Encryption, DevOps, Bug bounties, Leadership

ASW #121

September 14, 2020

Developer friendly appsec; the people, process and culture of DevSecOps. The basics for some and struggles for others. Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

The People & Process of DevOps

None

Hosts

John Kinsella

John Kinsella – Vice President of Container Security

Matt Alderman

Matt Alderman – CEO

Mike Shema

Mike Shema – Product Security Lead

Guests

Frank Catucci

Frank Catucci – Sr. Director GTP – Application Security

Announcements

  • BSides Boston is back in action for their 10 year anniversary! The conference will be held on Saturday, September 26th & tickets are only $10! You can get yours at https://bsidesbos.org! Some of the Security Weekly team will be in our own channel on the BSides Boston Discord server answering questions and possibly doing some contests!

  • Join the Security Weekly Mailing List for webcast/virtual training announcements and to receive your personal invite to our Discord server by visiting https://securityweekly.com/subscribe and clicking the button to join the list!

BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys, Microsoft Patch Tuesday, Sept. 2020 Edition, XSS->Fix->Bypass: 10000$ bounty in Google Maps, Academics find crypto bugs in 306 popular Android apps, none get patched, using CRYLOGGER to detect crypto misuses dynamically, Remote Code Execution as SYSTEM/root via Backblaze, and more! Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

RCE via BACKBLAZE, Microsoft Patch Tuesday, & CRYLOGGER

None

Hosts

John Kinsella

John Kinsella – Vice President of Container Security

Matt Alderman

Matt Alderman – CEO

Mike Shema

Mike Shema – Product Security Lead

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Security Weekly is ramping up our webcast/technical training schedule for the rest of 2020! In September you can Find out Why Traditional Data Security Can’t Be Zero Trust, and Learn how to reduce the blast radius of your cloud infrastructure. Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

prestitial ad