When Appsec Needs to Start Small – Kalyani Pawar, Danny Jenkins, Nikos Kiourtis – ASW #295
Full Audio
View Show IndexSegments
1. When Appsec Needs to Start Small – Kalyani Pawar – ASW #295
Startups and small orgs don't have the luxury of massive budgets and large teams. How do you choose an appsec approach that complements a startup's needs while keeping it secure. Kalyani Pawar shares her experience at different ends of an appsec maturity spectrum.
Guest
Kalyani Pawar is a seasoned Application Security expert with a deep passion for the startup ecosystem. With extensive experience in designing security programs from the ground up for startups of various sizes and stages, she also advises early-stage Application Security startups on refining their products to achieve optimal market fit. Kalyani has shared her expertise at renowned conferences such as DEFCON, Day Of Shecurity, and many others, focusing on Application Security Best Practices and fostering a strong Security Culture. She has been instrumental on the Reviewer Boards for DEFCON, GHC, WiCyS, and several BSides chapters, helping shape their content to maximize their impact on the community. Committed to giving back to the small but mighty AppSec community, Kalyani mentors students entering the industry and guides professionals through challenges they may encounter in their roles.
Hosts
2. Reducing Supply Chain Risk & What’s lurking in your phone? – Danny Jenkins, Nikos Kiourtis – ASW #295
In complex software ecosystems, individual application risks are compounded. When it comes to mitigating supply chain risk, identifying backdoors or unintended vulnerabilities that can be exploited in your environment is just as critical as staying current with the latest hacking intel. Understand how to spot and reduce the risk to your environment and prevent disruption to your operation.
This segment is sponsored by Threatlocker. Visit https://securityweekly.com/threatlockerbh for a free trial!
Every mobile device connecting to enterprise assets hosts a unique blend of work and personal apps, creating a complex landscape of innumerable vulnerabilities. Thankfully, methods exist to provide security teams with the real-world insights necessary to proactively address threats and shield against attacks targeting mobile apps and device endpoints. Nikos Kiourtis, CTO at Quokka, shares the latest findings in mobile security, outlining emerging threats and effective measures to reduce your mobile app attack surface – and safeguarding against potential attacks and data breaches.
Segment Resources: - Panelcast with SC Magazine: 8 ways attackers target mobile apps to steal your data (and how to stop them) https://www.scmagazine.com/cybercast/8-ways-attackers-target-mobile-apps-to-steal-your-data-and-how-to-stop-them - Ryan Johnson’s talk at DEF CON 32, “Android App Usage and Cell Tower Location: Private. Sensitive. Available to Anyone?” https://defcon.org/html/defcon-32/dc-32-speakers.html
This segment is sponsored by Quokka. Visit https://securityweekly.com/quokkabh to learn more about their intelligence app solutions!
Guests
Danny Jenkins, CEO & Co-Founder of ThreatLocker, a cybersecurity firm providing Zero Trust endpoint security, is a leading cybersecurity expert with over two decades of experience building and securing corporate networks, including roles on red and blue teams. He is dedicated to educating industry professionals about the latest cyber threats and frequently speaks on the topics of ransomware and Zero Trust.
Nikos Kiourtis is the Chief Technology Officer at Quokka, leading the company’s engineering and research & development teams. Prior to Quokka, he was a Research Assistant Professor at George Mason University and a Guest Researcher at NIST. Nikos holds a Degree in Mathematics, a MSc in Theoretical Computer Science, and a PhD in Computer Science.