Breaking Down the Walls – Application Security Weekly #66

June 24, 2019

This week, Matt, John, and Mike discuss a guide to API Security! They also discuss Public vs. Private APIs, and if the best practice should be segregation of the two! In the Application Security News, Mozilla pushes a patch onto an Array, Netflix shares a stream of patches, Breach to bankruptcy for healthcare company, Osquery becomes a foundational tool, Avoiding DevOps dangers, and Assigning DevOps directions! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode66 Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Osquery, Netflix, & Mozilla –

Mozilla pushes a patch onto an Array, Netflix shares a stream of patches, Breach to bankruptcy for healthcare company, Osquery becomes a foundational tool, Avoiding DevOps dangers, and Assigning DevOps directions!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode66

Hosts

Mike Shema

Security Partner at Square

John Kinsella

Co-founder & CTO at Cysense

Matt Alderman

VP, Product at Living Security

2. Don’t Ignore APIs –

API are now over 80% of the HTTP traffic and enterprise application breaches through compromised APIs are mounting!. A guide to API Security. They also discuss Public VS Private APIs and if the best practice should be segregation of the two.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode66

Hosts

Mike Shema

Security Partner at Square

John Kinsella

Co-founder & CTO at Cysense

Matt Alderman

VP, Product at Living Security

Vulnerability management

Security vs. Operations – Balancing the Risk – Ross Leo – CSP #114

March 21, 2023

The role of CISO is one filled with challenges and decisions. Frequently, a CISO is faced with having to decide in compromise with Operations, in favor of Operations. This can be a very difficult and risky choice to make - but the ideal of having both get 100% of what they want, or need is not realistic. How to do this? In this session, we discu...

Managed services

Is Regulatory Compliance Governing Your Toolsets and Policies? – CFH #13

March 21, 2023

To what extent should compliance with privacy and security frameworks -- whether imposed by government bodies or industry standard organizations -- be the decisive factor when MSSPs choose their tech stacks and craft their threat defense strategies? Meanwhile, are would-be MSSP customers deciding which managed services provider to hire largely base...

Managed services

Helping Your Managed Services Clients Build Their Own Security Culture – Ryan Jamieson – CFH #13

March 21, 2023

Security is a shared responsibility between MSSPs and their clients. Yes, the provider was hired to do a job -- be it SOC operations, threat intelligence or offensive security -- but part of the job is also to consult and communicate with the client to help them gain some degree of cyber self-sufficiency. This discussion will reveal how providers c...

Breaking Down the Walls – Application Security Weekly #66

Full Audio

Segments

1. Osquery, Netflix, & Mozilla –

Hosts

2. Don’t Ignore APIs –

Hosts

Related

Security vs. Operations – Balancing the Risk – Ross Leo – CSP #114

Is Regulatory Compliance Governing Your Toolsets and Policies? – CFH #13

Helping Your Managed Services Clients Build Their Own Security Culture – Ryan Jamieson – CFH #13