Listen to a podcast, please open Podcast Republic app. Available on Google Play Store and Apple App Store.
Episode | Date |
---|---|
Arg Parsing in Rust, End of Life Hardware, CSRB & MS, Chrome’s V8 Sandbox - ASW #281
|
Apr 16, 2024 |
Demystifying Security Engineering Career Tracks - Karan Dwivedi - ASW #281
|
Apr 16, 2024 |
OWASP Breach, Types of Prompt Injection, Device-Bound Sessions, ASVS & APIs - ASW #280
|
Apr 09, 2024 |
Lessons That The XZ Utils Backdoor Spells Out - Farshad Abasi - ASW #280
|
Apr 09, 2024 |
Top 10's First Update, Metasploit's Second Update, PHP Prepares Statements, RSA & MS - ASW #279
|
Apr 02, 2024 |
Infosec Myths, Mistakes, and Misconceptions - Adrian Sanabria - ASW #279
|
Apr 02, 2024 |
Successful Security Needs a Streamlined UX - Benedek Gagyi - ASW #278
|
Mar 26, 2024 |
GoFetch Side Channel, OpenSSF & Security Education, Fuzzing vs. Formal Verification - ASW #278
|
Mar 25, 2024 |
Vulns in Smart Locks, FCC labels for IoT, ZAP's New Home - ASW #277
|
Mar 19, 2024 |
Figuring Out Where Appsec Fits When Starting a Cybersecurity Program - Tyler VonMoll - ASW #277
|
Mar 19, 2024 |
TeamCity Authn Bypass, ArtPrompt Attacks, Low Quality Vuln Reports, Secure by Design - ASW #276
|
Mar 12, 2024 |
More API Calls, More Problems: The State of API Security in 2024 - Lebin Cheng - ASW #276
|
Mar 12, 2024 |
SAML & Secrets, Serializing AI Models, OWASP ISTG, More Memory Safety - ASW #275
|
Mar 06, 2024 |
The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275
|
Mar 05, 2024 |
PrintListener, Post-Quantum Crypto in iMessage, Silent Sabotage, Rust Survey Results - ASW #274
|
Feb 27, 2024 |
Creating the Secure Pipeline Verification Standard - Farshad Abasi - ASW #274
|
Feb 27, 2024 |
Redefining Threat Modeling - Security Team Goes on Vacation - Jeevan Singh - ASW Vault
|
Feb 20, 2024 |
Creating Code Security Through Better Visibility - Christien Rioux - ASW #273
|
Feb 13, 2024 |
LLMs & Security Tools, Shim Vuln, AI Threat Models, Configuration as Code with Pkl - ASW #273
|
Feb 13, 2024 |
Sorting Out Glibc Vulns, Apple's Security Research Device, BoringSSL, Old C Vulns - ASW #272
|
Feb 06, 2024 |
Starting an OWASP Project (That's Not a List!) - Grant Ongers - ASW #272
|
Feb 06, 2024 |
Vulns & Secure Design, MiraclePtr Success, Abandoned Projects & Maven, Old "AI Chip" - ASW #271
|
Jan 30, 2024 |
Getting Your First Conference Presentation - Sarah Harvey - ASW #271
|
Jan 30, 2024 |
Security in Wrenches, Vulns in Atlassian and GitLab, 2023's Top Web Hacking Tricks - ASW #270
|
Jan 23, 2024 |
Dealing with the Burden of Bad Bots - Sandy Carielli - ASW #270
|
Jan 23, 2024 |
Communicating Technical Topics Without Being Boring - Eve Maler - ASW #269
|
Jan 16, 2024 |
23andMe Blames Users, Abusing Google's OAuth2, Rustls Performance, AI Goes OSINT - ASW #268
|
Jan 09, 2024 |
What's in Store for 2024? - ASW #268
|
Jan 09, 2024 |
HTTP RFCs Have Evolved, Breaking Into Cloud, Scaling AppSec at Netflix, & Confluence - Keith Hoodlet - ASW Vault
|
Jan 01, 2024 |
OWASP SAMM - Software Assurance Maturity Model - Sebastian Deleersnyder - ASW Vault
|
Dec 25, 2023 |
Nagios and Abandoned Projects, Hacking Trains (to Fix Them), OAuth Threats, 5Ghoul - ASW #267
|
Dec 19, 2023 |
Making Service Meshes Work for People - Idit Levine - ASW #267
|
Dec 19, 2023 |
Prompt Injection Scanners, Better AI Jailbreaks, Purple Llama, Linux Kernel Security - ASW #266
|
Dec 12, 2023 |
The ABCs of RFCs - Heather Flanagan - ASW #266
|
Dec 12, 2023 |
Extracting Data from ChatGPT, Vulns Around AI, Secure AI Guidance, LogoFAIL, BLUFFS - ASW #265
|
Dec 06, 2023 |
All the News -- Just Six Months Later - ASW #265
|
Dec 05, 2023 |
Randstorm, Nothing Chats, Platform Engineering, PyPI Security Audit - ASW #264
|
Nov 28, 2023 |
Starting with Appsec -- Is It More of a Position or a Process? - ASW #264
|
Nov 28, 2023 |
Platform Firmware Security - Maggie Jauregui - ASW Vault
|
Nov 20, 2023 |
Fuzzing Strategies, Responding to CISA's Open Source Security RFI, 35 Year Old Worm - ASW #263
|
Nov 14, 2023 |
How 2023 Changed Application Security and What’s to Come in 2024 - Karl Triebes - ASW #263
|
Nov 14, 2023 |
Citrix Bleed, Atlassian Authz Vuln, OpenJS & jQuery, Secure Future Initiative - ASW #262
|
Nov 07, 2023 |
Security from a Developer's Perspective - Josh Goldberg - ASW #262
|
Nov 07, 2023 |
Abusing OAuth, State of DevOps, Nightshade and AI, iLeakage, Sandboxing Apps - ASW #261
|
Oct 31, 2023 |
How Security Tools Must Evolve - Dan Kuykendall - ASW #261
|
Oct 31, 2023 |
Okta Breach, SolarWinds RCEs, CISOs and Boards, Crypto Business Logic, Secure Design - ASW #260
|
Oct 24, 2023 |
OAuth, WebAuthn, and the Impact of Design Choices - Dan Moore - ASW #260
|
Oct 24, 2023 |
HTTP/2 Rapid Reset, Curl's SOCKS5 Bug, Standardizing CycloneDX, AI Bug Bounty - ASW #259
|
Oct 17, 2023 |
OT Security - Huxley Barbee - ASW #259
|
Oct 17, 2023 |
Curl's Impending Patch, Glibc's Looney Tunables, ShellTorch, Another Top 10 List - ASW #258
|
Oct 10, 2023 |
Shifting Focus to Make DevSecOps Successful - Janet Worthington - Janet Worthington - ASW #258
|
Oct 10, 2023 |
A Deceptive Dependabot, Insecure JWT, CISA Wants HBOMs, OpenSSF's Critical Projects - ASW #257
|
Oct 03, 2023 |
Creating Presentations and Training That Engage an Audience - Lina Lau - ASW #257
|
Oct 03, 2023 |
Equifax's Breach, CISA's 1,000 Vulns, Rust's TLS Library, Complexity vs. Design - ASW #256
|
Sep 26, 2023 |
Supply Chain Security Security with Containers and CI/CD Systems - Kirsten Newcomer - ASW #256
|
Sep 26, 2023 |
Azure's Eight XSS Vulns, CNCF's Two Security Audits, CISA's OSS Roadmap, Repojacking - ASW #255
|
Sep 19, 2023 |
Stopping Business Logic Attacks: Why a WAF is no Longer Enough - Karl Triebes - ASW #255
|
Sep 19, 2023 |
Microsoft Dumps a Key, Grafana Logs a Key, URL Parsers Disagree, Old Bug in Ubuntu - ASW #254
|
Sep 12, 2023 |
Building a Scanner and a Community with Zed Attack Proxy - Simon Bennetts - ASW #254
|
Sep 12, 2023 |
Broadening What We Call AppSec - Christien Rioux - ASW Vault
|
Sep 05, 2023 |
Go Crypto in Practice, Excel Executes Python, Protecting Users, DARPA Distills - ASW #253
|
Aug 29, 2023 |
How Can Security Be Smart About Using AI? - Jeff Pollard - ASW #253
|
Aug 29, 2023 |
Discord.io Stops, Azure AD Pops, Zoom AI Drops, Model Confusion Attacks, Early XSS - ASW #252
|
Aug 22, 2023 |
Security in a Cloud Native World & Mobile App Attacks - Asaf Ashkenazi, Jason Rolleston - ASW #252
|
Aug 21, 2023 |
DARPA's AI Challenge, CISA Wants Secure Open Source, 5 Years of Vuln Research - ASW #251
|
Aug 15, 2023 |
Pointers and Perils for Presentations - Josh Goldberg - ASW #251
|
Aug 15, 2023 |
Zap's New Home, Clang & Security Tools, LLM Attacks, Rust Supply Chain - ASW #250
|
Aug 08, 2023 |
You've Got Appsec, But Do You Have ArchSec? - Merritt Baer - ASW #250
|
Aug 08, 2023 |
Zenbleed, Drop in Zero-Days, Security Testing Handbook, Public Speaking - ASW #249
|
Aug 01, 2023 |
Identity and Verifiable Credentials in Cars - Eve Maler - ASW #249
|
Aug 01, 2023 |
SSH-Agent RCE, CTFs & bug bounties, Satellite Security, Cyber Trust Mark, Bad.Build - ASW #248
|
Jul 25, 2023 |
Navigating the Complexities of Development to Create Secure APIs with Kristen Bell - Kristen Bell - ASW #248
|
Jul 25, 2023 |
Kubernetes and silentbob strike back, EV charger hacking, fake POCs - ASW #247
|
Jul 18, 2023 |
Securing Non-Election Election Systems, Modernizing AppSec Education - Brian Glas - ASW #247
|
Jul 18, 2023 |
Developer-Focused Security - Melinda Marks - ASW #246
|
Jul 11, 2023 |
Software Trust & Adversaries - Shannon Lietz - ASW #246
|
Jul 11, 2023 |
The Psychology of Training - Matias Madou - ASW Vault
|
Jul 05, 2023 |
XSS in Azure, Choosing Web Research Topics, Security Dev-in-Residence, More Myths - ASW #245
|
Jun 27, 2023 |
Invicti AppSec Indicator: Latest Web Vulnerability Trends & Best Practices - Patrick Vandenberg - ASW #245
|
Jun 27, 2023 |
Policy Momentum in Coordinated Vulnerability Disclosure - Amit Elazari - ASW Vault
|
Jun 20, 2023 |
Verizon DBIR, CVSS 4.0, Security at Scale, Big IAM Challenge - ASW #244
|
Jun 14, 2023 |
Eliminate Security Vulnerabilities with App Modernization and Identity Orchestration - Eric Olden - ASW #244
|
Jun 14, 2023 |
LLM Top 10, Simple Vulns, PyPI Requires 2FA, ThinkstScapes Quarterly, Fun w/ Learning - ASW #243
|
Jun 06, 2023 |
What's the Deal with API Security? - Sandy Carielli - ASW #243
|
Jun 06, 2023 |
Doing Application Security Right - Farshad Abasi - ASW Vault
|
May 30, 2023 |
New TLDs Zip By, eBPF Fuzzer, Microsoft Rocks Rust, Unwanted Tracking Spec - ASW #242
|
May 23, 2023 |
Ten Things I Hate About Lists - ASW #242
|
May 23, 2023 |
Staying Ahead of Hackers: Protecting Mobile Apps & Detecting Malicious Packages - Asaf Ashkenazi, Jeff Martin - ASW #241
|
May 16, 2023 |
What to Do When the Honeymoon Period Ends - Chris Eng - ASW #241
|
May 16, 2023 |
Strengthening Your Security Position: Detecting Software Supply Chain Breaches - ASW #240
|
May 09, 2023 |
Close the Security Theater: Enter Resilience - Kelly Shortridge - ASW #240
|
May 09, 2023 |
Mitigating AppSec Risk with Systematic Testing and Effective Attack Mitigation - Karl Triebes, Patrick Vandenberg - ASW #239
|
May 02, 2023 |
Application Security Maturity and Frameworks - Francesco Cipollone - ASW #239
|
May 02, 2023 |
A Forecast for Threat Groups, K8s Security Audit, GhostToken on Google, BrokenSesame - ASW #238
|
Apr 26, 2023 |
The Intersection of Hacking, Technology, and Civil Society with Jeff Moss - Jeff Moss - ASW #238
|
Apr 25, 2023 |
Deps.dev API, Right to Repair Tractors, Secure by Design, WebSockets, Adversarial AI - ASW #237
|
Apr 18, 2023 |
Collecting Bounties and Building Communities - Ben Sadeghipour - ASW #237
|
Apr 18, 2023 |
Application Security in Cloud - Vandana Verma Sehgal - ASW #236
|
Apr 12, 2023 |
JSON and a Regex, IoT Passwords, CAN Injection, Twitter CVE, Complexity, Tabletops - ASW #236
|
Apr 11, 2023 |
BingBang, Super FabriXss, 3CX on macOS, Secure Code Game, Real World Crypto 2023 - ASW #235
|
Apr 05, 2023 |
Learning eBPF - Liz Rice - ASW #235
|
Apr 04, 2023 |
OpenAI Info Leak, BitCoin ATM Hack, GitHub RSA SSH Key, Measuring AI Security - ASW #234
|
Mar 28, 2023 |
Real-life Examples. Benefits, Risk & Security Implications of AI - Frank Catucci - ASW #234
|
Mar 28, 2023 |
PassTheHash from Outlook, RCE in Modem Chipset, OpenSSH Sandboxes, Curl's Anniversary - ASW #233
|
Mar 21, 2023 |
Automating Security With Static Analysis - Josh Goldberg - ASW #233
|
Mar 21, 2023 |
Loom Disclosure, GitHub 2FA, Buffer Overflow in TPM, Dropbox Career Framework - ASW #232
|
Mar 14, 2023 |
The OWASP ASVS and Sustainable Software Security Practices - Josh Grossman - ASW #232
|
Mar 14, 2023 |
WebSocket Hijack, Post-Quantum Side-Channel, OWASP's Future, OAuth Misconfigs, ZAP - ASW #231
|
Mar 07, 2023 |
A Deep Dive Into Software Supply Chain Security - Neatsun Ziv - ASW #231
|
Mar 07, 2023 |
Twitter 2FA, Server-Side Prototype Pollution, AI Security & Privacy, Smarter Testing - ASW #230
|
Feb 28, 2023 |
Supply Chain Breaches and Hacking the Cloud: Lessons Learned from IR - Lina Lau - ASW #230
|
Feb 28, 2023 |
Reddit Breach, Toyota Bugs, OpenSSL Vulns, Top 10 Web Hacking Techniques of 2022 - ASW #229
|
Feb 14, 2023 |
What's the Best Way to Threat Model? - Nick Selby - ASW #229
|
Feb 14, 2023 |
Aviation ASCII Art, OpenSSH Double-Free, F5 Format String, OSC&R for Supply Chains - ASW #228
|
Feb 07, 2023 |
Myths and Lies in Infosec - Adrian Sanabria - ASW #228
|
Feb 07, 2023 |
Source Leaks, BIND DoS, Refactoring Go to Typescript, Git Audit & Rust, SQL Slammer - ASW #227
|
Jan 31, 2023 |
There Is No Average Behavior - Dr. David Movshovitz - ASW #227
|
Jan 31, 2023 |
Breach Disclosures, SSRF in Azure, Integer Flaws, Top 10 Web Hacking Techniques - ASW #226
|
Jan 25, 2023 |
Crafting Security Training for Secure Code and Security Culture - Marudhamaran Gunasekaran - ASW #226
|
Jan 24, 2023 |
CircleCI Breach, Vulns in Auto Sites, Google Speaker Bugs, Office Space, S3 Defaults - ASW #225
|
Jan 10, 2023 |
Securing your APIs using OAuth - Dan Moore - ASW #225
|
Jan 10, 2023 |
Security Product Metrics, ML 101, PEACH for Cloud, Log4Shell Lookback, Appsec Tools - ASW #224
|
Jan 03, 2023 |
DevSecOps Essentials - Keith Hoodlet - ASW #224
|
Jan 03, 2023 |
Another Ping of Death, Clever JSON Manipulation, iCloud Encryption, ChatGPT Threats - ASW #223
|
Dec 14, 2022 |
Redefining Threat Modeling - Security Team Goes on Vacation - Jeevan Singh - ASW #223
|
Dec 13, 2022 |
Android Platform Certs Leaked, Hell's Keychain, Web Hacking Cars, Bug Bounty Tips - ASW #222
|
Dec 06, 2022 |
Inoculating Malicious Content: Making File Types Safe to Handle - Aviv Grafi - ASW #222
|
Dec 06, 2022 |
AWS AppSync Vuln, Zero-Initialization, HTTP/3 Connections, Thinkst Quarterly - ASW #221
|
Nov 29, 2022 |
Searching on Encrypted Data: MongoDB’s Queryable Encryption - Kenn White - ASW #221
|
Nov 29, 2022 |
CosMiss, Pixel Lock Screen Bypass, IIoT Path Traversal, NSA on C & C++, Code Reviews - ASW #220
|
Nov 15, 2022 |
The Top 10 CI/CD Security Risks and CI/CD Goat - Daniel Krivelevich - ASW #220
|
Nov 15, 2022 |
Punycode in OpenSSL, Authn in Cosmos DB Notebooks, Documenting Security, IoT Labels - ASW #219
|
Nov 08, 2022 |
Bad Bots are Targeting Your APIs: What You Need to Know - Karl Triebes - ASW #219
|
Nov 08, 2022 |
Critical OpenSSL Vuln, SQLite Vuln, Apple Security Blog, Randomness & Shuffling - ASW #218
|
Nov 01, 2022 |
Understanding Web3 Application Security - Sandy Carielli, Martha Bennett - ASW #218
|
Nov 01, 2022 |
Text4Shell, GUAC for SLSA, OpenSSF Scorecards, Toner Deaf, OWASP Elections - ASW #217
|
Oct 26, 2022 |
Kubernetes, Container and Cloud Best Practices for Securing Cloud Apps and Hardening - Kong Yew Chan - ASW #217
|
Oct 25, 2022 |
FortiOS Exploit, Linux Kernel Wi-Fi Vulns, Infosec Communities, Secure Coding - ASW #216
|
Oct 18, 2022 |
How NVIDIA Uses AI to Address Cybersecurity Challenges - Jason Recla - ASW #216
|
Oct 18, 2022 |
Rust in the Linux Kernel, Uber Security Verdict, Prototype Pollution, PHP Composer - ASW #215
|
Oct 11, 2022 |
Creating and Curating Educational Resources for Secure Coding - Akira Brand - ASW #215
|
Oct 11, 2022 |
Exchange RCE, Patching at Scale, DORA Metrics, USENIX Best Papers, Passkeys - ASW #214
|
Oct 04, 2022 |
Critical Requirements for Cloud Native Application Security - Dean Agron - ASW #214
|
Oct 04, 2022 |
Authz Bypass in Oracle Cloud, Chrome Prototype Pollution, Why Security Products Fail - ASW #213
|
Sep 27, 2022 |
Show, Don’t Tell, Your Developers How To Write Secure Code - Janet Worthington - ASW #213
|
Sep 27, 2022 |
Uber Breach, Rust Security Team, MiraclePtr, Supply Chain Criticism, Careers - ASW #212
|
Sep 20, 2022 |
API Security from a Developer's Perspective - Sam Placette - ASW #212
|
Sep 20, 2022 |
Go Vuln Project, OSS-Fuzz Successes, No More Basic Auth, NSA Supply Chain Hardening - ASW #211
|
Sep 15, 2022 |
Shifting Left Probably Left You Vulnerable. Here’s How You Can Make it Right. - Sonali Shah - ASW #211
|
Sep 14, 2022 |
Twitter Whistleblower Complaint, LastPass Breach, Threat Modeling Culture - ASW #210
|
Aug 30, 2022 |
Cloud Security Frameworks: Clarity vs. Confusion - Doug Dooley - ASW #210
|
Aug 30, 2022 |
Debugging & Dev Tools, Isolating PostgreSQL, Abusing the DevOps Pipeline, Xiaomi Flaw - ASW #209
|
Aug 24, 2022 |
AppSec Tips & Tricks for Cloud Native and Kubernetes Environments - Kiran Kamity - ASW #209
|
Aug 24, 2022 |
Microsoft Bounties & Edge Security, Strategic Bounty Programs, HTTP Desync Attacks - ASW #208
|
Aug 18, 2022 |
Good, Not Perfect, AppSec - Tanya Janca - ASW #208
|
Aug 18, 2022 |
Auth Problems from Parsing, Slack's Password Hashes, Twitter's Info Breach - ASW #207
|
Aug 09, 2022 |
Agility Broke AppSec. Now It's Going to Fix It - Chen Gour Arie - ASW #207
|
Aug 09, 2022 |
Smart Lock and Simple Vulns, Macros and Secure Defaults, Breaches and Costs - ASW #206
|
Aug 05, 2022 |
Reachability & Attackability - Manish Gupta - ASW #206
|
Aug 05, 2022 |
Atlassian Vuln, Attacking OAuth, OpenSSF Security Audits, Tabletop Exercises - ASW #205
|
Jul 29, 2022 |
How to Build a Successful Continuous Application Security Program - Ferruh Mavituna - ASW #205
|
Jul 29, 2022 |
0-Day Vulnerabilities & What's Next - Larry Maccherone - ASW #204
|
Jul 25, 2022 |
Retbleed, CSRB's First Report, a Case-Sensitive Action, Mac Malware Book - ASW #204
|
Jul 19, 2022 |
iOS Lockdown Mode, 2FA in PyPI, CloudVulnDB, & Practical Attacks on ML - ASW #203
|
Jul 12, 2022 |
The Security Challenges That Devs Encounter When Building Secure Apps - Farshad Abasi - ASW #203
|
Jul 11, 2022 |
Answering the ‘How’ Questions of Software Security - Nikhil Gupta - ASW #199
|
Jul 06, 2022 |
Pwn2own, Verizon's DBIR, Zoom's XMPP Flaws, $10M Bounty, & More Bad Packages - ASW #199
|
Jul 06, 2022 |
More Fuzzing, a Decade of OT Security, & Top Threats to Cloud Computing - ASW #202
|
Jun 28, 2022 |
How GraphQL & Template Injection Threats Influence App Architectures - Mike Benjamin - ASW #202
|
Jun 27, 2022 |
Hertzbleed, SynLapse, Java Deserialization, More MFA, Firmware Flaws, & Zombie 0-Day - ASW #201
|
Jun 22, 2022 |
IE11 Goes to Zero -- A History of Browser Security and Bug Bounties - ASW #201
|
Jun 21, 2022 |
OWASP Top 10 for K8s, Firefox Process Isolation, Secure Software Factory, CFAA Policy - ASW #198
|
Jun 15, 2022 |
The Psychology of Training - Matias Madou - ASW #198
|
Jun 15, 2022 |
RSAC Micro Interviews - Cisco & Invicti Security - Jeetu Patel, Sonali Shah - ASW #200
|
Jun 14, 2022 |
HTTP RFCs Have Evolved, Breaking Into Cloud, Scaling AppSec at Netflix, & Confluence - ASW #200
|
Jun 13, 2022 |
Developing Future Cybersecurity Contributors - Brian Glas - ASW #197
|
May 18, 2022 |
Typosquatting, Curl's Security Update, & OpenSSF's 10 Point Mobilization Plan - ASW #197
|
May 18, 2022 |
Smart Contract Security, Heroku Breach, & Real World Crypto Highlights - ASW #196
|
May 10, 2022 |
Securing SAP: Addressing the Critical & Complex Challenge - Christoph Nagy - ASW #196
|
May 09, 2022 |
ExtraReplica, Document.domain Disfavored, & Highlights From Thinkst Quarterly - ASW #195
|
May 03, 2022 |
Bad Bots - Automated Threat Targeting Your Websites, Mobile Apps, & APIs - Lynn Marks - ASW #195
|
May 02, 2022 |
Java's ECDSA for Nought, Writing a Kernel RCE, Okta's Conclusion, Log4Shell Hot Patch - ASW #194
|
Apr 26, 2022 |
What Does Software Supply Chain Security Threat Mean to Developers? - Dr. Chenxi Wang - ASW #194
|
Apr 25, 2022 |
OAuth Tokens Taken, Vulns in Medical IoT, Scoring a Proactive Security Culture - ASW #193
|
Apr 19, 2022 |
Appsec (and adjacent) Metrics - ASW #193
|
Apr 18, 2022 |
SSRF at a FinTech, Zoom's Bounties, SLSA Build Provenance, & Raspberry Pi Credentials - ASW #192
|
Apr 12, 2022 |
Service Mesh & Zero Trust Kubernetes Security - William Morgan - ASW #192
|
Apr 11, 2022 |
Escaping from BlastDoor's Sandbox, Spring RCE, Old Zlib Flaw, Startup Security - ASW #191
|
Apr 05, 2022 |
Democratizing Software Security - Eric Allard - ASW #191
|
Apr 04, 2022 |
Okta & LAPSUS$, Fuzzing Rust, SQL Injection & Stale Code, Log4j Lessons - ASW #190
|
Mar 29, 2022 |
How to Build a Developer-First Application Security Program - Harshil Parikh - ASW #190
|
Mar 28, 2022 |
A Great Escape, Peace Not War, & How to Burp Good - ASW #189
|
Mar 22, 2022 |
Helping Secure OSS Software - Alvaro Munoz - ASW #189
|
Mar 21, 2022 |
Dirty Pipe, AutoWarp Vuln in Azure, TLStorm Hits UPS Devices, Car Hacking - ASW #188
|
Mar 15, 2022 |
Doing Application Security Right - Farshad Abasi - ASW #188
|
Mar 14, 2022 |
Vulns in Markdown Parsers, Census II & Open Source Security, iCloud Private Relay - ASW #187
|
Mar 08, 2022 |
Deep Visibility & Understanding the Underlying Data Layer - Lebin Cheng - ASW #187
|
Mar 07, 2022 |
Bug Bounty Costs, GitHub's Advisory Database, ICS Vulns of 2021, CNCF Secure Software - ASW #186
|
Mar 01, 2022 |
Integrating Appsec Tools for DevOps Teams - Steve Wilson - ASW #186
|
Feb 28, 2022 |
Cassandra RCE, Pixelation Is Poor Redaction, Rust's Useful Errors, & Hardening Edge - ASW #185
|
Feb 22, 2022 |
The DIY AppSec Lab - ASW #185
|
Feb 21, 2022 |
Docker Boundaries, Google Bounties, 2021's Top Web Hacks, Apple AirTags, AI vs. RFCs - ASW #184
|
Feb 15, 2022 |
The Modern Developer Must be Security Minded, Too - Doug Kersten - ASW #184
|
Feb 14, 2022 |
HTTP/3 Streams, Argo CD Paths, Log4j Devs, Cyber Safety Review Board, OSSF Projects - ASW #183
|
Feb 08, 2022 |
Policy Momentum in Coordinated Vulnerability Disclosure - Amit Elazari - ASW #183
|
Feb 07, 2022 |
PwnKit, Qubit Hack, Multichain Hack, Safari Bounty, & Python NaN - ASW #182
|
Feb 01, 2022 |
Shift Left, NOT S#!T LEFT - Larry Maccherone - ASW #182
|
Jan 31, 2022 |
IndexedDB Leak, Linux Kernel Bug, Zoom Security, SSRF & Allow Lists, Security Courses - ASW #181
|
Jan 25, 2022 |
API Security (Shadow APIs) - Himanshu Dwivedi - ASW #181
|
Jan 24, 2022 |
Scams and Security in Web3*, URL Parsing Problems, AWS Glue, CI/CD Compromises - ASW #180
|
Jan 19, 2022 |
Investing in Open Source Security - ASW #180
|
Jan 18, 2022 |
Log4j for FTC, More JNDI, Cache Poisoning, Improving Default Configs, ThinkstScapes - ASW #179
|
Jan 11, 2022 |
Broadening What We Call AppSec - Christien Rioux - ASW #179
|
Jan 10, 2022 |
Latest Log4j, Outages & Availability, FPGA Security Concepts, & Bug Bounty Awards - ASW #178
|
Dec 21, 2021 |
Evolving Security Testing - Dan Guido - ASW #178
|
Dec 20, 2021 |
Log4Shell, Mozilla's BigFix & New Sandbox, Rust in Linux Kernel, Path Traversal in Go - ASW #177
|
Dec 14, 2021 |
DevSecOps, Compliance GRC, and the Future of Application Security - Francesco Cipollone - ASW #177
|
Dec 13, 2021 |
Bug Bounties in Windows/WebKit, Edge Hardening, OAuth Hardening, & GoDaddy Breach - ASW #176
|
Nov 30, 2021 |
Solving Systemic Risk in Software Development - Chris Wysopal - ASW #176
|
Nov 29, 2021 |
CVEs 4 CSPs, Malicious PyPi, Bounty Programs, Shared Responsibility, & Breach Costs - ASW #175
|
Nov 23, 2021 |
wasmCloud - Distributed Computing With WebAssembly - Liam Randall - ASW #175
|
Nov 22, 2021 |
PAN-OS Vuln, ChaosDB, Fuzzing BusyBox, Refactoring in Rust, HTML Smuggling - ASW #174
|
Nov 16, 2021 |
Mobile Application Security - Ryan Lloyd - ASW #174
|
Nov 15, 2021 |
Linux Kernel TIPC RCE, NPM Malware, OTP 2FA Bots, & Security Labels - ASW #173
|
Nov 09, 2021 |
A Standardized Approach to SBOM - Dan McKinney - ASW #173
|
Nov 08, 2021 |
Discourse RCE, Trojan Source, WhatsApp Security, & Privacy Engineering - ASW #172
|
Nov 02, 2021 |
Untangling API Security in 2022 - Peter Klimek - ASW #172
|
Nov 01, 2021 |
UAParser.js Malware in NPM, Squirrel Sandbox Escape, Securing CI/CD, & AppSec Videos - ASW #171
|
Oct 26, 2021 |
Security Champions in an Online First World - Ashish Rajan - ASW #171
|
Oct 25, 2021 |
View Source, Bindiff for Vuln Analysis, Bypass with GitHub Actions, & NIST DevSecOps - ASW #170
|
Oct 19, 2021 |
Dev(Sec)Ops Scanning Challenges & Tips - Nuno Loureiro, Tiago Mendo - ASW #170
|
Oct 18, 2021 |
Twitch Breach, HTTPd Path Traversal, Disabling Macros, & Great Cybersecurity Programs - ASW #169
|
Oct 12, 2021 |
Modernizing the Management of Your Software Supply Chain - Tom Gibson - ASW #169
|
Oct 11, 2021 |
Prototype Pollution, Funding Open Source Security, Expiring Root CA, Mariana Trench - ASW #168
|
Oct 05, 2021 |
The Power of Developer-First Security - Hillary Benson - ASW #168
|
Oct 04, 2021 |
AppSec Orchestration/Correlation & DevSecOps Efficiency - Anita D'Amico, Patrick Carey - ASW #167
|
Sep 28, 2021 |
Exchange's Great Leak, RCE in VMware, IoT Bug in MQTT, & Chrome's Memory Safety Nets - ASW #167
|
Sep 27, 2021 |
OMIGOD, FORCEDENTRY, Code Ownership, Security as a Product, & IoT Device Criteria - ASW #166
|
Sep 21, 2021 |
Transforming Modern Software Development with Developer-First AppSec - Jeff Williams - ASW #166
|
Sep 20, 2021 |
OWASP Top 10, CISA Bad Practices, Azurescape, Confluence RCE, & API Security Tokens - ASW #165
|
Sep 14, 2021 |
Findings From the 2021 AppSec Shift Left Progress Report - Manish Gupta - ASW #165
|
Sep 13, 2021 |
ChaosDB, OpenSSL String Bugs, Revealing Locations, & More Top 15 Vulns - ASW #164
|
Aug 31, 2021 |
A DevOps Perspective on Risk Tolerance & Risk Transfer - Caroline Wong - ASW #164
|
Aug 30, 2021 |
BlackBerry's BadAlloc, Glibc's NULL, Backtick Command Injection, & ProxyLogon Details - ASW #163
|
Aug 24, 2021 |
Challenges in Open Source Application Security - Shubhra Kar - ASW #163
|
Aug 23, 2021 |
Cracked Concatenation, Injection Against DNS, Allstar GitHub, & DEF CON Highlights - ASW #162
|
Aug 17, 2021 |
DevSecOps - Making It Real - Mike Rothman - ASW #162
|
Aug 16, 2021 |
Securing Modern Web Apps: Development Techniques are Changing - Tom Hudson - ASW #161
|
Aug 16, 2021 |
Router Auth Bypass, Weak IoT RNG, HTTP/2 Request Smuggling, & Kindle Fuzzing - ASW #161
|
Aug 10, 2021 |
PunkSpider, Bug Bounties, RCE in PyPI, Kernel Pwning With eBPF, & Top Vulns From CISA - ASW #160
|
Aug 03, 2021 |
Platform Firmware Security - Maggie Jauregui - ASW #160
|
Aug 02, 2021 |
CWE Top 25, Bugs in Inconstancies, Sequoia Vuln, Twitter Transparency, & Cloud Risks - ASW #159
|
Jul 27, 2021 |
Navigating the Seas of Security in Serverless Functions - Peter Klimek - ASW #159
|
Jul 27, 2021 |
Code Comments, Decision Trees, Windows Hello, Telegram Analysis, & Cloud Risks - ASW #158
|
Jul 20, 2021 |
The Role of Open Source in DevSecOps - David DeSanto - ASW #158
|
Jul 19, 2021 |
Password Mismanager, Trusted Types vs. DOM XSS, PrintNightmare, & Fault Injections - ASW #157
|
Jul 13, 2021 |
Web App and API Security Needs to Be Modernized: Here’s How - Sean Leach - ASW #157
|
Jul 13, 2021 |
Semgrep, Microsoft Signs With Rootkits, ATT&CK/D3FEND, & Injured Android - ASW #156
|
Jun 29, 2021 |
Scaling Your Application Security Program - Clint Gibler - ASW #156
|
Jun 28, 2021 |
Supply Chain Integrity, Format Strings, Systemd Bug, Instagram Bounty, & Refactoring - ASW #155
|
Jun 22, 2021 |
Challenges of DAST Scanners / Adoption by Developers - Nuno Loureiro, Tiago Mendo - ASW #155
|
Jun 21, 2021 |
ALPACA, EA Breach, sprintf Lives, Go Fuzzing, K8s Goat, & OT Basics - ASW #154
|
Jun 15, 2021 |
OWASP SAMM - Software Assurance Maturity Model - Sebastian Deleersnyder - ASW #154
|
Jun 14, 2021 |
HTTP Goes QUIC, Security & Humans, Amazon Sidewalk Privacy, & Product Abuse - ASW #153
|
Jun 08, 2021 |
API Security: Understanding Threats to Better Protect Your Organization - Daniel Hampton - ASW #153
|
Jun 07, 2021 |
IIS Bug, Browsers & Androids & Supply Chains Oh My! - ASW #152
|
May 25, 2021 |
Bringing AppSec to a Modern CI Pipeline - Manish Gupta - ASW #152
|
May 24, 2021 |
CNCF Supply Chain, Frag Attacks, Securing Webhooks, & Complexity vs. Security - ASW #151
|
May 18, 2021 |
Third Party Software Risk on the Web - Aanand Krishnan - ASW #151
|
May 18, 2021 |
AirTags & Threat Models, Qualcomm Modem Vuln, Exim RCE(s), & Binary Hardening - ASW #150
|
May 11, 2021 |
Delivering On the Promise of Application Security - Ankur Shah - ASW #150
|
May 10, 2021 |
BadAlloc Vulns, Gatekeeper Bypass, & More Spectre in Micro-Op Caches - ASW #149
|
May 04, 2021 |
Why Developers Need to Think Differently About Software Security - Rey Bango - ASW #149
|
May 03, 2021 |
Signal Aesthetics, AirDrop Privacy, Safety vs. Security, & Data Ordering Attacks - ASW #148
|
Apr 27, 2021 |
Deceptive Diffs From Subversive Submitters - ASW #148
|
Apr 26, 2021 |
Rust in Android, Vuln Disclosure, Postmortems, & BootHole Follow-Up - ASW #147
|
Apr 20, 2021 |
Supply Chain Management - Doug Barbin - ASW #147
|
Apr 19, 2021 |
Malicious PHP Commits, OAuth Attacks & XML Injection, & Zines For DevSecOps - ASW #146
|
Apr 06, 2021 |
Shifting Right: What Security Engineers Can Learn From DevSecOps - Leif Dreizler - ASW #146
|
Apr 05, 2021 |
TikTok Analysis, Patching Patches, CI/CD Integrity, Faster Fuzzing, & Slack Safety - ASW #145
|
Mar 30, 2021 |
OWASP Top 10 of 2021 - Andrew van der Stock - ASW #145
|
Mar 29, 2021 |
Supply Chains in Azure SDK/Xcode, GitHub Sessions, & GCP VRP - ASW #144
|
Mar 23, 2021 |
Approaching AppSec Like a Hacker - Johanna Ydergard, Roberto Giachetta - ASW #144
|
Mar 22, 2021 |
Unauth'd RCE, "Regexploits", Post-Spectre Web, & SigStore Signing - ASW #143
|
Mar 16, 2021 |
Cloud Native Security Platforms - John Morello - ASW #143
|
Mar 15, 2021 |
Security Engineering, Evil Packages, Exchange SSRF, & Observability - ASW #142
|
Mar 09, 2021 |
Privacy, Data Security & Compliance - Cynthia Burke - ASW #142
|
Mar 08, 2021 |
JSON, OpenSSL, Educational Resources, & Flaws in CodeQL - ASW #141
|
Mar 02, 2021 |
Hackable; How to do Application Security Right - Ted Harrington - ASW #141
|
Mar 01, 2021 |
Dependency Confusion, Suspender Falls, Web Shells, & AppSec Scale - ASW #140
|
Feb 23, 2021 |
Targeting, Exploiting, & Defending Linux - Brandon Edwards - ASW #140
|
Feb 22, 2021 |
BBPLR, API Security Trends, Memory Unsafety, & Patching 0-Days - ASW #139
|
Feb 09, 2021 |
Being a Serial Entrepreneur, Business Leader, & Hacker - Alissa Knight - ASW #139
|
Feb 08, 2021 |
Sudo Vuln, Libgcrypt, BlastDoor on iMessage, & AWS Lambda security - ASW #138
|
Feb 02, 2021 |
Groundhog Day - It's Time to Reset the Script on Vulnerabilities - John Delaroderie - ASW #138
|
Feb 01, 2021 |
KindleDrip, State of Messaging State Machines, DoH, & Data Security Strategies - ASW #137
|
Jan 26, 2021 |
Reading Industry Analyst Tea Leaves To Predict The Future - Taylor McCaslin - ASW #137
|
Jan 25, 2021 |
Google 2FA Cloning, Speed vs. Security, & "Hack The Army" Bug Bounty 3.0 - ASW #136
|
Jan 12, 2021 |
Fuzz Testing - Andrei Serban - ASW #136
|
Jan 11, 2021 |
Kubernetes Clusters, Microsoft Solarigate, & Apple's Security DIY - ASW #135
|
Jan 05, 2021 |
Security By Design - ASW #135
|
Jan 04, 2021 |
Atheris Python Fuzzer, Bronze Bit Attack, & FireEye Highlights - ASW #134
|
Dec 15, 2020 |
Freedom From Computing Environments - Ev Kontsevoy - ASW #134
|
Dec 14, 2020 |
Google Play Bug, GitHub, iPhone Radio Reboots, & Docker Hub Vulns - ASW #133
|
Dec 08, 2020 |
Security Web Applications Against Modern Threats - John Delaroderie, Mike Manrod - ASW #133
|
Dec 07, 2020 |
Top CyberSec Skills for 2021, Xbox Gamertag Bug, & MobileIron RCE Flaw - ASW #132
|
Dec 01, 2020 |
Security Decisions During Application Development - Tim Mackey - ASW #132
|
Nov 30, 2020 |
Drupal Flaws, DevSecOps Implementation, & Cloud Native Security White Paper - ASW #131
|
Nov 24, 2020 |
Threat Modeling Deep Dive - ASW #131
|
Nov 23, 2020 |
'Platypus' Attack, IDOR DOD Bug, & 2 More Chrome 0-Days - ASW #130
|
Nov 17, 2020 |
Automated Hacker Knowledge - Rickard Carlsson - ASW #130
|
Nov 16, 2020 |
Security Is a Feature - Keith Hoodlet - ASW #129
|
Nov 10, 2020 |
China's Top Hacking Contest, GitHub Actions, & Vulnonym - ASW #129
|
Nov 09, 2020 |
Lax IoT, Adobe Flash Croaks, Link Preview Vulns, & Security Theatre! - ASW #128
|
Nov 03, 2020 |
Azure App Service & Cloud-Native Signal Sciences Deployments - Alfred Chung - ASW #128
|
Nov 02, 2020 |
Cyber Risk in Industrial IoT, Firefox 'Site Isolation', & Chrome 0-Day Bug - ASW #127
|
Oct 27, 2020 |
Cyber Resiliency Through Self-Healing Cloud Infrastructure - Cesar Rodriguez - ASW #127
|
Oct 26, 2020 |
Windows "Ping of Death", SonicWall VPN RCE , & MediaTek BootROM Glitch - ASW #126
|
Oct 20, 2020 |
The Future of Application Security Testing (AST) - Taylor McCaslin - ASW #126
|
Oct 19, 2020 |
Fortinet SIEM RCE, Facebook Bug Bounty, & Anti-Virus Vulnerabilities - ASW #125
|
Oct 13, 2020 |
Application Security Best Practices - James Manico - ASW #125
|
Oct 12, 2020 |
DOMOS 5.8 OS Command Injection, API Shield, & TRB245 Vulnerabilities - ASW #124
|
Oct 06, 2020 |
Things Every Developer Should Know About Security - Chris Romeo - ASW #124
|
Oct 05, 2020 |
Bypassing TikTok's MFA, Instragram RCE, & Chrome Security Updates - ASW #123
|
Sep 29, 2020 |
The Difference Between Finding Vulns & Securing Apps - ASW #123
|
Sep 28, 2020 |
Project OneFuzz, Bluetooth Spoofing Bug, & Safeguarding Secrets - ASW #122
|
Sep 22, 2020 |
Visualizing & Detecting Threats For Your Custom Application - Justin Massey - ASW #122
|
Sep 21, 2020 |
RCE via BACKBLAZE, Microsoft Patch Tuesday, & CRYLOGGER - ASW #121
|
Sep 15, 2020 |
The People & Process of DevOps - Frank Catucci - ASW #121
|
Sep 14, 2020 |
GitHub to Ruby 2.7, CISO Success, & Lessons From Uber - ASW #120
|
Sep 01, 2020 |
Detecting Threats & Avoiding Misconfigs In The Cloud-Age - Marc Tremsal - ASW #120
|
Aug 31, 2020 |
ATM Attacks, gcploit, & ClusterFuzz - ASW #119
|
Aug 25, 2020 |
DevOps-First Application Security For Mid-Markets - Sundar Krish - ASW #119
|
Aug 24, 2020 |
AWS S3 Crypto SDK, ReVoLTE Attack, & Microsoft Bug Bounties - ASW #118
|
Aug 18, 2020 |
Immutable Security For Immutable Infrastructure - Cesar Rodriguez - ASW #118
|
Aug 17, 2020 |
SWVHSC: Amazon GuardDuty, Sandboxing & Workload Isolation, & No More SHA-1 - ASW #117
|
Aug 04, 2020 |
SWVHSC: How Does Sec Live In A DevOps World? - Mike Rothman - ASW #117
|
Aug 04, 2020 |
TaskRouter JS SDK, EL1/EL3 Vulnerability, & 234 Alexa Skills Store Violations - ASW #116
|
Jul 28, 2020 |
Fixing Vulnerabilities Effectively & Efficiently - John Matherly - ASW #116
|
Jul 27, 2020 |
SIGRed RCE, Google Cloud 'Confidential VMs', & Twitter Hack Crypto Scam - ASW #115
|
Jul 21, 2020 |
Cloud Security Posture Management & Governance - Bhasker Nallapothula, Kris Rajana - ASW #115
|
Jul 20, 2020 |
Top Bug Bounty Rankings, Zoom 0-Day, & Firefox Send Malware - ASW #114
|
Jul 14, 2020 |
DevSecOps - Judy Ngure - ASW #114
|
Jul 13, 2020 |
Guacamole RCE, PAN-OS Flaw, & A Culture of Resilience - ASW #113
|
Jul 07, 2020 |
Protecting Mobile Applications - Catherine Chambers, Will Hickie - ASW #113
|
Jul 06, 2020 |
DLL Hijacking, Trust Through Privacy, & Adobe EOL Data - ASW #112
|
Jun 30, 2020 |
Using IaC to Establish & Analyze Secure Environments - Cesar Rodriguez - ASW #112
|
Jun 29, 2020 |
CallStranger, SMBleedingGhost, & Misconfigured Kubeflow - ASW #111
|
Jun 16, 2020 |
Data Mapping & Data Value Journey - Michelle Dennedy - ASW #111
|
Jun 15, 2020 |
Zoom Vulns, Apple 0-Days, & Abandoned Domains - ASW #110
|
Jun 09, 2020 |
The Future State of AppSec - Phillip Maddux - ASW #110
|
Jun 08, 2020 |
Apps Are the New Endpoint - Catherine Chambers - ASW #109
|
Jun 02, 2020 |
How to Prevent Account Takeover Attacks - John Chirhart - ASW #109
|
Jun 01, 2020 |
Highlights From the New Open Source Security and Risk Analysis Report - Tim Mackey - ASW #108
|
May 19, 2020 |
Using Rate Limiting to Protect Web Apps and APIs - Jack Zarris - ASW #108
|
May 18, 2020 |
Samsung RCE 0-Click, Whispers, & Compromising Pluton - ASW #107
|
May 12, 2020 |
How Can Security Work TOGETHER, Not Against, Developers - Joe Garcia - ASW #107
|
May 11, 2020 |
Psychic Paper, Salt RCE, & Love Bugs - ASW #106
|
May 05, 2020 |
Modern Application Security & Container Security - Gareth Rushgrove - ASW #106
|
May 04, 2020 |
Nintendo Breach, NSA Advisory, & Security of IoMT - ASW #105
|
Apr 28, 2020 |
Threat Modeling in AppSec - Avi Douglen - ASW #105
|
Apr 27, 2020 |
Malicious Ruby Gems & JSON Web Token Bypass - ASW #104
|
Apr 21, 2020 |
Building an AppSec Ecosystem - Rebecca Deck - ASW #104
|
Apr 20, 2020 |
Zooming Alex Stamos & Building Security TestOps - ASW #103
|
Apr 14, 2020 |
Making Kubernetes a Hostile Place for Attackers - Brad Geesaman - ASW #103
|
Apr 13, 2020 |
Zoom Flaws, 'Zombie' win32k Bug, & Inputscope - ASW #102
|
Apr 07, 2020 |
You're (probably) Doing AppSec Wrong - Grant Ongers - ASW #102
|
Apr 06, 2020 |
The Benefits of SAST and SCA in Your IDE - Utsav Sanghani - ASW #101
|
Mar 23, 2020 |
Singularity: A Different Take on Container Security - Adam Hughes - ASW #101
|
Mar 23, 2020 |
Bottlerocket, Supply Chain Casualty, DevOps Sweet Spot - ASW #100
|
Mar 17, 2020 |
DevSecOps / Scaling Security - Clint Gibler - ASW #100
|
Mar 17, 2020 |
CISOs, CVE, DevOps, Gandalf - ASW #99
|
Mar 09, 2020 |
Guy Podjarny, Snyk - Guy Podjarny - ASW #99
|
Mar 09, 2020 |
InfoSec World Workshop: DevSecOps and Cultural Transformation - Dan Petit - ASW #98
|
Mar 02, 2020 |
Ghostcat, Apache, Networks, Starliner - ASW #98
|
Mar 02, 2020 |
Application News - RSA Conference News and Activities - ASW #97
|
Feb 26, 2020 |
Chris Eng Interview - What's New with Veracode - Chris Eng - ASW #97
|
Feb 25, 2020 |
SweynTooth, OWASP, CRXcavator, DevSecOps - ASW #96
|
Feb 19, 2020 |
Lessons Learned From The DevSecOps Trenches - Doug DePerry - ASW #96
|
Feb 17, 2020 |
WhatsApp Flaw, Dropbox Bug Bounty Program, Investigating Web Shell Attacks - ASW #95
|
Feb 12, 2020 |
Mitigating at Design Time - Shaun Lamb - ASW #95
|
Feb 11, 2020 |
Scaling an AppSec Program - ASW #94
|
Feb 03, 2020 |
Xbox Bounty Program, Magento Patch, RCE in OpenSMTPD - ASW #94
|
Feb 03, 2020 |
Pwn2Own In Miami, Cloud Vuln., Deconstructing Web Cache Deception Attacks - ASW #93
|
Jan 29, 2020 |
Dynamically Protecting Mobile Applications With RASP - John Butler - ASW #93
|
Jan 28, 2020 |
Crypto Bugs, IoT Planes and Application Inspectors, Oh My! - ASW #92
|
Jan 22, 2020 |
Protecting Data in Apps and Protecting Apps from Data - ASW #92
|
Jan 21, 2020 |
Application News - ASW #91
|
Jan 14, 2020 |
The Evolution of DevSecOps and AppSec Trends in 2020 - Hillel Solow - ASW #91
|
Jan 14, 2020 |
Application News - ASW #90
|
Jan 08, 2020 |
Privacy by Design - ASW #90
|
Jan 07, 2020 |
Binary Planting, GitLab, and DevOps Pipelines - ASW #89
|
Dec 18, 2019 |
API Security - Dave Ferguson - ASW #89
|
Dec 17, 2019 |
The World Runs On Open-Source, But Who's Paying For Gas? - ASW #88
|
Dec 11, 2019 |
Software Bill of Materials (SBOM) - Allan Friedman - ASW #88
|
Dec 10, 2019 |
Facebook, Twitter, & Firefox - ASW #87
|
Dec 04, 2019 |
Bot Management - Sandy Carielli - ASW #87
|
Dec 03, 2019 |
Application News - ASW #86
|
Nov 28, 2019 |
Development Decisions Affect The Security Of Any Application - Tim Mackey - ASW #86
|
Nov 27, 2019 |
Sysdig Secure 3.0 - Pawan Shankar - ASW #85
|
Nov 20, 2019 |
Mirantis' Docker, CISOs, & End of Life Dates - ASW #85
|
Nov 19, 2019 |
Application News - ASW #84
|
Nov 14, 2019 |
Security Testing - ASW #84
|
Nov 13, 2019 |
Application News - ASW #83
|
Nov 06, 2019 |
Teaching Security In Software Development - Daniel Lowrie, Justin Dennison - ASW #83
|
Nov 05, 2019 |
Application News - ASW #82
|
Oct 30, 2019 |
Bug Bounties, Pentesting, & Scanners - ASW #82
|
Oct 29, 2019 |
Application News - ASW #81
|
Oct 23, 2019 |
Doug Coburn, Signal Sciences - Doug Coburn - ASW #81
|
Oct 22, 2019 |
Application News - ASW #80
|
Oct 16, 2019 |
Francois Lascelles, Ping Identity - ASW #80
|
Oct 15, 2019 |
Application News - ASW #79
|
Oct 09, 2019 |
Cloud Security for Small Teams - ASW #79
|
Oct 08, 2019 |
Application News - ASW #78
|
Oct 02, 2019 |
Information Disclosure Vulnerabilities - Ryan Kelso - ASW #78
|
Oct 01, 2019 |
Training For Developers - Nicolas Valcárcel - ASW #77
|
Sep 24, 2019 |
Application News - ASW #77
|
Sep 23, 2019 |
Bugs, Breaches, & More - ASW #76
|
Sep 18, 2019 |
OWASP Application Security Verification Standard - ASW #76
|
Sep 16, 2019 |
Bugs, Breaches, & More - ASW #75
|
Sep 11, 2019 |
Tools in the DevOps Pipeline: Ty Sbano, Sisense - ASW #75
|
Sep 10, 2019 |
Black Hat Interviews - WhiteSource and Venafi - ASW #74
|
Aug 28, 2019 |
Container Security With Sysdig Secure 2.4 - Pawan Shankar - ASW #74
|
Aug 26, 2019 |
Bugs, Breaches, and More! - ASW #73
|
Aug 21, 2019 |
Ping Identity, Cequence, & NowSecure - ASW #73
|
Aug 20, 2019 |
Application News - ASW - News #72
|
Aug 14, 2019 |
Hacker Summer Camp Round-UP - ASW - Topic #72
|
Aug 13, 2019 |
Application News - Application Security Weekly #71
|
Jul 31, 2019 |
Container Security Today - Application Security Weekly #71
|
Jul 30, 2019 |
Application News - Application Security Weekly #70
|
Jul 24, 2019 |
Secure App Deployment With Unikernels - Application Security Weekly #70
|
Jul 23, 2019 |
Application News - Application Security Weekly #69
|
Jul 17, 2019 |
Securing Multi-Cloud Environments - Application Security Weekly #69
|
Jul 16, 2019 |
Application News - Application Security Weekly #68
|
Jul 10, 2019 |
Cloud Native - Application Security Weekly #68
|
Jul 09, 2019 |
Security Training for Devs - Application Security Weekly #67
|
Jul 03, 2019 |
GKE, AWS, & S3 Buckets - Application Security Weekly #67
|
Jul 02, 2019 |
Don't Ignore APIs - Application Security Weekly #66
|
Jun 26, 2019 |
Osquery, Netflix, & Mozilla - Application Security Weekly #66
|
Jun 25, 2019 |
Bugs, Breaches, and More! - Application Security Weekly #65
|
Jun 19, 2019 |
Shannon Lietz, Intuit - Application Security Weekly #65
|
Jun 18, 2019 |
MacOS Catalina, OpenShift, & Pink Floyd - Application Security Weekly #64
|
Jun 12, 2019 |
DevSecOps & Software Supply Chains, Microsoft - Application Security Weekly #64
|
Jun 10, 2019 |
Application News - Application Security Weekly #63
|
Jun 05, 2019 |
Major Identities & Micro Services - Application Security Weekly #63
|
Jun 04, 2019 |
Application News - Application Security Weekly #62
|
May 22, 2019 |
Cody Wood, Signal Sciences - Application Security Weekly #62
|
May 21, 2019 |
Application News - Application Security Weekly #61
|
May 16, 2019 |
Securing Software Supply Chains - Application Security Weekly #61
|
May 15, 2019 |
Sven Morgenroth, Netsparker - Application Security Weekly #60
|
May 08, 2019 |
Application News - Application Security Weekly #60
|
May 07, 2019 |
Application News - Application Security Weekly #59
|
May 01, 2019 |
Larry Maccherone, Comcast - Application Security Weekly #59
|
Apr 30, 2019 |
Application News - Application Security Weekly #58
|
Apr 24, 2019 |
Thomas Hatch, SaltStack - Application Security Weekly #58
|
Apr 23, 2019 |
Application News - Application Security Weekly #57
|
Apr 17, 2019 |
Containers and Kubernetes - Application Security Weekly #57
|
Apr 16, 2019 |
Falco, Sysdig - Application Security Weekly #56
|
Apr 10, 2019 |
Docker, ARM, & "Selfie" - Application Security Weekly #56
|
Apr 09, 2019 |
Wins & Challenges In AppSec , Square - Application Security Weekly #55
|
Mar 29, 2019 |
Bugs, Breaches, and More! - Application Security Weekly #55
|
Mar 28, 2019 |
DARPA, Yelp, & FBI - Application Security Weekly #54
|
Mar 20, 2019 |
Jamie Duncan, Red Hat - Application Security Weekly #54
|
Mar 19, 2019 |
Application News - Application Security Weekly #53
|
Mar 13, 2019 |
RSA 2019 Recap - Application Security Weekly #53
|
Mar 12, 2019 |
Matt Springfield, 12Feet, Inc. - Application Security Weekly #52
|
Feb 27, 2019 |
Bugs, Breaches, and More! - Application Security Weekly #52
|
Feb 26, 2019 |
Android, Dark Web, & Development - Application Security Weekly #51
|
Feb 20, 2019 |
Integrating Security into DevOps, Altran - Application Security Weekly #51
|
Feb 19, 2019 |
Application News - Application Security Weekly #50
|
Feb 14, 2019 |
Basic Flow of Problem, Solution, and Value - Application Security Weekly #50
|
Feb 13, 2019 |
Application News - Application Security Weekly #49
|
Feb 06, 2019 |
The Current State of Privacy & Software Development - Application Security Weekly #49
|
Feb 05, 2019 |
Bugs, Breaches, and More! - Application Security Weekly #48
|
Jan 31, 2019 |
Jing Xie, Venafi - Application Security Weekly #48
|
Jan 30, 2019 |
Bugs, Breaches, and More - Application Security Weekly #47
|
Jan 23, 2019 |
The Human Element of Application Security - Application Security Weekly #47
|
Jan 23, 2019 |
Rey Bango, Microsoft - Application Security Weekly #46
|
Jan 17, 2019 |
CRLF, NASA, & GitHub - Application Security Weekly #46
|
Jan 16, 2019 |
WordPress, Silicon Valley, and Hijacking - Application Security Weekly #45
|
Jan 10, 2019 |
Ken Johnson, GitHub - Application Security Weekly #45
|
Jan 09, 2019 |
Signal App, Jenkins Servers, & WordPress - Application Security Weekly #44
|
Dec 18, 2018 |
Harry Sverdlove, Edgewise - Application Security Weekly #44
|
Dec 18, 2018 |
Chris Elgee, Counter Hack Challenge - Application Security Weekly #43
|
Dec 12, 2018 |
Kubernetes, Firefox, & WordPress - Application Security Weekly #43
|
Dec 11, 2018 |
NSA Malware, AFL Fuzzer, & Firecracker - Application Security Weekly #42
|
Dec 05, 2018 |
Aleksei Tiurin, Acunetix - Application Security Weekly #42
|
Dec 04, 2018 |
Drupalgeddon, USPS, & JavaScript - Application Security Weekly #41
|
Nov 29, 2018 |
Brent Dukes - Application Security Weekly #41
|
Nov 28, 2018 |
Instagram, Kraken, GitMiner - Application Security Weekly #40
|
Nov 19, 2018 |
John Kinsella, Layered Insight - Application Security Weekly #40
|
Nov 19, 2018 |
ColdFusion, Destroying Logs, & Tracing Meme's - Application Security Weekly #39
|
Nov 15, 2018 |
Brian Kelly, CyberArk - Application Security Weekly #39
|
Nov 14, 2018 |
'Stalkerware', DHCPv6 Packets , & Python - Application Security Weekly #38
|
Nov 07, 2018 |
Daniel Cuthbert, Banco Santander - Application Security Weekly #38
|
Nov 06, 2018 |
Airline Hacks, MicroTik Bug, & WordPress - Application Security Weekly #37
|
Nov 01, 2018 |
Johnny Xmas, Kasada.io - Application Security Weekly #37
|
Oct 31, 2018 |
Cryptocurrency, Disney, and Adobe - Application Security Weekly #36
|
Oct 24, 2018 |
Bugs, Breaches, and More! - Application Security Weekly #36
|
Oct 23, 2018 |
Garrett Gross, Rapid7 - Application Security Weekly #35
|
Oct 16, 2018 |
Git Project, Google+, & Facebook - Application Security Weekly #35
|
Oct 16, 2018 |
Bugs, Breaches, and More - Application Security Weekly #34
|
Oct 03, 2018 |
Landing a Job in Application Security - Application Security Weekly #34
|
Oct 02, 2018 |
Newegg, Ticketmaster, & iOS 12 - Application Security Weekly #33
|
Sep 27, 2018 |
Ron Gula, Gula Tech Adventures - Application Security Weekly #33
|
Sep 26, 2018 |
Bluebox-ng, Stock Data Breaches, and CommitStrip- Application Security Weekly #32
|
Sep 26, 2018 |
April Wright, ArchitectSecurity.org - Application Security Weekly #32
|
Sep 25, 2018 |
Microsoft, Equifax, MacOS, and Bug Bounties - Application Security Weekly #31
|
Sep 13, 2018 |
Zane Lackey, Signal Sciences - Application Security Weekly #31
|
Sep 12, 2018 |
Fortnite, Netflix, & Black Hat - Application Security Weekly #30
|
Aug 30, 2018 |
The Apache Struts2 RCE Vulnerability - Application Security Weekly #30
|
Aug 29, 2018 |
Tom McLaughlin, ServerlessOps - Application Security Weekly #29
|
Aug 22, 2018 |
Matt Alderman & Paul Asadoorian, Def Con 2018 - Application Security Weekly #29
|
Aug 21, 2018 |
Alibaba Cloud Security, Comcast, and Facebook - Application Security Weekly #28
|
Aug 15, 2018 |
Secure Coding Practices - Application Security Weekly #28
|
Aug 14, 2018 |
Resources, Bugs, Breaches, and Learning Tools - Application Security Weekly #27
|
Aug 09, 2018 |
Galen Hunt, Microsoft - Application Security Weekly #27
|
Aug 08, 2018 |
Spectre, OWASP, and iGoat - Application Security Weekly #26
|
Aug 02, 2018 |
Jessica Rozhin, Marqueta - Application Security Weekly #26
|
Aug 01, 2018 |
Venmo, Oracle, & Linux - Application Security Weekly #25
|
Jul 25, 2018 |
Joe Garcia, CyberArk - Application Security Weekly #25
|
Jul 24, 2018 |
AppSec Solutions in a DevOps World - Application Security Weekly #24
|
Jul 19, 2018 |
iOS Bugs, Burp Suite, & DevSecOps - Application Security Weekly #24
|
Jul 18, 2018 |
The Hardest Problem in Application Security - Application Security Weekly #23
|
Jul 11, 2018 |
Facebook, Google, & GitLab - Application Security Weekly #23
|
Jul 10, 2018 |
PHPMyAdmin, GitHub, and VS Code - Application Security Weekly #22
|
Jul 05, 2018 |
Thomas GX, Yelda - Application Security Weekly #22
|
Jul 03, 2018 |
Microsoft, JavaScript, AI Can Fire - Application Security Weekly #21
|
Jun 28, 2018 |
Dan Kuykendall, Rapid7 - Application Security Weekly #21
|
Jun 27, 2018 |
Windows, Smart Lock, & iPhone Hackers - Application Security Weekly #20
|
Jun 21, 2018 |
Ron Gula, Gula Tech Adventures - Application Security Weekly #20
|
Jun 20, 2018 |
FireFox, Windows 10, DevOps, and BitHubLab - Application Security Weekly #19
|
Jun 14, 2018 |
Peter Chestna, Veracode - Application Security Weekly #19
|
Jun 13, 2018 |
GitHub, Oracle, & GDPR - Application Security Weekly #18
|
Jun 07, 2018 |
Agile vs. DevOps - Application Security Weekly #18
|
Jun 06, 2018 |
Nest, Node.js, & F.Secure - Application Security Weekly #17
|
May 24, 2018 |
James Wickett, Signal Sciences - Application Security Weekly #17
|
May 23, 2018 |
Adam Gordon, ITProTV - Application Security Weekly #16
|
May 17, 2018 |
Text Bombs, Black Dots of Death, and Azure - Application Security Weekly #16
|
May 16, 2018 |
Twitter, Meltdown, & RSAC - Application Security Weekly #15
|
May 09, 2018 |
Building Your AppSec Program - Application Security Weekly #15
|
May 08, 2018 |
Building Your AppSec Program: Getting Started - Application Security Weekly #14
|
May 02, 2018 |
FDA, Microsoft, & Android - Application Security Weekly #14
|
May 01, 2018 |
Drupal, RSAC, & Facebook - Application Security Weekly #13
|
May 01, 2018 |
Rami Sass, CEO & Co-Founder of WhiteSource - Application Security Weekly #13
|
Apr 30, 2018 |
Windows, MacOS, & Javascript - Application Security Weekly #12
|
Apr 15, 2018 |
Open Source Software - Application Security Weekly #12
|
Apr 14, 2018 |
One Language to Rule Them All - Application Security Weekly #11
|
Apr 08, 2018 |
Intel, Slack, Spectre, & NASA - Application Security Weekly #11
|
Apr 07, 2018 |
DevOps or DevSecOps? - Application Security Weekly #10
|
Apr 01, 2018 |
Cloudflare, Facebook, & Red Team Wisdom - Application Security Weekly #10
|
Mar 31, 2018 |
AMD, MailChimp, & Equifax - Application Security Weekly #9
|
Mar 18, 2018 |
Personal Development in Application Security - Application Security Weekly #9
|
Mar 17, 2018 |
Ethereum, Kali Linux, & Creepy Alexa - Application Security Weekly #8
|
Mar 14, 2018 |
AppSec Development Partnership - Application Security Weekly #8
|
Mar 13, 2018 |
DigiCert, GitHub, & Black Panther - Application Security Weekly #7
|
Mar 04, 2018 |
Facebook Malware Scan - Application Security Weekly #7
|
Mar 03, 2018 |
Bitcoin, Salon, Oxford Comma Dispute, and Amazon - Application Security Weekly #6
|
Feb 18, 2018 |
Topic: Bug Bounties - Application Security Weekly #6
|
Feb 17, 2018 |
OWASP ASVS pt. 2 - Application Security Weekly #05
|
Feb 11, 2018 |
NSA, Google, & Microsoft - Application Security Weekly #05
|
Feb 10, 2018 |
OWASP Application Security Verification Standard - Application Security Weekly #04
|
Feb 04, 2018 |
Intel, CloudFair, & Lenovo - Application Security Weekly #04
|
Feb 03, 2018 |
Facebook, RedHat, & Russian Twitterbots - Application Security Weekly #03
|
Jan 28, 2018 |
Matias Madou, Secure Code Warrior - Application Security Weekly #03
|
Jan 27, 2018 |
Google, Oracle, and Apple - Application Security Weekly #02
|
Jan 21, 2018 |
Top 10 OWASP pt.2 - Application Security Weekly #02
|
Jan 20, 2018 |
OWASP Top 10 (2017) Overview - Application Security Weekly #1
|
Jan 13, 2018 |
NVIDIA, Oracle, Coinbase, and Bitcoin - Application Security Weekly #1
|
Jan 12, 2018 |
Rise of Application Security - Application Security Weekly #00
|
Jan 07, 2018 |
Google, Intel, Mozilla, and Starbucks - Application Security Weekly #00
|
Jan 06, 2018 |