Application Security Weekly Subscribe

A Bunch Of Robots – Application Security Weekly #23

July 5, 2018

Full Audio

View Show Index

Segments

1. Facebook, Google, & GitLab –

In the news, Google patches critical remote code execution bugs in Android OS, A new data breach may have exposed personal information of almost every American adult, Facebook acknowledges it shared user data with 61 companies, social media apps are 'deliberately' addictive to users, & more on this episode of Application Security Weekly!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode23

Host

Paul Asadoorian

Principal Security Evangelist at Eclypsium

https://securitypodcaster.com

2. The Hardest Problem in Application Security –

One of the hardest problems that Application Security practitioners need to solve is the problem of visibility. Not only do they need to uncover all of the different projects under development - they also need to worry about what libraries and frameworks those projects are using.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode23

Host

Paul Asadoorian

Principal Security Evangelist at Eclypsium

https://securitypodcaster.com

Related

Threat Modeling and Understanding Inherent Threats – Adam Shostack – ESW #359

April 25, 2024

This is a great interview with Adam Shostack on all things threat modeling. He's often the first name that pops into people's heads when threat modeling comes up, and has created or been involved with much of the foundational material around the subject. Adam recently released a whitepaper that focuses on and defines inherent threats. Resources: ...

How GenAI Can Improve SecOps – Ely Kahn – ESW #359

April 25, 2024

We've talked about generative AI in a general sense on our podcast for years, but we haven't done many deep dives into specific security use cases. That ends with this interview, as we discuss how generative AI can improve SecOps with Ely Kahn. Some of the use cases are obvious, while others were a complete surprise to me. Check out this episode if...

Application security

Autonomous – I don’t think that word means what you think it means – ESW #359

April 25, 2024

A clear pattern with startups getting funding this week are "autonomous" products and features. Automated detection engineering Autonomously map and predict malicious infrastructure ..."helps your workforce resolve their own security issues autonomously" automated remediation automated compliance management & reporting I'll believe it when ...