure Internet Access Simplifies Hybrid Workforce Challenges, CyberArk : Advances Industry-Leading Identity Security Platform, AI-powered cybersecurity provider ExtraHop to be acquired for $900M, New Israeli Unicorn Exabeam Hits $2.4 Billion Valuation, Microsoft acquires ReFirm Labs to boost its IoT security offerings, and more! In our final segment, we have two prerecorded RSAC 2021 interviews airing back-to-back featuring Kevin Gallagher, Chief Revenue Officer at Netsparker, and then Michael Daniel, the President & CEO of Cyber Threat Alliance!   Show Notes: https://securityweekly.com/esw230 Segment Resources: https://www.gigamon.com/content/dam/resource-library/english/solution-brief/sb-gigamon-threatinsight.pdf Visit https://securityweekly.com/fortinet to learn more about them! Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/gigamon to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Enterprise Security Weekly (Video)
BTS of the Cyber Fight and Building a Resilient Web App Security Program - ESW #230

Enterprise Security Weekly (Video)

Play Episode Listen Later Jun 10, 2021 40:04


“Behind the scenes of the cyber fight” – talking about the good on the defender side, taking down cyber criminal supply chains, partnerships, taking down ransomware gangs. This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them!   Prior to building a web security program, you have to have a plan. How does one create that plan? In this segment, Kevin will focus on some concrete steps to help you create an AppSec plan using a simple framework. This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw230

Paul's Security Weekly
Multiple Soups - ESW #230

Paul's Security Weekly

Play Episode Listen Later Jun 10, 2021 108:05


This week, in our first segment, we welcome Stephen Newman Vice President of Product Marketing, at Gigamon ThreatINSIGHT, to discuss " Redefining SaaS Security so SOC/IR Teams Aren't in the Dark, Distracted, or Alone "! In the enterprise news, Proofpoint unveils people-centric innovations across its three platforms, Citrix Secure Internet Access Simplifies Hybrid Workforce Challenges, CyberArk : Advances Industry-Leading Identity Security Platform, AI-powered cybersecurity provider ExtraHop to be acquired for $900M, New Israeli Unicorn Exabeam Hits $2.4 Billion Valuation, Microsoft acquires ReFirm Labs to boost its IoT security offerings, and more! In our final segment, we have two prerecorded RSAC 2021 interviews airing back-to-back featuring Kevin Gallagher, Chief Revenue Officer at Netsparker, and then Michael Daniel, the President & CEO of Cyber Threat Alliance!   Show Notes: https://securityweekly.com/esw230 Segment Resources: https://www.gigamon.com/content/dam/resource-library/english/solution-brief/sb-gigamon-threatinsight.pdf Visit https://securityweekly.com/fortinet to learn more about them! Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/gigamon to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly TV
The Lost Year: The Impact of the Pandemic on Web App Security - Ryan Bergquist - BSW #216

Paul's Security Weekly TV

Play Episode Listen Later May 11, 2021 27:41


The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities, as shown in the latest Acunetix by Invicti Web Application Vulnerability Report. In this segment, Ryan will discuss the main results, the trends that might have caused them, and advise how you can protect your organization against vulnerabillties that can negatively impact your business. Segment Resources: The Invicti AppSec Indicator, Spring 2021 Edition: Acunetix Web Vulnerability Report https://www.acunetix.com/white-papers/acunetix-web-application-vulnerability-report-2021/ This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw216

Business Security Weekly (Video)
The Lost Year: The Impact of the Pandemic on Web App Security - Ryan Bergquist - BSW #216

Business Security Weekly (Video)

Play Episode Listen Later May 10, 2021 27:41


The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities, as shown in the latest Acunetix by Invicti Web Application Vulnerability Report. In this segment, Ryan will discuss the main results, the trends that might have caused them, and advise how you can protect your organization against vulnerabillties that can negatively impact your business. Segment Resources: The Invicti AppSec Indicator, Spring 2021 Edition: Acunetix Web Vulnerability Report https://www.acunetix.com/white-papers/acunetix-web-application-vulnerability-report-2021/   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw216

Paul's Security Weekly TV
Open Redirects - An Underestimated Vulnerability - PSW #688

Paul's Security Weekly TV

Play Episode Listen Later Mar 28, 2021 43:17


Learn what redirects are, the different types, how they work and how they are exploited by attackers. Oh, also learn how to defend against redirect attacks! Sven's Slide Deck - Open Redirects: https://securityweekly.com/wp-content/uploads/2021/03/Netsparker-Sven-Morgenroth-3-25-21-Open-Redirect.pdf   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw688

Paul's Security Weekly (Video-Only)
Open Redirects - An Underestimated Vulnerability - PSW #688

Paul's Security Weekly (Video-Only)

Play Episode Listen Later Mar 27, 2021 43:17


Learn what redirects are, the different types, how they work and how they are exploited by attackers. Oh, also learn how to defend against redirect attacks! Sven's Slide Deck - Open Redirects: https://securityweekly.com/wp-content/uploads/2021/03/Netsparker-Sven-Morgenroth-3-25-21-Open-Redirect.pdf   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw688

Paul's Security Weekly
You Want More Budweiser? - PSW #688

Paul's Security Weekly

Play Episode Listen Later Mar 26, 2021 198:31


This week, Mehul Revankar VP Product Management and Engineering at Qualys discusses How to Tame Your Vulnerability Overload. Sven Morgenroth, Security Researcher at Netsparker talks about the dangers of Open Redirects! In the Security News Doom exploit wins an award, a puzzle honors Alan Turing, anyone can create a deepfake, Jabber bugs, unquoted service paths, Nim malware, Deadly sins of secure coding, & are we living in the toughest time of Cybersecurity?   Show Notes: https://securityweekly.com/psw688 Sven's Slide Deck - Open Redirects: https://securityweekly.com/wp-content/uploads/2021/03/Netsparker-Sven-Morgenroth-3-25-21-Open-Redirect.pdf Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Register to attend Joff Thyer's upcoming Wild West Hacking Fest course "Enterprise Attacker Emulation and C2 Implant Development": http://bit.ly/JoffsC2Class Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly (Podcast-Only)
You Want More Budweiser? - PSW #688

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later Mar 26, 2021 198:31


This week, Mehul Revankar VP Product Management and Engineering at Qualys discusses How to Tame Your Vulnerability Overload. Sven Morgenroth, Security Researcher at Netsparker talks about the dangers of Open Redirects! In the Security News Doom exploit wins an award, a puzzle honors Alan Turing, anyone can create a deepfake, Jabber bugs, unquoted service paths, Nim malware, Deadly sins of secure coding, & are we living in the toughest time of Cybersecurity?   Show Notes: https://securityweekly.com/psw688 Sven's Slide Deck - Open Redirects: https://securityweekly.com/wp-content/uploads/2021/03/Netsparker-Sven-Morgenroth-3-25-21-Open-Redirect.pdf Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/qualys to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Register to attend Joff Thyer's upcoming Wild West Hacking Fest course "Enterprise Attacker Emulation and C2 Implant Development": http://bit.ly/JoffsC2Class Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly TV
The Road To Secure Your Organization - Ferruh Mavituna - ESW #209

Paul's Security Weekly TV

Play Episode Listen Later Dec 4, 2020 34:29


Before you go picking technologies, you have to have a plan. How does one create that plan? Ferruh will focus on some concrete steps to create an AppSec plan using Netsparker's simple framework.   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw209

Enterprise Security Weekly (Video)
The Road To Secure Your Organization - Ferruh Mavituna - ESW #209

Enterprise Security Weekly (Video)

Play Episode Listen Later Dec 3, 2020 34:29


Before you go picking technologies, you have to have a plan. How does one create that plan? Ferruh will focus on some concrete steps to create an AppSec plan using Netsparker's simple framework.   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw209

Paul's Security Weekly TV
Abusing JWT (JSON Web Tokens) - Sven Morgenroth - PSW #673

Paul's Security Weekly TV

Play Episode Listen Later Nov 7, 2020 45:42


Learn how JWTs are implemented, both the correct way and the insecure way. Spoiler alert, most implement them insecurely. Sven will also show you some of the common attacks against JWTs, for use in your next penetration test, bug bounty, or conversation with your developers!   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw673

Paul's Security Weekly
We Don't Give A Font - PSW #673

Paul's Security Weekly

Play Episode Listen Later Nov 6, 2020 192:01


This week, we welcome back Sven Morgenroth, Security Researcher from Netsparker, to talk about Abusing JWT (JSON Web Tokens)! Dan DeCloss, CEO & President of Plextrac joins us in the following segment to show us how to use Proactive Security Using Runbooks! In the Security News, Deception Technology: No Longer Only A Fortune 2000 Solution, New Chrome Zero-Day Under Active Attacks Update Your Browser, Pornhub Has Been Blocked In Thailand, 3 actively exploited zero days on iOS, and Someone Just Emptied Out a $1 Billion Bitcoin Wallet!   Show Notes: https://wiki.securityweekly.com/psw673 Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/plextrac to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly (Podcast-Only)
We Don't Give A Font - PSW #673

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later Nov 6, 2020 192:01


This week, we welcome back Sven Morgenroth, Security Researcher from Netsparker, to talk about Abusing JWT (JSON Web Tokens)! Dan DeCloss, CEO & President of Plextrac joins us in the following segment to show us how to use Proactive Security Using Runbooks! In the Security News, Deception Technology: No Longer Only A Fortune 2000 Solution, New Chrome Zero-Day Under Active Attacks Update Your Browser, Pornhub Has Been Blocked In Thailand, 3 actively exploited zero days on iOS, and Someone Just Emptied Out a $1 Billion Bitcoin Wallet!   Show Notes: https://wiki.securityweekly.com/psw673 Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/plextrac to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly (Video-Only)
Abusing JWT (JSON Web Tokens) - Sven Morgenroth - PSW #673

Paul's Security Weekly (Video-Only)

Play Episode Listen Later Nov 6, 2020 45:42


Learn how JWTs are implemented, both the correct way and the insecure way. Spoiler alert, most implement them insecurely. Sven will also show you some of the common attacks against JWTs, for use in your next penetration test, bug bounty, or conversation with your developers!   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw673

Paul's Security Weekly TV
Current Security Needs Of Modern Enterprise Companies - Ferruh Mavituna - ESW #199

Paul's Security Weekly TV

Play Episode Listen Later Sep 18, 2020 38:12


As organizations grow and get more mature, they are looking for ways to achieve more with less. Join this ESW segment to learn how mature organizations approach web application security at scale, how they achieve greater visibility, shift security left and how they save time for their team whilst building more effective web application security programs.   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw199

Enterprise Security Weekly (Audio)
Pointing Fingers - ESW #199

Enterprise Security Weekly (Audio)

Play Episode Listen Later Sep 17, 2020 91:18


This week, first we talk Enterprise News, discussing Acunetix new data retention policies, 5 things you should ask your web app pen test provider, Microsoft's open source tool for sniffing out Windows 10 bugs, Datadog unveils support for distributed tracing for AWS Step Functions via AWS X-Ray, and Gravwell's Data Fusion platform breaks the mold of legacy data ingestion engines! In our second segment, we welcome Ferruh Mavituna, CEO of Netsparker, to discuss Current Security Needs Of Modern Enterprise Companies! In our final segment, we welcome Jimmy Mesta, Director of Security Research at Signal Sciences, to discuss Securing Enterprise Digital Transformations!   Show Notes: https://securityweekly.com/esw199 Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/signalsciences to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Enterprise Security Weekly (Video)
Current Security Needs Of Modern Enterprise Companies - Ferruh Mavituna - ESW #199

Enterprise Security Weekly (Video)

Play Episode Listen Later Sep 17, 2020 38:12


As organizations grow and get more mature, they are looking for ways to achieve more with less. Join this ESW segment to learn how mature organizations approach web application security at scale, how they achieve greater visibility, shift security left and how they save time for their team whilst building more effective web application security programs.   This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw199

Paul's Security Weekly
Pointing Fingers - ESW #199

Paul's Security Weekly

Play Episode Listen Later Sep 17, 2020 91:18


This week, first we talk Enterprise News, discussing Acunetix new data retention policies, 5 things you should ask your web app pen test provider, Microsoft's open source tool for sniffing out Windows 10 bugs, Datadog unveils support for distributed tracing for AWS Step Functions via AWS X-Ray, and Gravwell's Data Fusion platform breaks the mold of legacy data ingestion engines! In our second segment, we welcome Ferruh Mavituna, CEO of Netsparker, to discuss Current Security Needs Of Modern Enterprise Companies! In our final segment, we welcome Jimmy Mesta, Director of Security Research at Signal Sciences, to discuss Securing Enterprise Digital Transformations!   Show Notes: https://securityweekly.com/esw199 Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/signalsciences to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly TV
SWVHSC Micro Interviews: Polarity & Netsparker - Ferruh Mavituna, Paul Battista - PSW #664

Paul's Security Weekly TV

Play Episode Listen Later Aug 29, 2020 34:10


Most analysts will tell you that they balance between being thorough and getting the job done quickly. Paul Battista asked the security community to weigh in on this debate. He’ll share what they thought and explain why it’s no longer necessary to choose between the two. This segment is sponsored by Polarity. Visit https://www.polarity.io/sw to learn more about them! Take the Polarity Challenge! Get your free community edition by visiting: www.polarity.io/sw   Dynamic application security testing (DAST) for web applications has come a long way, establishing a niche market with a variety of offerings. In this segment Ferruh will discuss the big differences in DAST solutions available and help you understand which one is a pure DAST that you could rely on the most in this day and age. This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to get a trial of the best dynamic application scanning solution on the market!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw664

Paul's Security Weekly (Podcast-Only)
Floppies Are Burning In The Driveway - PSW #664

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later Aug 29, 2020 183:59


This week, first we talk Security News! We'll be discussing how a Google Researcher Reported 3 Flaws in Apache Web Server Software, Medical Data Leaked on GitHub Due to Developer Errors, Experts hacked 28,000 unsecured printers to raise awareness of printer security issues, Tesla Is Cracking Down On Performance-Enhancing Hacks For The Model 3, Former Uber CSO Charged Over Alleged Breach Cover-Up, and Researchers Sound Alarm Over Malicious AWS Community AMIs! In our second segment, we air two pre recorded interviews from Security Weekly's Virtual Hacker Summer Camp, with Ferruh Mavituna, CEO of Netsparker, and Paul Battista, CEO and Founder of Polarity! In our final segment, we air one more pre recorded interview with Roi Cohen, Co-Founder and VP of Sales at Vicarius, and Shani Dodge, C++ Developer at Vicarius, discussing Predicting Vulnerabilities in Compiled Code!   Show Notes: https://wiki.securityweekly.com/psw664 Visit https://securityweekly.com/vicarius to learn more about them! Take the Polarity Challenge! Get your free community edition by visiting: www.polarity.io/sw Visit https://securityweekly.com/netsparker to get a trial of the best dynamic application scanning solution on the market!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly
Floppies Are Burning In The Driveway - PSW #664

Paul's Security Weekly

Play Episode Listen Later Aug 29, 2020 183:59


This week, first we talk Security News! We'll be discussing how a Google Researcher Reported 3 Flaws in Apache Web Server Software, Medical Data Leaked on GitHub Due to Developer Errors, Experts hacked 28,000 unsecured printers to raise awareness of printer security issues, Tesla Is Cracking Down On Performance-Enhancing Hacks For The Model 3, Former Uber CSO Charged Over Alleged Breach Cover-Up, and Researchers Sound Alarm Over Malicious AWS Community AMIs! In our second segment, we air two pre recorded interviews from Security Weekly's Virtual Hacker Summer Camp, with Ferruh Mavituna, CEO of Netsparker, and Paul Battista, CEO and Founder of Polarity! In our final segment, we air one more pre recorded interview with Roi Cohen, Co-Founder and VP of Sales at Vicarius, and Shani Dodge, C++ Developer at Vicarius, discussing Predicting Vulnerabilities in Compiled Code!   Show Notes: https://wiki.securityweekly.com/psw664 Visit https://securityweekly.com/vicarius to learn more about them! Take the Polarity Challenge! Get your free community edition by visiting: www.polarity.io/sw Visit https://securityweekly.com/netsparker to get a trial of the best dynamic application scanning solution on the market!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly (Video-Only)
SWVHSC Micro Interviews: Polarity & Netsparker - Ferruh Mavituna, Paul Battista - PSW #664

Paul's Security Weekly (Video-Only)

Play Episode Listen Later Aug 28, 2020 34:10


Most analysts will tell you that they balance between being thorough and getting the job done quickly. Paul Battista asked the security community to weigh in on this debate. He’ll share what they thought and explain why it’s no longer necessary to choose between the two. This segment is sponsored by Polarity. Visit https://www.polarity.io/sw to learn more about them! Take the Polarity Challenge! Get your free community edition by visiting: www.polarity.io/sw   Dynamic application security testing (DAST) for web applications has come a long way, establishing a niche market with a variety of offerings. In this segment Ferruh will discuss the big differences in DAST solutions available and help you understand which one is a pure DAST that you could rely on the most in this day and age. This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to get a trial of the best dynamic application scanning solution on the market!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw664

Paraşüt'le Üretim Bandı
Teknik: Netsparker nasıl yazılım geliştiriyor?

Paraşüt'le Üretim Bandı

Play Episode Listen Later Aug 4, 2020 73:44


KONUK* Doğan Aydos - https://www.linkedin.com/in/doganaydos/LİNKLER* Netsparker’daki Açık Pozisyonlar - https://www.netsparker.com/jobs/NELER KONUŞTUK?* Doğan ve Netsparker neler yapar?* Web Application Security Scanner nedir?* Dast ve Sast nedir, farkları nelerdir?* Kullanılan teknolojiler ve programla dilleri* Neden C# tercih ediyorlar?* Desktop ve enterprise uygulamaları neler yapıyor?* Takım yapıları ve görevleri* Bir güvenlik açığı nasıl bulunuyor ve tanımlanıyor?* Teknik dokümanların hazırlanması ve önemi* Geliştiricilerin güvenlik bilgisi ne kadar olmalı?* Araştırma ekibi neler yapıyor?* Teknik karaların alınma şekilleri* Farklı senaryoları nasıl kapsıyorlar, testler nasıl yapılıyor?* Güvenlik taramaları uygulamalar üzerinde ne zaman ve nasıl yapılıyor?* Ne tip testler yapıyorlar ve yazıyorlar?* Code review nası yapılıyor?* Teknik destek konusunu nasıl yapılıyor?* Hatalı bir rapor durumunda neler yapıyorlar?* Maintenance yapım şekilleri ve bug düzeltme yöntemleri* ARGE’nin Türkiye'de olmasının nedeni?* Bir güvenlik uzmanı ne gibi yeteneklere sahip olmalı?* Fazla mesai durumu ve yaklaşımları* Uzaktan çalışmanın dinamikleri* Pandemide neler yaptılar?* Açık kaynağa yaklaşımları* Geliştirici motivasyonu yüksek tutmak için yapılanlar* Internal training katalog nedir? Nasıl hazırlıyorlar?* İşe alım süreçleri

Paraşüt'le Üretim Bandı
Teknik: Netsparker nasıl yazılım geliştiriyor?

Paraşüt'le Üretim Bandı

Play Episode Listen Later Aug 4, 2020 73:44


KONUK* Doğan Aydos - https://www.linkedin.com/in/doganaydos/LİNKLER* Netsparker’daki Açık Pozisyonlar - https://www.netsparker.com/jobs/NELER KONUŞTUK?* Doğan ve Netsparker neler yapar?* Web Application Security Scanner nedir?* Dast ve Sast nedir, farkları nelerdir?* Kullanılan teknolojiler ve programla dilleri* Neden C# tercih ediyorlar?* Desktop ve enterprise uygulamaları neler yapıyor?* Takım yapıları ve görevleri* Bir güvenlik açığı nasıl bulunuyor ve tanımlanıyor?* Teknik dokümanların hazırlanması ve önemi* Geliştiricilerin güvenlik bilgisi ne kadar olmalı?* Araştırma ekibi neler yapıyor?* Teknik karaların alınma şekilleri* Farklı senaryoları nasıl kapsıyorlar, testler nasıl yapılıyor?* Güvenlik taramaları uygulamalar üzerinde ne zaman ve nasıl yapılıyor?* Ne tip testler yapıyorlar ve yazıyorlar?* Code review nası yapılıyor?* Teknik destek konusunu nasıl yapılıyor?* Hatalı bir rapor durumunda neler yapıyorlar?* Maintenance yapım şekilleri ve bug düzeltme yöntemleri* ARGE’nin Türkiye'de olmasının nedeni?* Bir güvenlik uzmanı ne gibi yeteneklere sahip olmalı?* Fazla mesai durumu ve yaklaşımları* Uzaktan çalışmanın dinamikleri* Pandemide neler yaptılar?* Açık kaynağa yaklaşımları* Geliştirici motivasyonu yüksek tutmak için yapılanlar* Internal training katalog nedir? Nasıl hazırlıyorlar?* İşe alım süreçleri

Paul's Security Weekly TV
Debunking DAST Myths & Short-Term Strategies to Fixing Vulnerablities - Ferruh Mavituna - ESW #188

Paul's Security Weekly TV

Play Episode Listen Later Jun 19, 2020 31:25


Paul, Matt, and Ferruh discuss the differences between DAST and other approaches such as SAST and IAST! They will debunk some common DAST myths and then follow-up on their last conversation and discuss Short-Term Vulnerability Management Tools!   To learn more about Netsparker, visit https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode188

Enterprise Security Weekly (Video)
Debunking DAST Myths & Short-Term Strategies to Fixing Vulnerablities - Ferruh Mavituna - ESW #188

Enterprise Security Weekly (Video)

Play Episode Listen Later Jun 18, 2020 31:25


Paul, Matt, and Ferruh discuss the differences between DAST and other approaches such as SAST and IAST! They will debunk some common DAST myths and then follow-up on their last conversation and discuss Short-Term Vulnerability Management Tools!   To learn more about Netsparker, visit https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode188

Enterprise Security Weekly (Audio)
Raiding the Humidor - ESW #188

Enterprise Security Weekly (Audio)

Play Episode Listen Later Jun 18, 2020 98:48


This week, we talk Enterprise News, to talk about how BeyondTrust Announces Integration with the SailPoint Predictive Identity Platform, Check Point Launches CloudGuard Cloud Native Security, CyberArk Alero enhancements provide secure privileged access for remote users, Digital Shadows announces new capabilities to identify and remediate unwanted code exposure, and more! In our second segment, we welcome back Ferruh Mavituna, CEO of Netsparker, to talk about Debunking DAST Myths and Short-Term Strategies To Fixing Vulnerabilities! In our final segment, we welcome Jason Fruge, Vice President, Business Application Cybersecurity at Onapsis, to talk about Emerging Security Threats to Your Digital Supply Chain!   Show Notes: https://wiki.securityweekly.com/ESWEpisode188 To learn more about Netsparker, visit: https://securityweekly.com/netsparker To request a complimentary assessment, visit https://securityweekly.com/onapsis   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly
Raiding the Humidor - ESW #188

Paul's Security Weekly

Play Episode Listen Later Jun 18, 2020 98:48


This week, we talk Enterprise News, to talk about how BeyondTrust Announces Integration with the SailPoint Predictive Identity Platform, Check Point Launches CloudGuard Cloud Native Security, CyberArk Alero enhancements provide secure privileged access for remote users, Digital Shadows announces new capabilities to identify and remediate unwanted code exposure, and more! In our second segment, we welcome back Ferruh Mavituna, CEO of Netsparker, to talk about Debunking DAST Myths and Short-Term Strategies To Fixing Vulnerabilities! In our final segment, we welcome Jason Fruge, Vice President, Business Application Cybersecurity at Onapsis, to talk about Emerging Security Threats to Your Digital Supply Chain!   Show Notes: https://wiki.securityweekly.com/ESWEpisode188 To learn more about Netsparker, visit: https://securityweekly.com/netsparker To request a complimentary assessment, visit https://securityweekly.com/onapsis   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly TV
HTTP Security Headers In Action - Sven Morgenroth - PSW #652

Paul's Security Weekly TV

Play Episode Listen Later May 23, 2020 62:19


HTTP security headers are an easy and effective way to harden your application against all kinds of client side attacks. We'll discuss which security headers there are, what functions they have and how to use them properly.   To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode652

Paul's Security Weekly (Video-Only)
HTTP Security Headers In Action - Sven Morgenroth - PSW #652

Paul's Security Weekly (Video-Only)

Play Episode Listen Later May 23, 2020 62:19


HTTP security headers are an easy and effective way to harden your application against all kinds of client side attacks. We'll discuss which security headers there are, what functions they have and how to use them properly.   To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode652

Paul's Security Weekly
Heavily Loaded - PSW #652

Paul's Security Weekly

Play Episode Listen Later May 22, 2020 200:58


This week, we welcome Jason Nickola, COO and Senior Security Consultant at Pulsar Security, to talk about Building An InfoSec Career! In our second segment, we welcome back Sven Morgenroth, Security Researcher at Nesparker, to talk about HTTP Security Headers In Action! In the Security News, Hackers target the air-gapped networks of the Taiwanese and Philippine military, Stored XSS in WP Product Review Lite plugin allows for automated takeovers, Remote Code Execution Vulnerability Patched in VMware Cloud Director, Shodan scan of new preauth RCE shows 450k devices at risk including all QNAP devices, and The 3 Top Cybersecurity Myths & What You Should Know!   Show Notes: https://wiki.securityweekly.com/PSWEpisode652 To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly (Podcast-Only)
Heavily Loaded - PSW #652

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later May 22, 2020 200:58


This week, we welcome Jason Nickola, COO and Senior Security Consultant at Pulsar Security, to talk about Building An InfoSec Career! In our second segment, we welcome back Sven Morgenroth, Security Researcher at Nesparker, to talk about HTTP Security Headers In Action! In the Security News, Hackers target the air-gapped networks of the Taiwanese and Philippine military, Stored XSS in WP Product Review Lite plugin allows for automated takeovers, Remote Code Execution Vulnerability Patched in VMware Cloud Director, Shodan scan of new preauth RCE shows 450k devices at risk including all QNAP devices, and The 3 Top Cybersecurity Myths & What You Should Know!   Show Notes: https://wiki.securityweekly.com/PSWEpisode652 To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Live2Test
Mert Hekimci ve Barış Sarıalioğlu ile Uzaktan Çalışmanın IT Sektörüne Etkileri

Live2Test

Play Episode Listen Later Apr 17, 2020 46:05


Live2Test podcast'in ilk bölümünde konuklarımız TesterYou firması kurucu ortağı Barış Sarıalioğlu ile web güvenliği konusunda hizmet veren Invicti ve Netsparker firmalarında VP of Engineering olarak görev yapan Mert Hekimci. İlk bölümümüzün moderatörlüğünü TesterYou test takım lideri Ahmed Yılmaz gerçekleştirdi.

QaCast
S1E13 - Onur Yılmaz

QaCast

Play Episode Listen Later Apr 14, 2020 80:54


1.15 - Onur yılmaz kimdir? 3.44 - Bir çalışma günün nasıl geçiyor? 05.20 - Netsparker maceran nasıl başladı? 10.03 - Yazılım kalitesi dediğimizde ne anlamalıyız? 12.00 - Yazılım firmalarının teste ve güvenliğe bakış açısı. 14.00 - QA developer oranı. 15.51 - Manuel & otomasyon ayrımı test dünyasında doğru mu? Bir qa hem manuel hem otomasyon yapabilmeli mi? 23.07 - Bir qa kaliteyi arttıracak nasıl hamleler yapabilir? 25.15 - Bir developer, qa rolünü üstlenebilir mi? 26.28 - Bug reporting 32.00 - Bir qa işe almak istersen nelere dikkat edersin? 37.45 - Bir qa güvenlik zaafiyetleri konusunda ne kadar bilgi sahibi olmalı? 39.46 - Owasp - zap 42.06 - İyi bir fikir nasıl anlaşılır? 47.47 - Motivasyonu ayakta tutmak için ne yapıyorsun? 49.50 - Uzaktan çalışmanın yazılım geliştirmeye etkisi. 52.51 - Şirketler neden uzaktan çalışmaya karşı? 55.52 - Kırılma noktam dediğin bir an var mı? 56.25 - Sertifikanın sektördeki yeri ve önemi nedir? 59.02 - Kaliteden ödün vermek 01.01.18 - Bilgiye ulaşmak kolaylaştıkça değersizleşti mi? 01.04.11 - Verimli çalışma zamanı iyi kullanma. 01.08.29 - Uzaktan çalışmak hep toz pembe mi? Performans nasıl ölçülüyor? 01.12.58 - Takım lideri veya yönetici adaylarına tavsiyeler. 01.19.25 - Radarımıza alıp incelememizi tavsiye edeceğin yöntem, dil, kitap var mıdır?

Paul's Security Weekly TV
Time to Measure Security Improvement in AppSec - Ferruh Mavituna - ESW #178

Paul's Security Weekly TV

Play Episode Listen Later Apr 10, 2020 33:20


What are the practical ways to get that time to value in app security? How can we utilize devs in the process without creating massive SAST integration projects and training them on false positives and complex challenges. So just fitting into their daily process, and only sending them actionable and real findings.   To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode178

Enterprise Security Weekly (Video)
Time to Measure Security Improvement in AppSec - Ferruh Mavituna - ESW #178

Enterprise Security Weekly (Video)

Play Episode Listen Later Apr 9, 2020 33:20


What are the practical ways to get that time to value in app security? How can we utilize devs in the process without creating massive SAST integration projects and training them on false positives and complex challenges. So just fitting into their daily process, and only sending them actionable and real findings.   To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode178

Paul's Security Weekly
Down That Road - ESW #178

Paul's Security Weekly

Play Episode Listen Later Apr 9, 2020 79:37


This week, we talk Enterprise News, to discuss how Ping Identity's PingID multi-factor authentication is now available in AWS Marketplace, 8,000 Unprotected Redis Instances Accessible From Internet, Tufin Announces Free Firewall Change Tracker to Enhance Network Security and Connectivity for Remote Workforces, Simple Advanced Persistent Threat Emulation with BreakingPoint Attack Campaigns from Ixia, and more! In our second segment, we welcome back Ferruh Mavituna, CEO and Founder of Netsparker, to talk about the Time to Measure Security Improvement in Application Security! In our final segment, we air a pre recorded interview from RSAC 2020 with Ed Bellis, Co-Founder and Chief Technology Officer at Kenna Security, discussing Moving Towards Modern Vulnerability Management!   To learn more about Netsparker, visit: https://securityweekly.com/netsparker Show Notes: https://wiki.securityweekly.com/ESWEpisode178   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly