117 episodes

Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application Security space - as well as enabling “Cyber Curious” developers to get involved in the Application Security process at their organizations. To a lesser extent, we hope to arm Security Managers and Executives with the knowledge to be conversational in the realm of DevOps - and to provide the right questions to ask their colleagues in development, along with the metrics to think critically about the answers they receive.

Application Security Weekly (Audio) Security Weekly

    • Technology
    • 4.9, 7 Ratings

Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application Security space - as well as enabling “Cyber Curious” developers to get involved in the Application Security process at their organizations. To a lesser extent, we hope to arm Security Managers and Executives with the knowledge to be conversational in the realm of DevOps - and to provide the right questions to ask their colleagues in development, along with the metrics to think critically about the answers they receive.

    It Makes No Sense - ASW #116

    It Makes No Sense - ASW #116

    This week, we welcome John Matherly, Founder of Shodan, to talk about Fixing Vulnerabilities Effectively & Efficiently! In the Application Security News, TaskRouter JS SDK Security Incident, Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability, An EL1/EL3 coldboot vulnerability affecting 7 years of LG Android devices, Towards native security defenses for the web ecosystem, and more!
     
    Show Notes: https://wiki.securityweekly.com/asw116
    Visit https://www.securityweekly.com/asw for all the latest episodes!
     
    Follow us on Twitter: https://www.twitter.com/securityweekly
    Like us on Facebook: https://www.facebook.com/secweekly

    • 1 hr 7 min
    Back in the 90's - ASW #115

    Back in the 90's - ASW #115

    This week, we welcome Kris Rajana, President and CTO at Biarca, and Bhasker Nallapothula, Director of Engineering at Biarca, to talk about Cloud Security Posture Management & Governance! In the Application Security News, SIGRed Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers, Introducing Google Cloud Confidential Computing with Confidential VMs, Internet of Things devices: Stick to these security rules or you could face a ban, Google Cloud Unveils 'Confidential VMs' to Protect Data in Use, and more!
     
    Show Notes: https://wiki.securityweekly.com/asw115
    Visit https://www.securityweekly.com/asw for all the latest episodes!
     
    Follow us on Twitter: https://www.twitter.com/securityweekly
    Like us on Facebook: https://www.facebook.com/secweekly

    • 1 hr 16 min
    Absolutely Useless - ASW #114

    Absolutely Useless - ASW #114

    This week, we welcome Judy Ngure, Cybersecurity Engineer at Africastalking, to talk about DevSecOps! In the Application Security News, Microsoft OneDrive client for Windows Qt QML module hijack, Zero-day flaw found in Zoom for Windows 7, Protecting your remote workforce from application-based attacks like consent phishing, Verizon Media, PayPal, Twitter Top Bug-Bounty Rankings, Mozilla suspends Firefox Send service while it addresses malware abuse, and Stop Talking About Technical Debt!
     
    Show Notes: https://wiki.securityweekly.com/ASWEpisode114
    Visit https://www.securityweekly.com/asw for all the latest episodes!
     
    Follow us on Twitter: https://www.twitter.com/securityweekly
    Like us on Facebook: https://www.facebook.com/secweekly

    • 1 hr 5 min
    Crunchy Crunchy! - ASW #113

    Crunchy Crunchy! - ASW #113

    This week, we welcome Catherine Chambers and Will Hickie from Irdeto, to discuss Protecting Mobile Applications! In the Application Security News, Would you like some RCE with your Guacamole?, Attackers Will Target Critical PAN-OS Flaw, Security Experts Warn, Microsoft releases emergency security update to fix two bugs in Windows codecs, The Current State of Kubernetes Threat Modelling, and How To Build a Culture of Resilience Through Good Habits!
     
    Show Notes: https://wiki.securityweekly.com/ASWEpisode113
    To download the white paper, visit: https://securityweekly.com/irdeto
     
    Visit https://www.securityweekly.com/asw for all the latest episodes!
    Follow us on Twitter: https://www.twitter.com/securityweekly
    Like us on Facebook: https://www.facebook.com/secweekly

    • 1 hr 9 min
    Completely Forgotten - ASW #112

    Completely Forgotten - ASW #112

    This week, we welcome Cesar Rodriguez, Head of Developer Advocacy at Accurics, to talk about Using IaC to Establish And Analyze Secure Environments! In the Application Security News, DLL Hijacking at the Trend Micro Password Manager, Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms, The State of Open Source Security 2020, Microservices vs. Monoliths: Which is Right for Your Enterprise?, What Modern CI/CD Should Look Like, and Build trust through better privacy!
     
    Show Notes: https://wiki.securityweekly.com/ASWEpisode112
    To learn more about Accurics, visit: https://securityweekly.com/accurics
     
    Visit https://www.securityweekly.com/asw for all the latest episodes!
    Follow us on Twitter: https://www.twitter.com/securityweekly
    Like us on Facebook: https://www.facebook.com/secweekly
     

    • 1 hr 5 min
    The Boy Who Cried Wolf - ASW #111

    The Boy Who Cried Wolf - ASW #111

    This week, we welcome Michelle Dennedy, CEO of DrumWave, to discuss Data Mapping & Data Value Journey! In the Application Security News, CallStranger hits the horror trope where the call is coming from inside the house, SMBleedingGhost Writeup expands on prior SMB flaws that exposed kernel memory, Misconfigured Kubeflow workloads are a security risk, Verizon Data Breach Investigations Report, and more!
     
    Show Notes: https://wiki.securityweekly.com/ASWEpisode111
    Visit https://www.securityweekly.com/asw for all the latest episodes!
     
    Follow us on Twitter: https://www.twitter.com/securityweekly
    Like us on Facebook: https://www.facebook.com/secweekly

    • 1 hr 8 min

Customer Reviews

4.9 out of 5
7 Ratings

7 Ratings

Top Podcasts In Technology

Listeners Also Subscribed To