254 episodes

Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application Security space - as well as enabling “Cyber Curious” developers to get involved in the Application Security process at their organizations. To a lesser extent, we hope to arm Security Managers and Executives with the knowledge to be conversational in the realm of DevOps - and to provide the right questions to ask their colleagues in development, along with the metrics to think critically about the answers they receive.

Application Security Weekly (Video) Security Weekly

    • Tech News

Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application Security space - as well as enabling “Cyber Curious” developers to get involved in the Application Security process at their organizations. To a lesser extent, we hope to arm Security Managers and Executives with the knowledge to be conversational in the realm of DevOps - and to provide the right questions to ask their colleagues in development, along with the metrics to think critically about the answers they receive.

    • video
    Windows "Ping of Death", SonicWall VPN RCE , & MediaTek BootROM Glitch - ASW #126

    Windows "Ping of Death", SonicWall VPN RCE , & MediaTek BootROM Glitch - ASW #126

    Patch Your Windows - “Ping of Death” bug revealed, 800,000 SonicWall VPNs vulnerable to remote code execution bug, T2 Exploit Team Creates Cable That Hacks Mac, Zoom Rolling Out End-to-End Encryption, and 'BleedingTooth' Bluetooth flaw!
     
    Visit https://www.securityweekly.com/asw for all the latest episodes!
    Show Notes: https://wiki.securityweekly.com/asw126

    • 31 min
    • video
    The Future of Application Security Testing (AST) - Taylor McCaslin - ASW #126

    The Future of Application Security Testing (AST) - Taylor McCaslin - ASW #126

    Join Taylor McCaslin, Security Product Manager at GitLab to discuss current trends in the application security testing industry. We'll chat about where the industry is at today and discuss advances in the field and what the future might hold. We've seen an explosion of security offerings from traditional security testing vendors to general source code management platforms, we'll discuss current pain points and opportunities for developers, security experts, and executives navigating all these tools in their pursuit of building secure software. Topics will include SAST, data science, DevSecOps, "shift-left", and vulnerability management.
     
    This segment is sponsored by GitLab. Visit https://securityweekly.com/gitlab to learn more about them!
     
    Visit https://www.securityweekly.com/asw for all the latest episodes!
    Show Notes: https://wiki.securityweekly.com/asw126

    • 35 min
    • video
    Fortinet SIEM RCE, Facebook Bug Bounty, & Anti-Virus Vulnerabilities - ASW #125

    Fortinet SIEM RCE, Facebook Bug Bounty, & Anti-Virus Vulnerabilities - ASW #125

    Redefining Impossible: XSS without arbitrary JavaScript, API flaws in an "unconventional" smart device, Facebook Bug Bounty Announces "Hacker Plus", Anti-Virus Vulnerabilities, and Chrome Introduces Cache Partitioning!
     
    Visit https://www.securityweekly.com/asw for all the latest episodes!
    Show Notes: https://wiki.securityweekly.com/asw125

    • 30 min
    • video
    Application Security Best Practices - James Manico - ASW #125

    Application Security Best Practices - James Manico - ASW #125

    Managing passwords is a critical developer task. Developers tasked with building or augmenting legacy authentication systems have a daunting task when facing modern adversaries. This session will review some of the changes suggested in NIST SP800-63b the "Digital Identity Guideline on Authentication and Lifecycle Management regarding password policy".
     
    Visit https://www.securityweekly.com/asw for all the latest episodes!
    Show Notes: https://wiki.securityweekly.com/asw125

    • 40 min
    • video
    DOMOS 5.8 OS Command Injection, API Shield, & TRB245 Vulnerabilities - ASW #124

    DOMOS 5.8 OS Command Injection, API Shield, & TRB245 Vulnerabilities - ASW #124

    DOMOS 5.8 - OS Command Injection, 4G, 5G networks could be vulnerable to exploit due to ‘mishmash’ of old technologies, Google sets up research grant for finding bugs in browser JavaScript engines, Announcing the launch of the Android Partner Vulnerability Initiative, and more!
     
    Visit https://www.securityweekly.com/asw for all the latest episodes!
    Show Notes: https://wiki.securityweekly.com/asw124

    • 36 min
    • video
    Things Every Developer Should Know About Security - Chris Romeo - ASW #124

    Things Every Developer Should Know About Security - Chris Romeo - ASW #124

    Developers are at the center of properly securing applications. A large number of security issues bury developers. We must understand the things every developer must know about security in order to help them. We must practice developer empathy, walking a mile in their shoes.
     
    Visit https://www.securityweekly.com/asw for all the latest episodes!
    Show Notes: https://wiki.securityweekly.com/asw124

    • 35 min

Top Podcasts In Tech News

Listeners Also Subscribed To