Snowy Clouds – ASW #129
This week, we have the pleasure to welcome back Keith Hoodlet, Senior Manager, Application Experience at Thermo Fisher Scientific, and former Host of Application Security Weekly, to discuss how Security Is a Feature! In the Application Security News, China's top hacking contest turns months of effort into 15 minutes of exploits, an injection flaw in GitHub Actions, understanding post-compromise activity in exploits targeting Solaris and VoIP, security and quality challenges in integrating software from multiple vendors, and CVE naming turns into wibbly wobbly timey wimey stuff!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Full Audio
Segments
1. China’s Top Hacking Contest, GitHub Actions, & Vulnonym – ASW #129
China's top hacking contest turns months of effort into 15 minutes of exploits, an injection flaw in GitHub Actions, understanding post-compromise activity in exploits targeting Solaris and VoIP, security and quality challenges in integrating software from multiple vendors, and CVE naming turns into wibbly wobbly timey wimey stuff!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
2. Security Is a Feature – Keith Hoodlet – ASW #129
What does it take to manage security teams and security initiatives? Find out the importance of people in security, whether it's keeping a team engaged or encouraging a team to rethink how they approach security.
Announcements
Join Amit Bareket, Co-founder & CEO of Perimeter 81 & Paul Asadoorian for a technical deep-dive into the problems inherent in legacy VPN technology. Together they will explore solutions for the modern workforce & how momentum toward perimeter-less architecture is helping redefine the future of cybersecurity. Register Now by visiting https://securityweekly.com/perimeter81
Tomorrow is the big day! The virtual doors open for the first-ever Security Weekly Unlocked virtual event at 10:30am and the last round table should end around 9:30pm! We have an outstanding line-up of presenters, who will be answering questions LIVE in our Discord server during their presentations! Make sure you register for this FREE event before it's too late! Visit https://securityweekly.com/unlocked to view the line-up and register!
Guest
Keith Hoodlet is a Principal Security Specialist for the world’s largest Open Source Software development platform – GitHub.
Named as one of the world’s 50 Influential DevSecOps Professionals on Peerlyst in 2019, Keith has worked on projects such as starting the Application Security Weekly podcast (episodes 0 – 55), as well as restarting the InfoSec Mentors Project with Jimmy Vo in 2015. Keith is also known for his work as an ethical hacker and 2018 MVP on the Bugcrowd platform.
In his free time, Keith enjoys thinking, writing about, and discussing complex problems at the crossroads of Software Development and Information Security; he has delivered both talks and trainings globally on the topics of DevSecOps, Secure Software Development, and Web Application Security.
