ASW #133 | SC Media
Third-party risk, DevOps, Wireless security

ASW #133

December 7, 2020

Sponsored By

sponsor
Visit https://securityweekly.com/qualys for more information!

Mike Manrod, CISO of Grand Canyon University, joined by John Delaroderie, Security Solutions Architect at Qualys, will discuss his approach to web application security with an emphasis on improving knowledge of web application vulnerabilities and the external attack surface, and his approach to reducing the number of opportunities an attacker has to compromise our information and infrastructure.

This segment is sponsored by Qualys.

Visit https://securityweekly.com/qualys to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

Security Web Applications Against Modern Threats

Resources:
https://www.qualys.com/apps/web-app-scanning/

https://blog.qualys.com/product-tech/2020/11/16/an-end-to-end-approach-to-next-gen-web-application-and-api-security

Hosts

John Kinsella

John Kinsella – Chief Architect

Matt Alderman

Matt Alderman – CEO

Mike Shema

Mike Shema – Product Security Lead

Guests

John Delaroderie

John Delaroderie – Security Solutions Architect

Mike Manrod

Mike Manrod – CISO

Announcements

  • SCYTHE is offering a FREE purple team workshop where attendees get hands-on in an isolated enterprise environment for three hours! It is scheduled for December 9th (the day before Security Weekly Unlocked!) Register for this free workshop now: https://securityweekly.com/purpleteamsw

  • Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. This 1 day virtual event wraps up with the 15th anniversary edition of Paul’s Security Weekly live on Youtube! Visit https://securityweekly.com/unlocked to view the agenda and register for free!

An old security bug in the Play library still affects 8% of apps in Google Play, Project Zero researcher spends six months to reboot an iPhone (in an epic manner), GitHub looks at the security of repos within its Octoverse, the OWASP Web Security Testing Guide gets a minor bump, and XS-Leaks get more attention. Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

Google Play Bug, GitHub, iPhone Radio Reboots, & Docker Hub Vulns

You can find the opening teaser on cybercrime from December 4, 1988 at this Phrack archive: http://www.phrack.org/issues/24/11.html.

Hosts

John Kinsella

John Kinsella – Chief Architect

Matt Alderman

Matt Alderman – CEO

Mike Shema

Mike Shema – Product Security Lead

Announcements

  • Do you always end up missing our live streams? Need somewhere to flag Security Weekly podcasts that you want to listen to? Subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe

  • In our upcoming webcasts & technical trainings you will learn how to prevent phishing scams, and how to move beyond vulnerability scan to vulnerability fix! Visit https://securityweekly.com/webcasts to see what we have coming up, or visit securityweekly.com/ondemand to view our previously recorded webcasts!

prestitial ad