Application security, Insider threat, Remote access, Vulnerability management

Everything Looks Crazy – ASW #156

This week, we welcome Clint Gibler, Head of Security Research at r2c, to discuss Scaling Your Application Security Program! In the AppSec News: Visual Studio Code's Workplace Trust, Injured Android an insecure mobile app, Microsoft accidentally signed driver with rootkits, The NSA funds a new sister Matrix to ATT&CK: D3FEND, & "Ransomware: maybe it's you, not them?", and more!

Segment Resources:

https://semgrep.dev/ https://github.com/returntocorp/semgrep https://github.com/returntocorp/semgrep-rules 2020 GlobalAppSec SF https://docs.google.com/presentation/d/14PjOViz2dE6iToOyoFk_BQ_RUfkEHGX-celIiybDQZA/edit https://tldrsec.com/

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Scaling Your Application Security Program – Clint Gibler – ASW #156

In this segment with Clint Gibler, learn:

* Why secure defaults are higher ROI than finding vulnerabilities

* How modern AppSec teams are working with their engineering counterparts

* Targeting vulnerability classes, avoiding bug whack-a-mole

* The latest innovations in lightweight static analysis

Segment Resources:

https://semgrep.dev/ https://github.com/returntocorp/semgrep https://github.com/returntocorp/semgrep-rules 2020 GlobalAppSec SF https://docs.google.com/presentation/d/14PjOViz2dE6iToOyoFk_BQ_RUfkEHGX-celIiybDQZA/edit https://tldrsec.com/

Announcements

  • Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Clint Gibler
Clint Gibler
Head of Security Research at r2c

Clint Gibler is the Head of Security Research for r2c, a startup working on giving security tools directly to developers. Previously, Clint was a Research Director at NCC Group, a global security consulting firm, where he helped companies implement security automation and DevSecOps best practices as well as performed penetration tests for companies ranging from large enterprises to new startups. Clint has previously spoken at conferences including BlackHat USA, AppSec USA/EU/Cali, BSidesSF, and many DevSecCons. Clint holds a Ph.D. in Computer Science from the University of California, Davis. Want to keep up with security research? Check out *tl;dr sec*, Clint’s newsletter that contains summaries of artisanally curated, top talks and useful security links and resources from around the web. https://tldrsec.com/

Hosts

Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
John Kinsella
John Kinsella
Co-founder & CTO at Cysense

2. Semgrep, Microsoft Signs With Rootkits, ATT&CK/D3FEND, & Injured Android – ASW #156

This week in the AppSec News: Visual Studio Code's Workplace Trust, Injured Android an insecure mobile app, Microsoft accidentally signed driver with rootkits, The NSA funds a new sister Matrix to ATT&CK: D3FEND, & "Ransomware: maybe it's you, not them?", and more!

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Hosts

John Kinsella
John Kinsella
Co-founder & CTO at Cysense
  1. 1. Visual Studio Code’s Workplace Trust - The May release of Visual Studio Code added something called Workspace Trust - what looks like a significant improvement in the safety for browsing code from within VSCode. Functionality includes being able to prevent code execution from running Tasks, debugging, workplace settings, or extensions. Looks like they have these features for either workplace or folder granularity.
  2. 2. Microsoft accidentally signed driver with rootkits - Microsoft signed a signature request from a vendor that contained malicious software, without either the vendors or Microsoft's awareness. While Microsoft as since signed a clean version, the question is how did this get signed in the first place?
  3. 3. Ransomware isn’t out of control – security teams are - Here's a think piece for us to...think about what we want and expect our security teams to do. While in any environment we need everybody to work on security together, security teams and management must set the direction and goals for us. With that guidance - how can we better prevent security issues, whether they're ransomware or others?
  4. 4. What are the odds someone will find and exploit this? - Up to 80% of developers are releasing software with some known vulnerability. How can we improve that stat?
prestitial ad