Application Security PodCast-logo

Application Security PodCast

Technology Podcasts >

More Information

Location:

United States

Language:

English

Contact:

919-335-5482


Episodes

Securing DevOps (S04E03)

8/14/2018
More
On this episode, Julien Vehent joins to discuss all things DevOps + Security. They talk through Julien's new book, Securing DevOps. They go in depth as to the journey he went through building security into DevOps. You can find Julien on Twitter @jvehent We will be giving away 4 digital copies of Julien's new book. [...] The post Securing DevOps (S04E03) appeared first on Security Journey.

Duration:00:38:17

CRS and an Abstraction Layer (S04E02)

8/7/2018
More
Christian Folini joins Chris at AppSec EU for this episode about ModSecurity and the Core Rule Set project from OWASP. They dive into the timeline for the abstraction layer piece of the project and much more. You can find Christian on Twitter @ChrFolini. OWASP ModSecurity Core Rule Set ModSecurity The post CRS and an Abstraction Layer (S04E02) appeared first on Security Journey.

Duration:00:42:28

Google Chrome and the Case of the Disappearing HTTP (S04E01)

7/30/2018
More
On this episode, Chris is joined by Sean Wright to discuss the changes Google made with how they handle the HTTP Protocol. They also dive into TLS and some other pieces of crypto that relate to #AppSec. You can find Sean on Twitter @SeanWrightSec The post Google Chrome and the Case of the Disappearing HTTP (S04E01) appeared first on Security Journey.

Duration:00:53:25

All the Pieces You Need for an #AppSec Program: Finale(S03 E21) - Application Security PodCast

6/12/2018
More
The conclusion of Season 3, all the best highlights, and some great advice from our guests on what you need to build an #AppSec Program. We’ll be back in August with more episodes and more interviews. Enjoy!

Duration:00:31:58

OWASP, Reach Out; We Are Known and Misunderstood (S03E20) - Application Security PodCast

6/5/2018
More
Chris and Robert are joined by Martin Knobloch to discuss all things OWASP. They dive into the history of OWASP and some of the plans for the future. You can find Martin on Twitter @knoblochmartin.

Duration:00:34:21

Bug Bounty with a Side of Empathy (S03 E19) - Application Security PodCast

5/29/2018
More
Devin McMasters joins Chris on this weeks episode to talk about bug bounties and how to make them successful. You can find Devin on Twitter @DevinMcmasters

Duration:00:32:40

Malicious User Stories (S03E18) - Application Security PodCast

5/22/2018
More
On this episode, Robert speaks with Apollo Clark about Malicious User Stories and DevOps. He discusses how to properly handle user stories in a world being taken over by DevOps. You can find Apollo on Twitter @apolloclark

Duration:00:26:40

Neurodiversity in Security (S03E17) - Application Security PodCast

5/15/2018
More
On this episode, Robert is joined by Megan Roddie at the SOURCE Conference in Boston. She talks about the how neurodiverse people can truly help an organization. You can find her on Twitter @megan_roddie

Duration:00:20:10

AppSec and Hardware (S03E16) - Application Security PodCast

4/27/2018
More
Chase Schultz joins this week to discuss the combination of AppSec and hardware. He also dives into how the Meltdown and Spectre attacks worked. You can find Chase on Twitter @f47h3r_B0

Duration:00:21:01

#OWASP AppSensor (S03E15) - Application Security PodCast

4/20/2018
More
John Melton joins to discuss the #OWASP AppSensor project. He talks about how AppSensor works and how it can be used in your application. You can find John on Twitter @_jtmelton OWASP AppSensor Project

Duration:00:37:31

Third Party Software is not a Cathedral, It’s a Bazaar (S03E14) - Application Security PodCast

4/13/2018
More
David Habusha joins on this weeks episode to discuss the OWASP Top 10 A9: Using components with known vulnerabilities. He also dives into the Software Composition Analysis (SCA) market. You can find David on Twitter @davidhabusha OWASP Top 10 A9

Duration:00:39:28

Dependency Check and Dependency Track (S03E13) - Application Security PodCast

4/12/2018
More
Steve Springett joins the show to talk Dependency Check and Dependency Track. He also discusses how they can be used to help prevent you from using components with known vulnerabilities. OWASP Dependency Check OWASP Dependency Track You can find Steve on Twitter @stevespringett

Duration:00:45:09

The #OWASP Threat Modeling Project (S03E12) - Application Security PodCast

4/6/2018
More
Steven Wierckx joins Robert and Chris this week to talk about the #OWASP Threat Modeling project that he’s involved in. You can find Steven on Twitter @ihackforfun https://open-security-summit.org/

Duration:00:35:12

The #OWASP Cheat Sheet Project (S03E11) - Application Security PodCast

4/5/2018
More
Jim Manico joins on this weeks episode to discuss some of the changes with the OWASP Cheat Sheets and the plans they have for the future of that project. Jim also talks about how they are looking for experts in the field to create or update some of the Cheat Sheets. You can find Jim on Twitter @manicode

Duration:00:27:34

OWASP Top 10 #10: Logging (S03E10) - Application Security PodCast

3/23/2018
More
Neil Smithline joins this week to discuss one one of the new items on the OWASP Top 10 List, Insufficient Logging and Monitoring. Links: OWASP Logging Cheat Sheet OWASP ASVS OWASP Proactive Controls: Intrusion Detection You can find Neil on Twitter @neilsmithine

Duration:00:36:48

Selling #AppSec Up The Chain (S03E09) - Application Security PodCast

3/15/2018
More
Jim Routh joins the podcast to discuss selling #AppSec up the chain. Jim has built 5 successful software security programs in his career and serves as a CISO now. Jim shares his real-world experience with how to successfully sell #AppSec to senior management (as well as many other pieces of wisdom for running an AppSec program). You can find Jim on Twitter @jmrouth01

Duration:00:45:39

#AppSec Recommendations (S03E08) - Application Security PodCast

3/9/2018
More
Chris and Robert go over a plethora of recommendations they have accumulated over their years of experience in the industry. Chris’s recommendations 1. Book: Agile Application Security: Enabling Security in a Continuous Delivery Pipeline by Laura Bell (Author),‎ Michael Brunton-Spall (Author),‎ Rich Smith (Author),‎ Jim Bird (Author) https://amzn.com/1491938846 2. Website: Iron Geek Adrian Crenshaw records many major, non-commercial security conferences and posts the talks to Youtube...

Duration:00:30:41

Hustle and Flow: Dealing With Burnout in Security (S03E07) - Application Security PodCast

3/2/2018
More
Magen Wu works through the topic of burnouts and mental health in the world of security. She gives some examples on how to handle this and how to recognize if people around you are burning out. You can find her on Twitter @infosec_tottie Additional information on this topic: Jack Daniel speaks often on this topic of burnout Youtube: The Causes of and Solutions for Security Burnout Youtube: Infosec Survival Skills: Being Productive, Coping with Stress, & Preventing Burnout Article: Becoming...

Duration:00:29:33

OWASP Top 10 #4 XXE (S03E06) - Application Security PodCast

2/23/2018
More
Katy Anton joins this week to discuss number four on the OWASP Top 10. She dives into what XXE is, how to deal with it, and some of the other new items on the OWASP Top 10 2017. You can find Katy on Twitter @KatyAnton

Duration:00:23:29

SAST, DAST, and IAST. Oh My! (S03E05) - Application Security PodCast

2/15/2018
More
Pete Chestna is an advocate for SAST, DAST, and IAST tools and a passionate #AppSec enthusiast. A moving quote that Pete shared during this episode is “an #AppSec program is the byproduct of building secure developers.” #Truth Pete describes the differences between SAST, DAST, IAST, and RASP, the struggles that developers encounter using new tools, false positives that occur and how to reduce them, and advice for building an #AppSec program from scratch versus adding tools to a mature...

Duration:00:35:20