Application Security Weekly Subscribe

Vulnerability Management, Cloud Security, DevSecOps

100 Years – ASW #100

March 17, 2020

Full Audio

View Show Index

Segments

1. DevSecOps / Scaling Security – Clint Gibler – ASW #100

Due to a combination of a) development teams embracing Agile and DevOps and b) that security teams are often outnumbered by developers 100:1 or more in many companies, there's been a fundamental shift in how security teams need to operate. I've spent a significant amount of time studying how security teams at companies, large and small, have attempted to adapt to this new reality. There are a number of interesting trends in how work is prioritized, continuous code scanning (static and dynamic), scaling threat modeling and detection & response, investing in secure defaults, asset inventory, self-healing cloud environments, and more.

Hosts

Tech Lead at Block

Senior Engineering Leader at AWS

2. Bottlerocket, Supply Chain Casualty, DevOps Sweet Spot – ASW #100

Data of millions of eBay and Amazon shoppers exposed as another supply chain casualty, Announcing Bottlerocket, a new open source Linux-based operating system purpose-built to run containers, and The DevOps Sweet Spot: Inserting Security at Pull Requests (Part 1).

Hosts

Tech Lead at Block

Senior Engineering Leader at AWS

Related

5G Hackathons – Casey Ellis – BTS #28

April 24, 2024

Casey recently was involved in an event that brought hackers and 5G technology together, tune-in to learn about the results and how we can use bug bounty programs to improve the security of "things". This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!

Vulnerability Management

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland… – SWN #380

April 23, 2024

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News.

Government Regulations

Unraveling the “Materiality” Mystery: A CISO’s Guide to SEC Compliance – Mike Lyborg – BSW #347

April 22, 2024

The new SEC Cyber Security Rules require organizations to be ready to report cyber incidents. But what do you actually need to do? Mike Lyborg, Chief Information Security Officer at Swimlane, joins Business Security Weekly to discuss how to prepare. In this interview he'll discuss the key element of your preparation, including: Quantification M...