DevOps, Cloud Security, Privacy

ASW #151

May 18, 2021



Sponsored By


sponsor
Visit https://securityweekly.com/talasecurity for more information!

Web applications are highly dependent on third party content and JavaScript. This creates a significant set of vulnerabilities that attackers are exploiting. How do you prevent a Solarwinds type hack on your website?

https://go.talasecurity.io/blog/data-in-the-browser-is-data-at-risk

https://www.talasecurity.io/protect/#how

https://go.talasecurity.io/blog/how-i-hacked-your-website

This segment is sponsored by Tala Security.

Visit https://securityweekly.com/talasecurity to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

Third Party Software Risk on the Web

Guests

Aanand Krishnan

Aanand Krishnan – CEO at Tala Security, Inc.

Aanand Krishnan is the CEO and Founder of Tala Security. Prior to Tala, Aanand was most recently a senior director of product management at Symantec where he built Symantec’s first big data security analytics platform and led key strategy projects that helped establish the company’s vision and strategic focus.

Aanand spent several years in investment banking at and mergers and acquisitions at Morgan Stanley and Dolby Labs and acted as an adviser to leading security software, semiconductor and clean tech companies. He started his career building high-speed optical networking products at Agilent Technologies. Aanand holds an MBA from Berkeley where he was a recipient of CJ White Fellowship, a Masters in Photonics and Optoelectronics from UC Santa Barbara where he was a QUEST Fellow and a Bachelors in Electrical Engineering with Honors from BITS, Pilani.

Hosts

John Kinsella

John Kinsella – Chief Architect at Accurics

@johnlkinsella

John Kinsella is the Chief Architect for Accurics

Matt Alderman

Matt Alderman – Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.

Mike Shema

Mike Shema – Product Security Lead at Square

@Codexatron

Mike Shema is the Product Security Lead of Square

Announcements

  • Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!



CNCF releases a whitepaper on supply chain security, Frag attacks against WiFi devices, security webhooks, trusting terraform plans, shared credentials and app access, complexity vs. security vs. design. Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

CNCF Supply Chain, Frag Attacks, Securing Webhooks, & Complexity vs. Security

Hosts

John Kinsella

John Kinsella – Chief Architect at Accurics

@johnlkinsella

John Kinsella is the Chief Architect for Accurics

Matt Alderman

Matt Alderman – Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.

Mike Shema

Mike Shema – Product Security Lead at Square

@Codexatron

Mike Shema is the Product Security Lead of Square

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!

  • In our May 27th webcast at 11am ET, we’ll explore the latest attacks against DNS and the latest techniques that make it possible to discover and disrupt attacks. In our June 3 webcast at 11am ET, you will learn about pen testing tools and why every organization should be using them regularly. Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

prestitial ad