Application Security Weekly (Audio) Podcast Por Security Weekly Productions arte de portada

Application Security Weekly (Audio)

Application Security Weekly (Audio)

De: Security Weekly Productions
Escúchala gratis

About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.© 2024 CyberRisk Alliance Política y Gobierno
Episodios
  • Bringing Strong Authentication and Granular Authorization for GenAI - Dan Moore - ASW #369

    Bringing Strong Authentication and Granular Authorization for GenAI - Dan Moore - ASW #369
    Feb 10 2026

    When it comes to agents and MCPs, the interesting security discussion isn't that they need strong authentication and authorization, but what that authn/z story should look like, where does it get implemented, and who implements it. Dan Moore shares the useful parallels in securing APIs that should be brought into the world of MCPs -- especially because so many are still interacting with APIs.

    Resources

    • https://stackoverflow.blog/2026/01/21/is-that-allowed-authentication-and-authorization-in-model-context-protocol/
    • https://fusionauth.io/articles/identity-basics/authorization-models

    Visit https://www.securityweekly.com/asw for all the latest episodes!

    Show Notes: https://securityweekly.com/asw-369
    Más Menos
    1 h y 9 m
  • Focusing on Proactive Controls in the Face of LLM-Assisted Malware - Rob Allen - ASW #368

    Focusing on Proactive Controls in the Face of LLM-Assisted Malware - Rob Allen - ASW #368
    Feb 3 2026

    Everyone is turning to LLMs to generate code, including attackers. Thus, it's no great surprise that there are now examples of malware generated by LLMs. We discuss the implications of more malware with Rob Allen and what it means for orgs that want to protect themselves from ransomware.

    Resources

    • https://www.bleepingcomputer.com/news/security/voidlink-cloud-malware-shows-clear-signs-of-being-ai-generated/
    • https://research.checkpoint.com/2026/voidlink-early-ai-generated-malware-framework/
    • https://cloud.google.com/blog/topics/threat-intelligence/threat-actor-usage-of-ai-tools/

    This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

    Visit https://www.securityweekly.com/asw for all the latest episodes!

    Show Notes: https://securityweekly.com/asw-368
    Más Menos
    1 h y 7 m
  • Building proactive defenses that reflect the true nature of modern software risk - Paul Davis - ASW #367

    Building proactive defenses that reflect the true nature of modern software risk - Paul Davis - ASW #367
    Jan 27 2026

    Supply chain security remains one of the biggest time sinks for appsec teams and developers, even making it onto the latest iteration of the OWASP Top 10 list. Paul Davis joins us to talk about strategies to proactively defend your environment from the different types of attacks that target supply chains and package dependencies. We also discuss how to gain some of the time back by being smarter about how to manage packages and even where the responsibility for managing the security of packages should be.

    Visit https://www.securityweekly.com/asw for all the latest episodes!

    Show Notes: https://securityweekly.com/asw-367
    Más Menos
    1 h y 13 m
Todavía no hay opiniones