Application Security Weekly (Video)
By Security Weekly
Listen to a podcast, please open Podcast Republic app. Available on Google Play Store and Apple App Store.
Image by Security Weekly
Category: Tech News
Open in Apple Podcasts
Open RSS feed
Open Website
Rate for this podcast
Subscribers: 10
Reviews: 0
Episodes: 571
Description
The Application Security Weekly podcast delivers interviews and news from the worlds of AppSec, DevOps, DevSecOps, and all the other ways people find and fix software flaws.
Join hosts Mike Shema, John Kinsella, and Akira Brand on a journey through modern security practices for apps, clouds, containers, and more.
| Episode | Date |
|---|---|
|
Arg Parsing in Rust, End of Life Hardware, CSRB & MS, Chrome’s V8 Sandbox - ASW #281
|
Apr 16, 2024 |
|
Demystifying Security Engineering Career Tracks - Karan Dwivedi - ASW #281
|
Apr 16, 2024 |
|
OWASP Breach, Types of Prompt Injection, Device-Bound Sessions, ASVS & APIs - ASW #280
|
Apr 09, 2024 |
|
Lessons That The XZ Utils Backdoor Spells Out - Farshad Abasi - ASW #280
|
Apr 09, 2024 |
|
Top 10's First Update, Metasploit's Second Update, PHP Prepares Statements, RSA & MS - ASW #279
|
Apr 02, 2024 |
|
Infosec Myths, Mistakes, and Misconceptions - Adrian Sanabria - ASW #279
|
Apr 02, 2024 |
|
Successful Security Needs a Streamlined UX - Benedek Gagyi - ASW #278
|
Mar 26, 2024 |
|
GoFetch Side Channel, OpenSSF & Security Education, Fuzzing vs. Formal Verification - ASW #278
|
Mar 25, 2024 |
|
Vulns in Smart Locks, FCC labels for IoT, ZAP's New Home - ASW #277
|
Mar 19, 2024 |
|
Figuring Out Where Appsec Fits When Starting a Cybersecurity Program - Tyler VonMoll - ASW #277
|
Mar 19, 2024 |
|
TeamCity Authn Bypass, ArtPrompt Attacks, Low Quality Vuln Reports, Secure by Design - ASW #276
|
Mar 12, 2024 |
|
More API Calls, More Problems: The State of API Security in 2024 - Lebin Cheng - ASW #276
|
Mar 12, 2024 |
|
SAML & Secrets, Serializing AI Models, OWASP ISTG, More Memory Safety - ASW #275
|
Mar 06, 2024 |
|
The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275
|
Mar 05, 2024 |
|
PrintListener, Post-Quantum Crypto in iMessage, Silent Sabotage, Rust Survey Results - ASW #274
|
Feb 27, 2024 |
|
Creating the Secure Pipeline Verification Standard - Farshad Abasi - ASW #274
|
Feb 27, 2024 |
|
Redefining Threat Modeling - Security Team Goes on Vacation - Jeevan Singh - ASW Vault
|
Feb 20, 2024 |
|
Creating Code Security Through Better Visibility - Christien Rioux - ASW #273
|
Feb 13, 2024 |
|
LLMs & Security Tools, Shim Vuln, AI Threat Models, Configuration as Code with Pkl - ASW #273
|
Feb 13, 2024 |
|
Sorting Out Glibc Vulns, Apple's Security Research Device, BoringSSL, Old C Vulns - ASW #272
|
Feb 06, 2024 |
|
Starting an OWASP Project (That's Not a List!) - Grant Ongers - ASW #272
|
Feb 06, 2024 |
|
Vulns & Secure Design, MiraclePtr Success, Abandoned Projects & Maven, Old "AI Chip" - ASW #271
|
Jan 30, 2024 |
|
Getting Your First Conference Presentation - Sarah Harvey - ASW #271
|
Jan 30, 2024 |
|
Security in Wrenches, Vulns in Atlassian and GitLab, 2023's Top Web Hacking Tricks - ASW #270
|
Jan 23, 2024 |
|
Dealing with the Burden of Bad Bots - Sandy Carielli - ASW #270
|
Jan 23, 2024 |
|
Communicating Technical Topics Without Being Boring - Eve Maler - ASW #269
|
Jan 16, 2024 |
|
23andMe Blames Users, Abusing Google's OAuth2, Rustls Performance, AI Goes OSINT - ASW #268
|
Jan 09, 2024 |
|
What's in Store for 2024? - ASW #268
|
Jan 09, 2024 |
|
HTTP RFCs Have Evolved, Breaking Into Cloud, Scaling AppSec at Netflix, & Confluence - Keith Hoodlet - ASW Vault
|
Jan 01, 2024 |
|
OWASP SAMM - Software Assurance Maturity Model - Sebastian Deleersnyder - ASW Vault
|
Dec 25, 2023 |
|
Nagios and Abandoned Projects, Hacking Trains (to Fix Them), OAuth Threats, 5Ghoul - ASW #267
|
Dec 19, 2023 |
|
Making Service Meshes Work for People - Idit Levine - ASW #267
|
Dec 19, 2023 |
|
Prompt Injection Scanners, Better AI Jailbreaks, Purple Llama, Linux Kernel Security - ASW #266
|
Dec 12, 2023 |
|
The ABCs of RFCs - Heather Flanagan - ASW #266
|
Dec 12, 2023 |
|
Extracting Data from ChatGPT, Vulns Around AI, Secure AI Guidance, LogoFAIL, BLUFFS - ASW #265
|
Dec 06, 2023 |
|
All the News -- Just Six Months Later - ASW #265
|
Dec 05, 2023 |
|
Randstorm, Nothing Chats, Platform Engineering, PyPI Security Audit - ASW #264
|
Nov 28, 2023 |
|
Starting with Appsec -- Is It More of a Position or a Process? - ASW #264
|
Nov 28, 2023 |
|
Platform Firmware Security - Maggie Jauregui - ASW Vault
|
Nov 20, 2023 |
|
Fuzzing Strategies, Responding to CISA's Open Source Security RFI, 35 Year Old Worm - ASW #263
|
Nov 14, 2023 |
|
How 2023 Changed Application Security and What’s to Come in 2024 - Karl Triebes - ASW #263
|
Nov 14, 2023 |
|
Citrix Bleed, Atlassian Authz Vuln, OpenJS & jQuery, Secure Future Initiative - ASW #262
|
Nov 07, 2023 |
|
Security from a Developer's Perspective - Josh Goldberg - ASW #262
|
Nov 07, 2023 |
|
Abusing OAuth, State of DevOps, Nightshade and AI, iLeakage, Sandboxing Apps - ASW #261
|
Oct 31, 2023 |
|
How Security Tools Must Evolve - Dan Kuykendall - ASW #261
|
Oct 31, 2023 |
|
Okta Breach, SolarWinds RCEs, CISOs and Boards, Crypto Business Logic, Secure Design - ASW #260
|
Oct 24, 2023 |
|
OAuth, WebAuthn, and the Impact of Design Choices - Dan Moore - ASW #260
|
Oct 24, 2023 |
|
HTTP/2 Rapid Reset, Curl's SOCKS5 Bug, Standardizing CycloneDX, AI Bug Bounty - ASW #259
|
Oct 17, 2023 |
|
OT Security - Huxley Barbee - ASW #259
|
Oct 17, 2023 |
|
Curl's Impending Patch, Glibc's Looney Tunables, ShellTorch, Another Top 10 List - ASW #258
|
Oct 10, 2023 |
|
Shifting Focus to Make DevSecOps Successful - Janet Worthington - Janet Worthington - ASW #258
|
Oct 10, 2023 |
|
A Deceptive Dependabot, Insecure JWT, CISA Wants HBOMs, OpenSSF's Critical Projects - ASW #257
|
Oct 03, 2023 |
|
Creating Presentations and Training That Engage an Audience - Lina Lau - ASW #257
|
Oct 03, 2023 |
|
Equifax's Breach, CISA's 1,000 Vulns, Rust's TLS Library, Complexity vs. Design - ASW #256
|
Sep 26, 2023 |
|
Supply Chain Security Security with Containers and CI/CD Systems - Kirsten Newcomer - ASW #256
|
Sep 26, 2023 |
|
Azure's Eight XSS Vulns, CNCF's Two Security Audits, CISA's OSS Roadmap, Repojacking - ASW #255
|
Sep 19, 2023 |
|
Stopping Business Logic Attacks: Why a WAF is no Longer Enough - Karl Triebes - ASW #255
|
Sep 19, 2023 |
|
Microsoft Dumps a Key, Grafana Logs a Key, URL Parsers Disagree, Old Bug in Ubuntu - ASW #254
|
Sep 12, 2023 |
|
Building a Scanner and a Community with Zed Attack Proxy - Simon Bennetts - ASW #254
|
Sep 12, 2023 |
|
Broadening What We Call AppSec - Christien Rioux - ASW Vault
|
Sep 05, 2023 |
|
Go Crypto in Practice, Excel Executes Python, Protecting Users, DARPA Distills - ASW #253
|
Aug 29, 2023 |
|
How Can Security Be Smart About Using AI? - Jeff Pollard - ASW #253
|
Aug 29, 2023 |
|
Discord.io Stops, Azure AD Pops, Zoom AI Drops, Model Confusion Attacks, Early XSS - ASW #252
|
Aug 22, 2023 |
|
Security in a Cloud Native World & Mobile App Attacks - Asaf Ashkenazi, Jason Rolleston - ASW #252
|
Aug 21, 2023 |
|
DARPA's AI Challenge, CISA Wants Secure Open Source, 5 Years of Vuln Research - ASW #251
|
Aug 15, 2023 |
|
Pointers and Perils for Presentations - Josh Goldberg - ASW #251
|
Aug 15, 2023 |
|
Zap's New Home, Clang & Security Tools, LLM Attacks, Rust Supply Chain - ASW #250
|
Aug 08, 2023 |
|
You've Got Appsec, But Do You Have ArchSec? - Merritt Baer - ASW #250
|
Aug 08, 2023 |
|
Zenbleed, Drop in Zero-Days, Security Testing Handbook, Public Speaking - ASW #249
|
Aug 01, 2023 |
|
Identity and Verifiable Credentials in Cars - Eve Maler - ASW #249
|
Aug 01, 2023 |
|
SSH-Agent RCE, CTFs & bug bounties, Satellite Security, Cyber Trust Mark, Bad.Build - ASW #248
|
Jul 25, 2023 |
|
Navigating the Complexities of Development to Create Secure APIs with Kristen Bell - Kristen Bell - ASW #248
|
Jul 25, 2023 |
|
Kubernetes and silentbob strike back, EV charger hacking, fake POCs - ASW #247
|
Jul 18, 2023 |
|
Securing Non-Election Election Systems, Modernizing AppSec Education - Brian Glas - ASW #247
|
Jul 18, 2023 |
|
Developer-Focused Security - Melinda Marks - ASW #246
|
Jul 11, 2023 |
|
Software Trust & Adversaries - Shannon Lietz - ASW #246
|
Jul 11, 2023 |
|
The Psychology of Training - Matias Madou - ASW Vault
|
Jul 05, 2023 |
|
XSS in Azure, Choosing Web Research Topics, Security Dev-in-Residence, More Myths - ASW #245
|
Jun 27, 2023 |
|
Invicti AppSec Indicator: Latest Web Vulnerability Trends & Best Practices - Patrick Vandenberg - ASW #245
|
Jun 27, 2023 |
|
Policy Momentum in Coordinated Vulnerability Disclosure - Amit Elazari - ASW Vault
|
Jun 20, 2023 |
|
Verizon DBIR, CVSS 4.0, Security at Scale, Big IAM Challenge - ASW #244
|
Jun 14, 2023 |
|
Eliminate Security Vulnerabilities with App Modernization and Identity Orchestration - Eric Olden - ASW #244
|
Jun 14, 2023 |
|
LLM Top 10, Simple Vulns, PyPI Requires 2FA, ThinkstScapes Quarterly, Fun w/ Learning - ASW #243
|
Jun 06, 2023 |
|
What's the Deal with API Security? - Sandy Carielli - ASW #243
|
Jun 06, 2023 |
|
Doing Application Security Right - Farshad Abasi - ASW Vault
|
May 30, 2023 |
|
New TLDs Zip By, eBPF Fuzzer, Microsoft Rocks Rust, Unwanted Tracking Spec - ASW #242
|
May 23, 2023 |
|
Ten Things I Hate About Lists - ASW #242
|
May 23, 2023 |
|
Staying Ahead of Hackers: Protecting Mobile Apps & Detecting Malicious Packages - Asaf Ashkenazi, Jeff Martin - ASW #241
|
May 16, 2023 |
|
What to Do When the Honeymoon Period Ends - Chris Eng - ASW #241
|
May 16, 2023 |
|
Strengthening Your Security Position: Detecting Software Supply Chain Breaches - ASW #240
|
May 09, 2023 |
|
Close the Security Theater: Enter Resilience - Kelly Shortridge - ASW #240
|
May 09, 2023 |
|
Mitigating AppSec Risk with Systematic Testing and Effective Attack Mitigation - Karl Triebes, Patrick Vandenberg - ASW #239
|
May 02, 2023 |
|
Application Security Maturity and Frameworks - Francesco Cipollone - ASW #239
|
May 02, 2023 |
|
A Forecast for Threat Groups, K8s Security Audit, GhostToken on Google, BrokenSesame - ASW #238
|
Apr 26, 2023 |
|
The Intersection of Hacking, Technology, and Civil Society with Jeff Moss - Jeff Moss - ASW #238
|
Apr 25, 2023 |
|
Deps.dev API, Right to Repair Tractors, Secure by Design, WebSockets, Adversarial AI - ASW #237
|
Apr 18, 2023 |
|
Collecting Bounties and Building Communities - Ben Sadeghipour - ASW #237
|
Apr 18, 2023 |
|
Application Security in Cloud - Vandana Verma Sehgal - ASW #236
|
Apr 12, 2023 |
|
JSON and a Regex, IoT Passwords, CAN Injection, Twitter CVE, Complexity, Tabletops - ASW #236
|
Apr 11, 2023 |
|
BingBang, Super FabriXss, 3CX on macOS, Secure Code Game, Real World Crypto 2023 - ASW #235
|
Apr 05, 2023 |
|
Learning eBPF - Liz Rice - ASW #235
|
Apr 04, 2023 |
|
OpenAI Info Leak, BitCoin ATM Hack, GitHub RSA SSH Key, Measuring AI Security - ASW #234
|
Mar 28, 2023 |
|
Real-life Examples. Benefits, Risk & Security Implications of AI - Frank Catucci - ASW #234
|
Mar 28, 2023 |
|
PassTheHash from Outlook, RCE in Modem Chipset, OpenSSH Sandboxes, Curl's Anniversary - ASW #233
|
Mar 21, 2023 |
|
Automating Security With Static Analysis - Josh Goldberg - ASW #233
|
Mar 21, 2023 |
|
Loom Disclosure, GitHub 2FA, Buffer Overflow in TPM, Dropbox Career Framework - ASW #232
|
Mar 14, 2023 |
|
The OWASP ASVS and Sustainable Software Security Practices - Josh Grossman - ASW #232
|
Mar 14, 2023 |
|
WebSocket Hijack, Post-Quantum Side-Channel, OWASP's Future, OAuth Misconfigs, ZAP - ASW #231
|
Mar 07, 2023 |
|
A Deep Dive Into Software Supply Chain Security - Neatsun Ziv - ASW #231
|
Mar 07, 2023 |
|
Twitter 2FA, Server-Side Prototype Pollution, AI Security & Privacy, Smarter Testing - ASW #230
|
Feb 28, 2023 |
|
Supply Chain Breaches and Hacking the Cloud: Lessons Learned from IR - Lina Lau - ASW #230
|
Feb 28, 2023 |
|
Reddit Breach, Toyota Bugs, OpenSSL Vulns, Top 10 Web Hacking Techniques of 2022 - ASW #229
|
Feb 14, 2023 |
|
What's the Best Way to Threat Model? - Nick Selby - ASW #229
|
Feb 14, 2023 |
|
Aviation ASCII Art, OpenSSH Double-Free, F5 Format String, OSC&R for Supply Chains - ASW #228
|
Feb 07, 2023 |
|
Myths and Lies in Infosec - Adrian Sanabria - ASW #228
|
Feb 07, 2023 |
|
Source Leaks, BIND DoS, Refactoring Go to Typescript, Git Audit & Rust, SQL Slammer - ASW #227
|
Jan 31, 2023 |
|
There Is No Average Behavior - Dr. David Movshovitz - ASW #227
|
Jan 31, 2023 |
|
Breach Disclosures, SSRF in Azure, Integer Flaws, Top 10 Web Hacking Techniques - ASW #226
|
Jan 25, 2023 |
|
Crafting Security Training for Secure Code and Security Culture - Marudhamaran Gunasekaran - ASW #226
|
Jan 24, 2023 |
|
CircleCI Breach, Vulns in Auto Sites, Google Speaker Bugs, Office Space, S3 Defaults - ASW #225
|
Jan 10, 2023 |
|
Securing your APIs using OAuth - Dan Moore - ASW #225
|
Jan 10, 2023 |
|
Security Product Metrics, ML 101, PEACH for Cloud, Log4Shell Lookback, Appsec Tools - ASW #224
|
Jan 03, 2023 |
|
DevSecOps Essentials - Keith Hoodlet - ASW #224
|
Jan 03, 2023 |
|
Another Ping of Death, Clever JSON Manipulation, iCloud Encryption, ChatGPT Threats - ASW #223
|
Dec 14, 2022 |
|
Redefining Threat Modeling - Security Team Goes on Vacation - Jeevan Singh - ASW #223
|
Dec 13, 2022 |
|
Android Platform Certs Leaked, Hell's Keychain, Web Hacking Cars, Bug Bounty Tips - ASW #222
|
Dec 06, 2022 |
|
Inoculating Malicious Content: Making File Types Safe to Handle - Aviv Grafi - ASW #222
|
Dec 06, 2022 |
|
AWS AppSync Vuln, Zero-Initialization, HTTP/3 Connections, Thinkst Quarterly - ASW #221
|
Nov 29, 2022 |
|
Searching on Encrypted Data: MongoDB’s Queryable Encryption - Kenn White - ASW #221
|
Nov 29, 2022 |
|
CosMiss, Pixel Lock Screen Bypass, IIoT Path Traversal, NSA on C & C++, Code Reviews - ASW #220
|
Nov 15, 2022 |
|
The Top 10 CI/CD Security Risks and CI/CD Goat - Daniel Krivelevich - ASW #220
|
Nov 15, 2022 |
|
Punycode in OpenSSL, Authn in Cosmos DB Notebooks, Documenting Security, IoT Labels - ASW #219
|
Nov 08, 2022 |
|
Bad Bots are Targeting Your APIs: What You Need to Know - Karl Triebes - ASW #219
|
Nov 08, 2022 |
|
Critical OpenSSL Vuln, SQLite Vuln, Apple Security Blog, Randomness & Shuffling - ASW #218
|
Nov 01, 2022 |
|
Understanding Web3 Application Security - Sandy Carielli, Martha Bennett - ASW #218
|
Nov 01, 2022 |
|
Text4Shell, GUAC for SLSA, OpenSSF Scorecards, Toner Deaf, OWASP Elections - ASW #217
|
Oct 26, 2022 |
|
Kubernetes, Container and Cloud Best Practices for Securing Cloud Apps and Hardening - Kong Yew Chan - ASW #217
|
Oct 25, 2022 |
|
FortiOS Exploit, Linux Kernel Wi-Fi Vulns, Infosec Communities, Secure Coding - ASW #216
|
Oct 18, 2022 |
|
How NVIDIA Uses AI to Address Cybersecurity Challenges - Jason Recla - ASW #216
|
Oct 18, 2022 |
|
Rust in the Linux Kernel, Uber Security Verdict, Prototype Pollution, PHP Composer - ASW #215
|
Oct 11, 2022 |
|
Creating and Curating Educational Resources for Secure Coding - Akira Brand - ASW #215
|
Oct 11, 2022 |
|
Exchange RCE, Patching at Scale, DORA Metrics, USENIX Best Papers, Passkeys - ASW #214
|
Oct 04, 2022 |
|
Critical Requirements for Cloud Native Application Security - Dean Agron - ASW #214
|
Oct 04, 2022 |
|
Authz Bypass in Oracle Cloud, Chrome Prototype Pollution, Why Security Products Fail - ASW #213
|
Sep 27, 2022 |
|
Show, Don’t Tell, Your Developers How To Write Secure Code - Janet Worthington - ASW #213
|
Sep 27, 2022 |
|
Uber Breach, Rust Security Team, MiraclePtr, Supply Chain Criticism, Careers - ASW #212
|
Sep 20, 2022 |
|
API Security from a Developer's Perspective - Sam Placette - ASW #212
|
Sep 20, 2022 |
|
Go Vuln Project, OSS-Fuzz Successes, No More Basic Auth, NSA Supply Chain Hardening - ASW #211
|
Sep 15, 2022 |
|
Shifting Left Probably Left You Vulnerable. Here’s How You Can Make it Right. - Sonali Shah - ASW #211
|
Sep 14, 2022 |
|
Twitter Whistleblower Complaint, LastPass Breach, Threat Modeling Culture - ASW #210
|
Aug 30, 2022 |
|
Cloud Security Frameworks: Clarity vs. Confusion - Doug Dooley - ASW #210
|
Aug 30, 2022 |
|
Debugging & Dev Tools, Isolating PostgreSQL, Abusing the DevOps Pipeline, Xiaomi Flaw - ASW #209
|
Aug 24, 2022 |
|
AppSec Tips & Tricks for Cloud Native and Kubernetes Environments - Kiran Kamity - ASW #209
|
Aug 24, 2022 |
|
Microsoft Bounties & Edge Security, Strategic Bounty Programs, HTTP Desync Attacks - ASW #208
|
Aug 18, 2022 |
|
Good, Not Perfect, AppSec - Tanya Janca - ASW #208
|
Aug 18, 2022 |
|
Auth Problems from Parsing, Slack's Password Hashes, Twitter's Info Breach - ASW #207
|
Aug 09, 2022 |
|
Agility Broke AppSec. Now It's Going to Fix It - Chen Gour Arie - ASW #207
|
Aug 09, 2022 |
|
Smart Lock and Simple Vulns, Macros and Secure Defaults, Breaches and Costs - ASW #206
|
Aug 05, 2022 |
|
Reachability & Attackability - Manish Gupta - ASW #206
|
Aug 05, 2022 |
|
Atlassian Vuln, Attacking OAuth, OpenSSF Security Audits, Tabletop Exercises - ASW #205
|
Jul 29, 2022 |
|
How to Build a Successful Continuous Application Security Program - Ferruh Mavituna - ASW #205
|
Jul 29, 2022 |
|
0-Day Vulnerabilities & What's Next - Larry Maccherone - ASW #204
|
Jul 25, 2022 |
|
Retbleed, CSRB's First Report, a Case-Sensitive Action, Mac Malware Book - ASW #204
|
Jul 19, 2022 |
|
iOS Lockdown Mode, 2FA in PyPI, CloudVulnDB, & Practical Attacks on ML - ASW #203
|
Jul 12, 2022 |
|
The Security Challenges That Devs Encounter When Building Secure Apps - Farshad Abasi - ASW #203
|
Jul 11, 2022 |
|
Answering the ‘How’ Questions of Software Security - Nikhil Gupta - ASW #199
|
Jul 06, 2022 |
|
Pwn2own, Verizon's DBIR, Zoom's XMPP Flaws, $10M Bounty, & More Bad Packages - ASW #199
|
Jul 06, 2022 |
|
More Fuzzing, a Decade of OT Security, & Top Threats to Cloud Computing - ASW #202
|
Jun 28, 2022 |
|
How GraphQL & Template Injection Threats Influence App Architectures - Mike Benjamin - ASW #202
|
Jun 27, 2022 |
|
Hertzbleed, SynLapse, Java Deserialization, More MFA, Firmware Flaws, & Zombie 0-Day - ASW #201
|
Jun 22, 2022 |
|
IE11 Goes to Zero -- A History of Browser Security and Bug Bounties - ASW #201
|
Jun 21, 2022 |
|
OWASP Top 10 for K8s, Firefox Process Isolation, Secure Software Factory, CFAA Policy - ASW #198
|
Jun 15, 2022 |
|
The Psychology of Training - Matias Madou - ASW #198
|
Jun 15, 2022 |
|
RSAC Micro Interviews - Cisco & Invicti Security - Jeetu Patel, Sonali Shah - ASW #200
|
Jun 14, 2022 |
|
HTTP RFCs Have Evolved, Breaking Into Cloud, Scaling AppSec at Netflix, & Confluence - ASW #200
|
Jun 13, 2022 |
|
Developing Future Cybersecurity Contributors - Brian Glas - ASW #197
|
May 18, 2022 |
|
Typosquatting, Curl's Security Update, & OpenSSF's 10 Point Mobilization Plan - ASW #197
|
May 18, 2022 |
|
Smart Contract Security, Heroku Breach, & Real World Crypto Highlights - ASW #196
|
May 10, 2022 |
|
Securing SAP: Addressing the Critical & Complex Challenge - Christoph Nagy - ASW #196
|
May 09, 2022 |
|
ExtraReplica, Document.domain Disfavored, & Highlights From Thinkst Quarterly - ASW #195
|
May 03, 2022 |
|
Bad Bots - Automated Threat Targeting Your Websites, Mobile Apps, & APIs - Lynn Marks - ASW #195
|
May 02, 2022 |
|
Java's ECDSA for Nought, Writing a Kernel RCE, Okta's Conclusion, Log4Shell Hot Patch - ASW #194
|
Apr 26, 2022 |
|
What Does Software Supply Chain Security Threat Mean to Developers? - Dr. Chenxi Wang - ASW #194
|
Apr 25, 2022 |
|
OAuth Tokens Taken, Vulns in Medical IoT, Scoring a Proactive Security Culture - ASW #193
|
Apr 19, 2022 |
|
Appsec (and adjacent) Metrics - ASW #193
|
Apr 18, 2022 |
|
SSRF at a FinTech, Zoom's Bounties, SLSA Build Provenance, & Raspberry Pi Credentials - ASW #192
|
Apr 12, 2022 |
|
Service Mesh & Zero Trust Kubernetes Security - William Morgan - ASW #192
|
Apr 11, 2022 |
|
Escaping from BlastDoor's Sandbox, Spring RCE, Old Zlib Flaw, Startup Security - ASW #191
|
Apr 05, 2022 |
|
Democratizing Software Security - Eric Allard - ASW #191
|
Apr 04, 2022 |
|
Okta & LAPSUS$, Fuzzing Rust, SQL Injection & Stale Code, Log4j Lessons - ASW #190
|
Mar 29, 2022 |
|
How to Build a Developer-First Application Security Program - Harshil Parikh - ASW #190
|
Mar 28, 2022 |
|
A Great Escape, Peace Not War, & How to Burp Good - ASW #189
|
Mar 22, 2022 |
|
Helping Secure OSS Software - Alvaro Munoz - ASW #189
|
Mar 21, 2022 |
|
Dirty Pipe, AutoWarp Vuln in Azure, TLStorm Hits UPS Devices, Car Hacking - ASW #188
|
Mar 15, 2022 |
|
Doing Application Security Right - Farshad Abasi - ASW #188
|
Mar 14, 2022 |
|
Vulns in Markdown Parsers, Census II & Open Source Security, iCloud Private Relay - ASW #187
|
Mar 08, 2022 |
|
Deep Visibility & Understanding the Underlying Data Layer - Lebin Cheng - ASW #187
|
Mar 07, 2022 |
|
Bug Bounty Costs, GitHub's Advisory Database, ICS Vulns of 2021, CNCF Secure Software - ASW #186
|
Mar 01, 2022 |
|
Integrating Appsec Tools for DevOps Teams - Steve Wilson - ASW #186
|
Feb 28, 2022 |
|
Cassandra RCE, Pixelation Is Poor Redaction, Rust's Useful Errors, & Hardening Edge - ASW #185
|
Feb 22, 2022 |
|
The DIY AppSec Lab - ASW #185
|
Feb 21, 2022 |
|
Docker Boundaries, Google Bounties, 2021's Top Web Hacks, Apple AirTags, AI vs. RFCs - ASW #184
|
Feb 15, 2022 |
|
The Modern Developer Must be Security Minded, Too - Doug Kersten - ASW #184
|
Feb 14, 2022 |
|
HTTP/3 Streams, Argo CD Paths, Log4j Devs, Cyber Safety Review Board, OSSF Projects - ASW #183
|
Feb 08, 2022 |
|
Policy Momentum in Coordinated Vulnerability Disclosure - Amit Elazari - ASW #183
|
Feb 07, 2022 |
|
PwnKit, Qubit Hack, Multichain Hack, Safari Bounty, & Python NaN - ASW #182
|
Feb 01, 2022 |
|
Shift Left, NOT S#!T LEFT - Larry Maccherone - ASW #182
|
Jan 31, 2022 |
|
IndexedDB Leak, Linux Kernel Bug, Zoom Security, SSRF & Allow Lists, Security Courses - ASW #181
|
Jan 25, 2022 |
|
API Security (Shadow APIs) - Himanshu Dwivedi - ASW #181
|
Jan 24, 2022 |
|
Scams and Security in Web3*, URL Parsing Problems, AWS Glue, CI/CD Compromises - ASW #180
|
Jan 19, 2022 |
|
Investing in Open Source Security - ASW #180
|
Jan 18, 2022 |
|
Log4j for FTC, More JNDI, Cache Poisoning, Improving Default Configs, ThinkstScapes - ASW #179
|
Jan 11, 2022 |
|
Broadening What We Call AppSec - Christien Rioux - ASW #179
|
Jan 10, 2022 |
|
Latest Log4j, Outages & Availability, FPGA Security Concepts, & Bug Bounty Awards - ASW #178
|
Dec 21, 2021 |
|
Evolving Security Testing - Dan Guido - ASW #178
|
Dec 20, 2021 |
|
Log4Shell, Mozilla's BigFix & New Sandbox, Rust in Linux Kernel, Path Traversal in Go - ASW #177
|
Dec 14, 2021 |
|
DevSecOps, Compliance GRC, and the Future of Application Security - Francesco Cipollone - ASW #177
|
Dec 13, 2021 |
|
Bug Bounties in Windows/WebKit, Edge Hardening, OAuth Hardening, & GoDaddy Breach - ASW #176
|
Nov 30, 2021 |
|
Solving Systemic Risk in Software Development - Chris Wysopal - ASW #176
|
Nov 29, 2021 |
|
CVEs 4 CSPs, Malicious PyPi, Bounty Programs, Shared Responsibility, & Breach Costs - ASW #175
|
Nov 23, 2021 |
|
wasmCloud - Distributed Computing With WebAssembly - Liam Randall - ASW #175
|
Nov 22, 2021 |
|
PAN-OS Vuln, ChaosDB, Fuzzing BusyBox, Refactoring in Rust, HTML Smuggling - ASW #174
|
Nov 16, 2021 |
|
Mobile Application Security - Ryan Lloyd - ASW #174
|
Nov 15, 2021 |
|
Linux Kernel TIPC RCE, NPM Malware, OTP 2FA Bots, & Security Labels - ASW #173
|
Nov 09, 2021 |
|
A Standardized Approach to SBOM - Dan McKinney - ASW #173
|
Nov 08, 2021 |
|
Discourse RCE, Trojan Source, WhatsApp Security, & Privacy Engineering - ASW #172
|
Nov 02, 2021 |
|
Untangling API Security in 2022 - Peter Klimek - ASW #172
|
Nov 01, 2021 |
|
UAParser.js Malware in NPM, Squirrel Sandbox Escape, Securing CI/CD, & AppSec Videos - ASW #171
|
Oct 26, 2021 |
|
Security Champions in an Online First World - Ashish Rajan - ASW #171
|
Oct 25, 2021 |
|
View Source, Bindiff for Vuln Analysis, Bypass with GitHub Actions, & NIST DevSecOps - ASW #170
|
Oct 19, 2021 |
|
Dev(Sec)Ops Scanning Challenges & Tips - Nuno Loureiro, Tiago Mendo - ASW #170
|
Oct 18, 2021 |
|
Twitch Breach, HTTPd Path Traversal, Disabling Macros, & Great Cybersecurity Programs - ASW #169
|
Oct 12, 2021 |
|
Modernizing the Management of Your Software Supply Chain - Tom Gibson - ASW #169
|
Oct 11, 2021 |
|
Prototype Pollution, Funding Open Source Security, Expiring Root CA, Mariana Trench - ASW #168
|
Oct 05, 2021 |
|
The Power of Developer-First Security - Hillary Benson - ASW #168
|
Oct 04, 2021 |
|
AppSec Orchestration/Correlation & DevSecOps Efficiency - Anita D'Amico, Patrick Carey - ASW #167
|
Sep 28, 2021 |
|
Exchange's Great Leak, RCE in VMware, IoT Bug in MQTT, & Chrome's Memory Safety Nets - ASW #167
|
Sep 27, 2021 |
|
OMIGOD, FORCEDENTRY, Code Ownership, Security as a Product, & IoT Device Criteria - ASW #166
|
Sep 21, 2021 |
|
Transforming Modern Software Development with Developer-First AppSec - Jeff Williams - ASW #166
|
Sep 20, 2021 |
|
OWASP Top 10, CISA Bad Practices, Azurescape, Confluence RCE, & API Security Tokens - ASW #165
|
Sep 14, 2021 |
|
Findings From the 2021 AppSec Shift Left Progress Report - Manish Gupta - ASW #165
|
Sep 13, 2021 |
|
ChaosDB, OpenSSL String Bugs, Revealing Locations, & More Top 15 Vulns - ASW #164
|
Aug 31, 2021 |
|
A DevOps Perspective on Risk Tolerance & Risk Transfer - Caroline Wong - ASW #164
|
Aug 30, 2021 |
|
BlackBerry's BadAlloc, Glibc's NULL, Backtick Command Injection, & ProxyLogon Details - ASW #163
|
Aug 24, 2021 |
|
Challenges in Open Source Application Security - Shubhra Kar - ASW #163
|
Aug 23, 2021 |
|
Cracked Concatenation, Injection Against DNS, Allstar GitHub, & DEF CON Highlights - ASW #162
|
Aug 17, 2021 |
|
DevSecOps - Making It Real - Mike Rothman - ASW #162
|
Aug 16, 2021 |
|
Securing Modern Web Apps: Development Techniques are Changing - Tom Hudson - ASW #161
|
Aug 16, 2021 |
|
Router Auth Bypass, Weak IoT RNG, HTTP/2 Request Smuggling, & Kindle Fuzzing - ASW #161
|
Aug 10, 2021 |
|
PunkSpider, Bug Bounties, RCE in PyPI, Kernel Pwning With eBPF, & Top Vulns From CISA - ASW #160
|
Aug 03, 2021 |
|
Platform Firmware Security - Maggie Jauregui - ASW #160
|
Aug 02, 2021 |
|
CWE Top 25, Bugs in Inconstancies, Sequoia Vuln, Twitter Transparency, & Cloud Risks - ASW #159
|
Jul 27, 2021 |
|
Navigating the Seas of Security in Serverless Functions - Peter Klimek - ASW #159
|
Jul 27, 2021 |
|
Code Comments, Decision Trees, Windows Hello, Telegram Analysis, & Cloud Risks - ASW #158
|
Jul 20, 2021 |
|
The Role of Open Source in DevSecOps - David DeSanto - ASW #158
|
Jul 19, 2021 |
|
Password Mismanager, Trusted Types vs. DOM XSS, PrintNightmare, & Fault Injections - ASW #157
|
Jul 13, 2021 |
|
Web App and API Security Needs to Be Modernized: Here’s How - Sean Leach - ASW #157
|
Jul 13, 2021 |
|
Semgrep, Microsoft Signs With Rootkits, ATT&CK/D3FEND, & Injured Android - ASW #156
|
Jun 29, 2021 |
|
Scaling Your Application Security Program - Clint Gibler - ASW #156
|
Jun 28, 2021 |
|
Supply Chain Integrity, Format Strings, Systemd Bug, Instagram Bounty, & Refactoring - ASW #155
|
Jun 22, 2021 |
|
Challenges of DAST Scanners / Adoption by Developers - Nuno Loureiro, Tiago Mendo - ASW #155
|
Jun 21, 2021 |
|
ALPACA, EA Breach, sprintf Lives, Go Fuzzing, K8s Goat, & OT Basics - ASW #154
|
Jun 15, 2021 |
|
OWASP SAMM - Software Assurance Maturity Model - Sebastian Deleersnyder - ASW #154
|
Jun 14, 2021 |
|
HTTP Goes QUIC, Security & Humans, Amazon Sidewalk Privacy, & Product Abuse - ASW #153
|
Jun 08, 2021 |
|
API Security: Understanding Threats to Better Protect Your Organization - Daniel Hampton - ASW #153
|
Jun 07, 2021 |
|
IIS Bug, Browsers & Androids & Supply Chains Oh My! - ASW #152
|
May 25, 2021 |
|
Bringing AppSec to a Modern CI Pipeline - Manish Gupta - ASW #152
|
May 24, 2021 |
|
CNCF Supply Chain, Frag Attacks, Securing Webhooks, & Complexity vs. Security - ASW #151
|
May 18, 2021 |
|
Third Party Software Risk on the Web - Aanand Krishnan - ASW #151
|
May 18, 2021 |
|
AirTags & Threat Models, Qualcomm Modem Vuln, Exim RCE(s), & Binary Hardening - ASW #150
|
May 11, 2021 |
|
Delivering On the Promise of Application Security - Ankur Shah - ASW #150
|
May 10, 2021 |
|
BadAlloc Vulns, Gatekeeper Bypass, & More Spectre in Micro-Op Caches - ASW #149
|
May 04, 2021 |
|
Why Developers Need to Think Differently About Software Security - Rey Bango - ASW #149
|
May 03, 2021 |
|
Signal Aesthetics, AirDrop Privacy, Safety vs. Security, & Data Ordering Attacks - ASW #148
|
Apr 27, 2021 |
|
Deceptive Diffs From Subversive Submitters - ASW #148
|
Apr 26, 2021 |
|
Rust in Android, Vuln Disclosure, Postmortems, & BootHole Follow-Up - ASW #147
|
Apr 20, 2021 |
|
Supply Chain Management - Doug Barbin - ASW #147
|
Apr 19, 2021 |
|
Malicious PHP Commits, OAuth Attacks & XML Injection, & Zines For DevSecOps - ASW #146
|
Apr 06, 2021 |
|
Shifting Right: What Security Engineers Can Learn From DevSecOps - Leif Dreizler - ASW #146
|
Apr 05, 2021 |
|
TikTok Analysis, Patching Patches, CI/CD Integrity, Faster Fuzzing, & Slack Safety - ASW #145
|
Mar 30, 2021 |
|
OWASP Top 10 of 2021 - Andrew van der Stock - ASW #145
|
Mar 29, 2021 |
|
Supply Chains in Azure SDK/Xcode, GitHub Sessions, & GCP VRP - ASW #144
|
Mar 23, 2021 |
|
Approaching AppSec Like a Hacker - Johanna Ydergard, Roberto Giachetta - ASW #144
|
Mar 22, 2021 |
|
Unauth'd RCE, "Regexploits", Post-Spectre Web, & SigStore Signing - ASW #143
|
Mar 16, 2021 |
|
Cloud Native Security Platforms - John Morello - ASW #143
|
Mar 15, 2021 |
|
Security Engineering, Evil Packages, Exchange SSRF, & Observability - ASW #142
|
Mar 09, 2021 |
|
Privacy, Data Security & Compliance - Cynthia Burke - ASW #142
|
Mar 08, 2021 |
|
JSON, OpenSSL, Educational Resources, & Flaws in CodeQL - ASW #141
|
Mar 02, 2021 |
|
Hackable; How to do Application Security Right - Ted Harrington - ASW #141
|
Mar 01, 2021 |
|
Dependency Confusion, Suspender Falls, Web Shells, & AppSec Scale - ASW #140
|
Feb 23, 2021 |
|
Targeting, Exploiting, & Defending Linux - Brandon Edwards - ASW #140
|
Feb 22, 2021 |
|
BBPLR, API Security Trends, Memory Unsafety, & Patching 0-Days - ASW #139
|
Feb 09, 2021 |
|
Being a Serial Entrepreneur, Business Leader, & Hacker - Alissa Knight - ASW #139
|
Feb 08, 2021 |
|
Sudo Vuln, Libgcrypt, BlastDoor on iMessage, & AWS Lambda security - ASW #138
|
Feb 02, 2021 |
|
Groundhog Day - It's Time to Reset the Script on Vulnerabilities - John Delaroderie - ASW #138
|
Feb 01, 2021 |
|
KindleDrip, State of Messaging State Machines, DoH, & Data Security Strategies - ASW #137
|
Jan 26, 2021 |
|
Reading Industry Analyst Tea Leaves To Predict The Future - Taylor McCaslin - ASW #137
|
Jan 25, 2021 |
|
Google 2FA Cloning, Speed vs. Security, & "Hack The Army" Bug Bounty 3.0 - ASW #136
|
Jan 12, 2021 |
|
Fuzz Testing - Andrei Serban - ASW #136
|
Jan 11, 2021 |
|
Kubernetes Clusters, Microsoft Solarigate, & Apple's Security DIY - ASW #135
|
Jan 05, 2021 |
|
Security By Design - ASW #135
|
Jan 04, 2021 |
|
Atheris Python Fuzzer, Bronze Bit Attack, & FireEye Highlights - ASW #134
|
Dec 15, 2020 |
|
Freedom From Computing Environments - Ev Kontsevoy - ASW #134
|
Dec 14, 2020 |
|
Google Play Bug, GitHub, iPhone Radio Reboots, & Docker Hub Vulns - ASW #133
|
Dec 08, 2020 |
|
Security Web Applications Against Modern Threats - John Delaroderie, Mike Manrod - ASW #133
|
Dec 07, 2020 |
|
Top CyberSec Skills for 2021, Xbox Gamertag Bug, & MobileIron RCE Flaw - ASW #132
|
Dec 01, 2020 |
|
Security Decisions During Application Development - Tim Mackey - ASW #132
|
Nov 30, 2020 |
|
Drupal Flaws, DevSecOps Implementation, & Cloud Native Security White Paper - ASW #131
|
Nov 24, 2020 |
|
Threat Modeling Deep Dive - ASW #131
|
Nov 23, 2020 |
|
'Platypus' Attack, IDOR DOD Bug, & 2 More Chrome 0-Days - ASW #130
|
Nov 17, 2020 |
|
Automated Hacker Knowledge - Rickard Carlsson - ASW #130
|
Nov 16, 2020 |
|
Security Is a Feature - Keith Hoodlet - ASW #129
|
Nov 10, 2020 |
|
China's Top Hacking Contest, GitHub Actions, & Vulnonym - ASW #129
|
Nov 09, 2020 |
|
Lax IoT, Adobe Flash Croaks, Link Preview Vulns, & Security Theatre! - ASW #128
|
Nov 03, 2020 |
|
Azure App Service & Cloud-Native Signal Sciences Deployments - Alfred Chung - ASW #128
|
Nov 02, 2020 |
|
Cyber Risk in Industrial IoT, Firefox 'Site Isolation', & Chrome 0-Day Bug - ASW #127
|
Oct 27, 2020 |
|
Cyber Resiliency Through Self-Healing Cloud Infrastructure - Cesar Rodriguez - ASW #127
|
Oct 26, 2020 |
|
Windows "Ping of Death", SonicWall VPN RCE , & MediaTek BootROM Glitch - ASW #126
|
Oct 20, 2020 |
|
The Future of Application Security Testing (AST) - Taylor McCaslin - ASW #126
|
Oct 19, 2020 |
|
Fortinet SIEM RCE, Facebook Bug Bounty, & Anti-Virus Vulnerabilities - ASW #125
|
Oct 13, 2020 |
|
Application Security Best Practices - James Manico - ASW #125
|
Oct 12, 2020 |
|
DOMOS 5.8 OS Command Injection, API Shield, & TRB245 Vulnerabilities - ASW #124
|
Oct 06, 2020 |
|
Things Every Developer Should Know About Security - Chris Romeo - ASW #124
|
Oct 05, 2020 |
|
Bypassing TikTok's MFA, Instragram RCE, & Chrome Security Updates - ASW #123
|
Sep 29, 2020 |
|
The Difference Between Finding Vulns & Securing Apps - ASW #123
|
Sep 28, 2020 |
|
Project OneFuzz, Bluetooth Spoofing Bug, & Safeguarding Secrets - ASW #122
|
Sep 22, 2020 |
|
Visualizing & Detecting Threats For Your Custom Application - Justin Massey - ASW #122
|
Sep 21, 2020 |
|
RCE via BACKBLAZE, Microsoft Patch Tuesday, & CRYLOGGER - ASW #121
|
Sep 15, 2020 |
|
The People & Process of DevOps - Frank Catucci - ASW #121
|
Sep 14, 2020 |
|
GitHub to Ruby 2.7, CISO Success, & Lessons From Uber - ASW #120
|
Sep 01, 2020 |
|
Detecting Threats & Avoiding Misconfigs In The Cloud-Age - Marc Tremsal - ASW #120
|
Aug 31, 2020 |
|
ATM Attacks, gcploit, & ClusterFuzz - ASW #119
|
Aug 25, 2020 |
|
DevOps-First Application Security For Mid-Markets - Sundar Krish - ASW #119
|
Aug 24, 2020 |
|
AWS S3 Crypto SDK, ReVoLTE Attack, & Microsoft Bug Bounties - ASW #118
|
Aug 18, 2020 |
|
Immutable Security For Immutable Infrastructure - Cesar Rodriguez - ASW #118
|
Aug 17, 2020 |
|
SWVHSC: Amazon GuardDuty, Sandboxing & Workload Isolation, & No More SHA-1 - ASW #117
|
Aug 04, 2020 |
|
SWVHSC: How Does Sec Live In A DevOps World? - Mike Rothman - ASW #117
|
Aug 04, 2020 |
|
TaskRouter JS SDK, EL1/EL3 Vulnerability, & 234 Alexa Skills Store Violations - ASW #116
|
Jul 28, 2020 |
|
Fixing Vulnerabilities Effectively & Efficiently - John Matherly - ASW #116
|
Jul 27, 2020 |
|
SIGRed RCE, Google Cloud 'Confidential VMs', & Twitter Hack Crypto Scam - ASW #115
|
Jul 21, 2020 |
|
Cloud Security Posture Management & Governance - Bhasker Nallapothula, Kris Rajana - ASW #115
|
Jul 20, 2020 |
|
Top Bug Bounty Rankings, Zoom 0-Day, & Firefox Send Malware - ASW #114
|
Jul 14, 2020 |
|
DevSecOps - Judy Ngure - ASW #114
|
Jul 13, 2020 |
|
Guacamole RCE, PAN-OS Flaw, & A Culture of Resilience - ASW #113
|
Jul 07, 2020 |
|
Protecting Mobile Applications - Catherine Chambers, Will Hickie - ASW #113
|
Jul 06, 2020 |
|
DLL Hijacking, Trust Through Privacy, & Adobe EOL Data - ASW #112
|
Jun 30, 2020 |
|
Using IaC to Establish & Analyze Secure Environments - Cesar Rodriguez - ASW #112
|
Jun 29, 2020 |
|
CallStranger, SMBleedingGhost, & Misconfigured Kubeflow - ASW #111
|
Jun 16, 2020 |
|
Data Mapping & Data Value Journey - Michelle Dennedy - ASW #111
|
Jun 15, 2020 |
|
Zoom Vulns, Apple 0-Days, & Abandoned Domains - ASW #110
|
Jun 09, 2020 |
|
The Future State of AppSec - Phillip Maddux - ASW #110
|
Jun 08, 2020 |
|
Apps Are the New Endpoint - Catherine Chambers - ASW #109
|
Jun 02, 2020 |
|
How to Prevent Account Takeover Attacks - John Chirhart - ASW #109
|
Jun 01, 2020 |
|
Highlights From the New Open Source Security and Risk Analysis Report - Tim Mackey - ASW #108
|
May 19, 2020 |
|
Using Rate Limiting to Protect Web Apps and APIs - Jack Zarris - ASW #108
|
May 18, 2020 |
|
Samsung RCE 0-Click, Whispers, & Compromising Pluton - ASW #107
|
May 12, 2020 |
|
How Can Security Work TOGETHER, Not Against, Developers - Joe Garcia - ASW #107
|
May 11, 2020 |
|
Psychic Paper, Salt RCE, & Love Bugs - ASW #106
|
May 05, 2020 |
|
Modern Application Security & Container Security - Gareth Rushgrove - ASW #106
|
May 04, 2020 |
|
Nintendo Breach, NSA Advisory, & Security of IoMT - ASW #105
|
Apr 28, 2020 |
|
Threat Modeling in AppSec - Avi Douglen - ASW #105
|
Apr 27, 2020 |
|
Malicious Ruby Gems & JSON Web Token Bypass - ASW #104
|
Apr 21, 2020 |
|
Building an AppSec Ecosystem - Rebecca Deck - ASW #104
|
Apr 20, 2020 |
|
Zooming Alex Stamos & Building Security TestOps - ASW #103
|
Apr 14, 2020 |
|
Making Kubernetes a Hostile Place for Attackers - Brad Geesaman - ASW #103
|
Apr 13, 2020 |
|
Zoom Flaws, 'Zombie' win32k Bug, & Inputscope - ASW #102
|
Apr 07, 2020 |
|
You're (probably) Doing AppSec Wrong - Grant Ongers - ASW #102
|
Apr 06, 2020 |
|
The Benefits of SAST and SCA in Your IDE - Utsav Sanghani - ASW #101
|
Mar 23, 2020 |
|
Singularity: A Different Take on Container Security - Adam Hughes - ASW #101
|
Mar 23, 2020 |
|
Bottlerocket, Supply Chain Casualty, DevOps Sweet Spot - ASW #100
|
Mar 17, 2020 |
|
DevSecOps / Scaling Security - Clint Gibler - ASW #100
|
Mar 17, 2020 |
|
CISOs, CVE, DevOps, Gandalf - ASW #99
|
Mar 09, 2020 |
|
Guy Podjarny, Snyk - Guy Podjarny - ASW #99
|
Mar 09, 2020 |
|
InfoSec World Workshop: DevSecOps and Cultural Transformation - Dan Petit - ASW #98
|
Mar 02, 2020 |
|
Ghostcat, Apache, Networks, Starliner - ASW #98
|
Mar 02, 2020 |
|
Application News - RSA Conference News and Activities - ASW #97
|
Feb 26, 2020 |
|
Chris Eng Interview - What's New with Veracode - Chris Eng - ASW #97
|
Feb 25, 2020 |
|
SweynTooth, OWASP, CRXcavator, DevSecOps - ASW #96
|
Feb 19, 2020 |
|
Lessons Learned From The DevSecOps Trenches - Doug DePerry - ASW #96
|
Feb 17, 2020 |
|
WhatsApp Flaw, Dropbox Bug Bounty Program, Investigating Web Shell Attacks - ASW #95
|
Feb 12, 2020 |
|
Mitigating at Design Time - Shaun Lamb - ASW #95
|
Feb 11, 2020 |
|
Scaling an AppSec Program - ASW #94
|
Feb 03, 2020 |
|
Xbox Bounty Program, Magento Patch, RCE in OpenSMTPD - ASW #94
|
Feb 03, 2020 |
|
Pwn2Own In Miami, Cloud Vuln., Deconstructing Web Cache Deception Attacks - ASW #93
|
Jan 29, 2020 |
|
Dynamically Protecting Mobile Applications With RASP - John Butler - ASW #93
|
Jan 28, 2020 |
|
Crypto Bugs, IoT Planes and Application Inspectors, Oh My! - ASW #92
|
Jan 22, 2020 |
|
Protecting Data in Apps and Protecting Apps from Data - ASW #92
|
Jan 21, 2020 |
|
Application News - ASW #91
|
Jan 14, 2020 |
|
The Evolution of DevSecOps and AppSec Trends in 2020 - Hillel Solow - ASW #91
|
Jan 14, 2020 |
|
Application News - ASW #90
|
Jan 08, 2020 |
|
Privacy by Design - ASW #90
|
Jan 07, 2020 |
|
Binary Planting, GitLab, and DevOps Pipelines - ASW #89
|
Dec 18, 2019 |
|
API Security - Dave Ferguson - ASW #89
|
Dec 17, 2019 |
|
The World Runs On Open-Source, But Who's Paying For Gas? - ASW #88
|
Dec 11, 2019 |
|
Software Bill of Materials (SBOM) - Allan Friedman - ASW #88
|
Dec 10, 2019 |
|
Facebook, Twitter, & Firefox - ASW #87
|
Dec 04, 2019 |
|
Bot Management - Sandy Carielli - ASW #87
|
Dec 03, 2019 |
|
Application News - ASW #86
|
Nov 28, 2019 |
|
Development Decisions Affect The Security Of Any Application - Tim Mackey - ASW #86
|
Nov 27, 2019 |
|
Sysdig Secure 3.0 - Pawan Shankar - ASW #85
|
Nov 20, 2019 |
|
Mirantis' Docker, CISOs, & End of Life Dates - ASW #85
|
Nov 19, 2019 |
|
Application News - ASW #84
|
Nov 14, 2019 |
|
Security Testing - ASW #84
|
Nov 13, 2019 |
|
Application News - ASW #83
|
Nov 06, 2019 |
|
Teaching Security In Software Development - Daniel Lowrie, Justin Dennison - ASW #83
|
Nov 05, 2019 |
|
Application News - ASW #82
|
Oct 30, 2019 |
|
Bug Bounties, Pentesting, & Scanners - ASW #82
|
Oct 29, 2019 |
|
Application News - ASW #81
|
Oct 23, 2019 |
|
Doug Coburn, Signal Sciences - Doug Coburn - ASW #81
|
Oct 22, 2019 |
|
Application News - ASW #80
|
Oct 16, 2019 |
|
Francois Lascelles, Ping Identity - ASW #80
|
Oct 15, 2019 |
|
Application News - ASW #79
|
Oct 09, 2019 |
|
Cloud Security for Small Teams - ASW #79
|
Oct 08, 2019 |
|
Application News - ASW #78
|
Oct 02, 2019 |
|
Information Disclosure Vulnerabilities - Ryan Kelso - ASW #78
|
Oct 01, 2019 |
|
Training For Developers - Nicolas Valcárcel - ASW #77
|
Sep 24, 2019 |
|
Application News - ASW #77
|
Sep 23, 2019 |
|
Bugs, Breaches, & More - ASW #76
|
Sep 18, 2019 |
|
OWASP Application Security Verification Standard - ASW #76
|
Sep 16, 2019 |
|
Bugs, Breaches, & More - ASW #75
|
Sep 11, 2019 |
|
Tools in the DevOps Pipeline: Ty Sbano, Sisense - ASW #75
|
Sep 10, 2019 |
|
Black Hat Interviews - WhiteSource and Venafi - ASW #74
|
Aug 28, 2019 |
|
Container Security With Sysdig Secure 2.4 - Pawan Shankar - ASW #74
|
Aug 26, 2019 |
|
Bugs, Breaches, and More! - ASW #73
|
Aug 21, 2019 |
|
Ping Identity, Cequence, & NowSecure - ASW #73
|
Aug 20, 2019 |
|
Application News - ASW - News #72
|
Aug 14, 2019 |
|
Hacker Summer Camp Round-UP - ASW - Topic #72
|
Aug 13, 2019 |
|
Application News - Application Security Weekly #71
|
Jul 31, 2019 |
|
Container Security Today - Application Security Weekly #71
|
Jul 30, 2019 |
|
Application News - Application Security Weekly #70
|
Jul 24, 2019 |
|
Secure App Deployment With Unikernels - Application Security Weekly #70
|
Jul 23, 2019 |
|
Application News - Application Security Weekly #69
|
Jul 17, 2019 |
|
Securing Multi-Cloud Environments - Application Security Weekly #69
|
Jul 16, 2019 |
|
Application News - Application Security Weekly #68
|
Jul 10, 2019 |
|
Cloud Native - Application Security Weekly #68
|
Jul 09, 2019 |
|
Security Training for Devs - Application Security Weekly #67
|
Jul 03, 2019 |
|
GKE, AWS, & S3 Buckets - Application Security Weekly #67
|
Jul 02, 2019 |
|
Don't Ignore APIs - Application Security Weekly #66
|
Jun 26, 2019 |
|
Osquery, Netflix, & Mozilla - Application Security Weekly #66
|
Jun 25, 2019 |
|
Bugs, Breaches, and More! - Application Security Weekly #65
|
Jun 19, 2019 |
|
Shannon Lietz, Intuit - Application Security Weekly #65
|
Jun 18, 2019 |
|
MacOS Catalina, OpenShift, & Pink Floyd - Application Security Weekly #64
|
Jun 12, 2019 |
|
DevSecOps & Software Supply Chains, Microsoft - Application Security Weekly #64
|
Jun 10, 2019 |
|
Application News - Application Security Weekly #63
|
Jun 05, 2019 |
|
Major Identities & Micro Services - Application Security Weekly #63
|
Jun 04, 2019 |
|
Application News - Application Security Weekly #62
|
May 22, 2019 |
|
Cody Wood, Signal Sciences - Application Security Weekly #62
|
May 21, 2019 |
|
Application News - Application Security Weekly #61
|
May 16, 2019 |
|
Securing Software Supply Chains - Application Security Weekly #61
|
May 15, 2019 |
|
Sven Morgenroth, Netsparker - Application Security Weekly #60
|
May 08, 2019 |
|
Application News - Application Security Weekly #60
|
May 07, 2019 |
|
Application News - Application Security Weekly #59
|
May 01, 2019 |
|
Larry Maccherone, Comcast - Application Security Weekly #59
|
Apr 30, 2019 |
|
Application News - Application Security Weekly #58
|
Apr 24, 2019 |
|
Thomas Hatch, SaltStack - Application Security Weekly #58
|
Apr 23, 2019 |
|
Application News - Application Security Weekly #57
|
Apr 17, 2019 |
|
Containers and Kubernetes - Application Security Weekly #57
|
Apr 16, 2019 |
|
Falco, Sysdig - Application Security Weekly #56
|
Apr 10, 2019 |
|
Docker, ARM, & "Selfie" - Application Security Weekly #56
|
Apr 09, 2019 |
|
Wins & Challenges In AppSec , Square - Application Security Weekly #55
|
Mar 29, 2019 |
|
Bugs, Breaches, and More! - Application Security Weekly #55
|
Mar 28, 2019 |
|
DARPA, Yelp, & FBI - Application Security Weekly #54
|
Mar 20, 2019 |
|
Jamie Duncan, Red Hat - Application Security Weekly #54
|
Mar 19, 2019 |
|
Application News - Application Security Weekly #53
|
Mar 13, 2019 |
|
RSA 2019 Recap - Application Security Weekly #53
|
Mar 12, 2019 |
|
Matt Springfield, 12Feet, Inc. - Application Security Weekly #52
|
Feb 27, 2019 |
|
Bugs, Breaches, and More! - Application Security Weekly #52
|
Feb 26, 2019 |
|
Android, Dark Web, & Development - Application Security Weekly #51
|
Feb 20, 2019 |
|
Integrating Security into DevOps, Altran - Application Security Weekly #51
|
Feb 19, 2019 |
|
Application News - Application Security Weekly #50
|
Feb 14, 2019 |
|
Basic Flow of Problem, Solution, and Value - Application Security Weekly #50
|
Feb 13, 2019 |
|
Application News - Application Security Weekly #49
|
Feb 06, 2019 |
|
The Current State of Privacy & Software Development - Application Security Weekly #49
|
Feb 05, 2019 |
|
Bugs, Breaches, and More! - Application Security Weekly #48
|
Jan 31, 2019 |
|
Jing Xie, Venafi - Application Security Weekly #48
|
Jan 30, 2019 |
|
Bugs, Breaches, and More - Application Security Weekly #47
|
Jan 23, 2019 |
|
The Human Element of Application Security - Application Security Weekly #47
|
Jan 23, 2019 |
|
Rey Bango, Microsoft - Application Security Weekly #46
|
Jan 17, 2019 |
|
CRLF, NASA, & GitHub - Application Security Weekly #46
|
Jan 16, 2019 |
|
WordPress, Silicon Valley, and Hijacking - Application Security Weekly #45
|
Jan 10, 2019 |
|
Ken Johnson, GitHub - Application Security Weekly #45
|
Jan 09, 2019 |
|
Signal App, Jenkins Servers, & WordPress - Application Security Weekly #44
|
Dec 18, 2018 |
|
Harry Sverdlove, Edgewise - Application Security Weekly #44
|
Dec 18, 2018 |
|
Chris Elgee, Counter Hack Challenge - Application Security Weekly #43
|
Dec 12, 2018 |
|
Kubernetes, Firefox, & WordPress - Application Security Weekly #43
|
Dec 11, 2018 |
|
NSA Malware, AFL Fuzzer, & Firecracker - Application Security Weekly #42
|
Dec 05, 2018 |
|
Aleksei Tiurin, Acunetix - Application Security Weekly #42
|
Dec 04, 2018 |
|
Drupalgeddon, USPS, & JavaScript - Application Security Weekly #41
|
Nov 29, 2018 |
|
Brent Dukes - Application Security Weekly #41
|
Nov 28, 2018 |
|
Instagram, Kraken, GitMiner - Application Security Weekly #40
|
Nov 19, 2018 |
|
John Kinsella, Layered Insight - Application Security Weekly #40
|
Nov 19, 2018 |
|
ColdFusion, Destroying Logs, & Tracing Meme's - Application Security Weekly #39
|
Nov 15, 2018 |
|
Brian Kelly, CyberArk - Application Security Weekly #39
|
Nov 14, 2018 |
|
'Stalkerware', DHCPv6 Packets , & Python - Application Security Weekly #38
|
Nov 07, 2018 |
|
Daniel Cuthbert, Banco Santander - Application Security Weekly #38
|
Nov 06, 2018 |
|
Airline Hacks, MicroTik Bug, & WordPress - Application Security Weekly #37
|
Nov 01, 2018 |
|
Johnny Xmas, Kasada.io - Application Security Weekly #37
|
Oct 31, 2018 |
|
Cryptocurrency, Disney, and Adobe - Application Security Weekly #36
|
Oct 24, 2018 |
|
Bugs, Breaches, and More! - Application Security Weekly #36
|
Oct 23, 2018 |
|
Garrett Gross, Rapid7 - Application Security Weekly #35
|
Oct 16, 2018 |
|
Git Project, Google+, & Facebook - Application Security Weekly #35
|
Oct 16, 2018 |
|
Bugs, Breaches, and More - Application Security Weekly #34
|
Oct 03, 2018 |
|
Landing a Job in Application Security - Application Security Weekly #34
|
Oct 02, 2018 |
|
Newegg, Ticketmaster, & iOS 12 - Application Security Weekly #33
|
Sep 27, 2018 |
|
Ron Gula, Gula Tech Adventures - Application Security Weekly #33
|
Sep 26, 2018 |
|
Bluebox-ng, Stock Data Breaches, and CommitStrip- Application Security Weekly #32
|
Sep 26, 2018 |
|
April Wright, ArchitectSecurity.org - Application Security Weekly #32
|
Sep 25, 2018 |
|
Microsoft, Equifax, MacOS, and Bug Bounties - Application Security Weekly #31
|
Sep 13, 2018 |
|
Zane Lackey, Signal Sciences - Application Security Weekly #31
|
Sep 12, 2018 |
|
Fortnite, Netflix, & Black Hat - Application Security Weekly #30
|
Aug 30, 2018 |
|
The Apache Struts2 RCE Vulnerability - Application Security Weekly #30
|
Aug 29, 2018 |
|
Tom McLaughlin, ServerlessOps - Application Security Weekly #29
|
Aug 22, 2018 |
|
Matt Alderman & Paul Asadoorian, Def Con 2018 - Application Security Weekly #29
|
Aug 21, 2018 |
|
Alibaba Cloud Security, Comcast, and Facebook - Application Security Weekly #28
|
Aug 15, 2018 |
|
Secure Coding Practices - Application Security Weekly #28
|
Aug 14, 2018 |
|
Resources, Bugs, Breaches, and Learning Tools - Application Security Weekly #27
|
Aug 09, 2018 |
|
Galen Hunt, Microsoft - Application Security Weekly #27
|
Aug 08, 2018 |
|
Spectre, OWASP, and iGoat - Application Security Weekly #26
|
Aug 02, 2018 |
|
Jessica Rozhin, Marqueta - Application Security Weekly #26
|
Aug 01, 2018 |
|
Venmo, Oracle, & Linux - Application Security Weekly #25
|
Jul 25, 2018 |
|
Joe Garcia, CyberArk - Application Security Weekly #25
|
Jul 24, 2018 |
|
AppSec Solutions in a DevOps World - Application Security Weekly #24
|
Jul 19, 2018 |
|
iOS Bugs, Burp Suite, & DevSecOps - Application Security Weekly #24
|
Jul 18, 2018 |
|
The Hardest Problem in Application Security - Application Security Weekly #23
|
Jul 11, 2018 |
|
Facebook, Google, & GitLab - Application Security Weekly #23
|
Jul 10, 2018 |
|
PHPMyAdmin, GitHub, and VS Code - Application Security Weekly #22
|
Jul 05, 2018 |
|
Thomas GX, Yelda - Application Security Weekly #22
|
Jul 03, 2018 |
|
Microsoft, JavaScript, AI Can Fire - Application Security Weekly #21
|
Jun 28, 2018 |
|
Dan Kuykendall, Rapid7 - Application Security Weekly #21
|
Jun 27, 2018 |
|
Windows, Smart Lock, & iPhone Hackers - Application Security Weekly #20
|
Jun 21, 2018 |
|
Ron Gula, Gula Tech Adventures - Application Security Weekly #20
|
Jun 20, 2018 |
|
FireFox, Windows 10, DevOps, and BitHubLab - Application Security Weekly #19
|
Jun 14, 2018 |
|
Peter Chestna, Veracode - Application Security Weekly #19
|
Jun 13, 2018 |
|
GitHub, Oracle, & GDPR - Application Security Weekly #18
|
Jun 07, 2018 |
|
Agile vs. DevOps - Application Security Weekly #18
|
Jun 06, 2018 |
|
Nest, Node.js, & F.Secure - Application Security Weekly #17
|
May 24, 2018 |
|
James Wickett, Signal Sciences - Application Security Weekly #17
|
May 23, 2018 |
|
Adam Gordon, ITProTV - Application Security Weekly #16
|
May 17, 2018 |
|
Text Bombs, Black Dots of Death, and Azure - Application Security Weekly #16
|
May 16, 2018 |
|
Twitter, Meltdown, & RSAC - Application Security Weekly #15
|
May 09, 2018 |
|
Building Your AppSec Program - Application Security Weekly #15
|
May 08, 2018 |
|
Building Your AppSec Program: Getting Started - Application Security Weekly #14
|
May 02, 2018 |
|
FDA, Microsoft, & Android - Application Security Weekly #14
|
May 01, 2018 |
|
Drupal, RSAC, & Facebook - Application Security Weekly #13
|
May 01, 2018 |
|
Rami Sass, CEO & Co-Founder of WhiteSource - Application Security Weekly #13
|
Apr 30, 2018 |
|
Windows, MacOS, & Javascript - Application Security Weekly #12
|
Apr 15, 2018 |
|
Open Source Software - Application Security Weekly #12
|
Apr 14, 2018 |
|
One Language to Rule Them All - Application Security Weekly #11
|
Apr 08, 2018 |
|
Intel, Slack, Spectre, & NASA - Application Security Weekly #11
|
Apr 07, 2018 |
|
DevOps or DevSecOps? - Application Security Weekly #10
|
Apr 01, 2018 |
|
Cloudflare, Facebook, & Red Team Wisdom - Application Security Weekly #10
|
Mar 31, 2018 |
|
AMD, MailChimp, & Equifax - Application Security Weekly #9
|
Mar 18, 2018 |
|
Personal Development in Application Security - Application Security Weekly #9
|
Mar 17, 2018 |
|
Ethereum, Kali Linux, & Creepy Alexa - Application Security Weekly #8
|
Mar 14, 2018 |
|
AppSec Development Partnership - Application Security Weekly #8
|
Mar 13, 2018 |
|
DigiCert, GitHub, & Black Panther - Application Security Weekly #7
|
Mar 04, 2018 |
|
Facebook Malware Scan - Application Security Weekly #7
|
Mar 03, 2018 |
|
Bitcoin, Salon, Oxford Comma Dispute, and Amazon - Application Security Weekly #6
|
Feb 18, 2018 |
|
Topic: Bug Bounties - Application Security Weekly #6
|
Feb 17, 2018 |
|
OWASP ASVS pt. 2 - Application Security Weekly #05
|
Feb 11, 2018 |
|
NSA, Google, & Microsoft - Application Security Weekly #05
|
Feb 10, 2018 |
|
OWASP Application Security Verification Standard - Application Security Weekly #04
|
Feb 04, 2018 |
|
Intel, CloudFair, & Lenovo - Application Security Weekly #04
|
Feb 03, 2018 |
|
Facebook, RedHat, & Russian Twitterbots - Application Security Weekly #03
|
Jan 28, 2018 |
|
Matias Madou, Secure Code Warrior - Application Security Weekly #03
|
Jan 27, 2018 |
|
Google, Oracle, and Apple - Application Security Weekly #02
|
Jan 21, 2018 |
|
Top 10 OWASP pt.2 - Application Security Weekly #02
|
Jan 20, 2018 |
|
OWASP Top 10 (2017) Overview - Application Security Weekly #1
|
Jan 13, 2018 |
|
NVIDIA, Oracle, Coinbase, and Bitcoin - Application Security Weekly #1
|
Jan 12, 2018 |
|
Rise of Application Security - Application Security Weekly #00
|
Jan 07, 2018 |
|
Google, Intel, Mozilla, and Starbucks - Application Security Weekly #00
|
Jan 06, 2018 |