Application Security Weekly (Audio) Podcast Por Security Weekly Productions arte de portada

Application Security Weekly (Audio)

Application Security Weekly (Audio)

De: Security Weekly Productions
Escúchala gratis

OFERTA POR TIEMPO LIMITADO | Obtén 3 meses por US$0.99 al mes

$14.95/mes despues- se aplican términos.
About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.© 2024 CyberRisk Alliance Política y Gobierno
Episodios
  • Building proactive defenses that reflect the true nature of modern software risk - Paul Davis - ASW #367

    Building proactive defenses that reflect the true nature of modern software risk - Paul Davis - ASW #367
    Jan 27 2026

    Supply chain security remains one of the biggest time sinks for appsec teams and developers, even making it onto the latest iteration of the OWASP Top 10 list. Paul Davis joins us to talk about strategies to proactively defend your environment from the different types of attacks that target supply chains and package dependencies. We also discuss how to gain some of the time back by being smarter about how to manage packages and even where the responsibility for managing the security of packages should be.

    Visit https://www.securityweekly.com/asw for all the latest episodes!

    Show Notes: https://securityweekly.com/asw-367
    Más Menos
    1 h y 13 m
  • Lessons from MongoBleed, CWE Top 25, and Secure Coding Benchmarks - ASW #366

    Lessons from MongoBleed, CWE Top 25, and Secure Coding Benchmarks - ASW #366
    Jan 20 2026

    MongoBleed and a recent OWASP CRS bypass show how parsing problems remain a source of security flaws regardless of programming language. We talk with Kalyani Pawar about how these problems rank against the Top 25 CWEs for 2025 and what it means for relying on LLMs to generate code.

    Visit https://www.securityweekly.com/asw for all the latest episodes!

    Show Notes: https://securityweekly.com/asw-366
    Más Menos
    44 m
  • Secure By Design Is Better Than Secure By Myth - Bob Lord - ASW #365

    Secure By Design Is Better Than Secure By Myth - Bob Lord - ASW #365
    Jan 13 2026

    Not all infosec advice is helpful. Bad advice wastes time, makes people less secure, and takes focus away from making software more secure. Bob Lord talks about his efforts to tamp down hacklore -- the security myths and mistakes that crop up in news stories and advice to users. He talks about how these myths come about, why they're harmful, and how they're related to the necessity of building software that's secure by design.

    Segment Resources:

    • https://www.hacklore.org/

    • https://medium.com/@boblord/lets-stop-hacklore-d5c86a0fdad8

    • https://www.cisa.gov/securebydesign

    • https://medium.com/@boblord/recurring-classes-of-software-weaknesses-2007-vs-2025-c2cd56125e1a

    • https://www.ncsc.gov.uk/report/a-method-to-assess-forgivable-vs-unforgivable-vulnerabilities

    • https://99percentinvisible.org/episode/nut-behind-wheel/

    • https://timharford.com/2022/05/cautionary-tales-short-a-screw-loose-at-17000ft/

    Visit https://www.securityweekly.com/asw for all the latest episodes!

    Show Notes: https://securityweekly.com/asw-365
    Más Menos
    54 m
Todavía no hay opiniones