A Mixture of Spices – Application Security Weekly #30

This week, Keith and Paul discuss The Apache Struts2 RCE Vulnerability! In the news, Using Signal Sciences to defend against Apache Struts, PHP flaw puts WordPress sites at risk, Oracle will charge for Java starting in 2019, how Netflix does Failovers in 7 minutes flat, Burp Suite 2.0 Beta released, even anonymous coders leave fingerprints, and more on this episode of Application Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode30   Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   ?Visit our website: https://www.securityweekly.com ?Follow us on Twitter: https://www.twitter.com/securityweekly ?Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. The Apache Struts2 RCE Vulnerability –

Keith Hoodlet and Paul Asadoorian talk about The Apache Struts2 RCE Vulnerability. They cover: - CVE-2018-11776

- How the 3 Ways of DevOps can guide us toward better security practices

- Shared Version Control

- Test Environments

- Shared Ticketing

- ChatOps

- Buying Time

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode30

Hosts

Keith Hoodlet
Keith Hoodlet
Application Security Manager at Thermo Fisher Scientific
Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

2. Fortnite, Netflix, & Black Hat –

In the Application security news, 'Fortnite' developer had sharp words for Google after an Exploit was discovered, PHP flaw puts WordPress sites at risk, Oracle will charge for Java starting in 2019, how Netflix does Failovers in 7 minutes flat, hacking Black Hat, Burp Suite 2.0 Beta released, Windows 95 running in Electron, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode30

Host

Keith Hoodlet
Keith Hoodlet
Application Security Manager at Thermo Fisher Scientific

3. Fortnite, Netflix, & Black Hat – Application Security Weekly #30

In the Application security news, 'Fortnite' developer had sharp words for Google after an Exploit was discovered, PHP flaw puts WordPress sites at risk, Oracle will charge for Java starting in 2019, how Netflix does Failovers in 7 minutes flat, hacking Black Hat, Burp Suite 2.0 Beta released, Windows 95 running in Electron, and more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode30 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Keith Hoodlet
Keith Hoodlet
Application Security Manager at Thermo Fisher Scientific

4. The Apache Struts2 RCE Vulnerability – Application Security Weekly #30

Keith Hoodlet and Paul Asadoorian talk about The Apache Struts2 RCE Vulnerability. They cover: - CVE-2018-11776 - How the 3 Ways of DevOps can guide us toward better security practices - Shared Version Control - Test Environments - Shared Ticketing - ChatOps - Buying Time Full Show Notes: https://wiki.securityweekly.com/ASW_Episode30 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Keith Hoodlet
Keith Hoodlet
Application Security Manager at Thermo Fisher Scientific
prestitial ad