Collaborate Disseminate
Mike and John delve into some DevSecOps topics. They discuss good design patterns that emerged from cloud native environments, Kubernetes and containers, and building blocks of unique services in the AppSec world. Full Show Notes Follow us on Twitt… Continue reading Major Identities & Micro Services – Application Security Weekly #63
Cisco Expressway goes off path and a Cisco IOS XE vuln goes for emojis, More erosion of CPU data boundaries, RDP patches a pre-auth problem and even resuscitates a patch process for XP, Microsoft’s Attack Surface Analyzer gives DevSecOps team… Continue reading Application News – Application Security Weekly #62
Mike Shema and John Kinsella interview Cody Wood. Cody Wood is the AppSec Product Support Engineer at Signal Sciences. To get involved with Signal Sciences, visit: https://securityweekly.com/signalsciencesFull Show Notes Follow us on Twitter: https… Continue reading Cody Wood, Signal Sciences – Application Security Weekly #62
In the Application News, Chrome constrains the cookies and Edge pushes privacy, Windows builds a sandbox for Linux, Android Q for more quarantined code with more LLVM features, Steve Singh stepping down as Docker CEO, and Verizon releases its 2019 … Continue reading Application News – Application Security Weekly #61
This week, Derek Weeks joins us to talk about DevSecOps and Securing Software Supply Chains. Derek is the VP and DevOps Advocate at Sonatype. Derek is the world’s foremost researcher on the topic of DevSecOps and securing software supply chai… Continue reading Securing Software Supply Chains – Application Security Weekly #61
Sven joins us to talk about securing our applications, how confident can we be about the security of web applications, and how we can make it easier to build applications that we don’t need to worry about the OWASP top 10 because of secure defaul… Continue reading Sven Morgenroth, Netsparker – Application Security Weekly #60
Firefox gives more scrutiny to add-ons but Firefox also forgot to give more scrutiny to a cert, Path traversals trampled by ransomware, Secure Software Design: The Next Frontier In Cybersecurity, Trust the Stack, Not the People, VRT adds a CAN, and… Continue reading Application News – Application Security Weekly #60
This week, we welcome Larry Maccherone, Senior Director of Comcast, to talk about the world of SecOps vs. DevSecOps! Full Show Notes Follow us on Twitter: https://www.twitter.com/securityweekly Hosts
The post Larry Maccherone, Comcast – Appli… Continue reading Larry Maccherone, Comcast – Application Security Weekly #59
In the Application Security News, Software update gums up fingerprints, a counterproductive security practice expires thanks to well-considered guidelines, Docker Hub breach response, a path to hacking Ruby Gems, 5 Security Challenges to API Protec… Continue reading Application News – Application Security Weekly #59
In the Application Security News, Breach at IT outsourcer Wipro, SCP serves the file it wants, Confluence Path traverses to RCE, another Local PrivEsc on Windows, easier sandboxing for C and C++ APIs, and Computer Science plus Ethics! Bugs, Breache… Continue reading Application News – Application Security Weekly #58 Application Security Weekly #58