Over the Edge – ASW #96
This week, we welcome Doug DePerry, Director of Defense at Datadog, to discuss Lessons Learned From The DevSecOps Trenches! In the Application Security News, SweynTooth: Unleashing Mayhem over Bluetooth Low Energy, RetireJS, What Is DevSecOps and How to Enable It on Your SDLC? and more!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Full Audio
Segments
1. Lessons Learned From The DevSecOps Trenches – Doug DePerry – ASW #96
Doug DePerry has held multiple positions in his three years at Datadog, including Director of Product Security and currently, Director of Defense. Prior to his current position, Doug lead the bug bounty program at Yahoo. Much of his 12+ years of experience in the security industry is on the offensive side, as a security researcher and consultant at Leaf SR and iSec Partners and helping establish the Yahoo red team. Prior to that he worked for various defense contractors and the US Army. Doug has presented at multiple industry conferences including Blackhat, DefCon, and multiple OWASP and DevSecCon events.
Guest
Doug DePerry has held multiple positions in his three years at Datadog, including Director of Product Security and currently, Director of Defense. Prior to his current position, Doug lead the bug bounty program at Yahoo. Much of his 12+ years of experience in the security industry is on the offensive side, as a security researcher and consultant at Leaf SR and iSec Partners and helping establish the Yahoo red team. Prior to that he worked for various defense contractors and the US Army. Doug has presented at multiple industry conferences including Blackhat, DefCon, and multiple OWASP and DevSecCon events.
2. SweynTooth, OWASP, CRXcavator, DevSecOps – ASW #96
SweynTooth: Unleashing Mayhem over Bluetooth Low Energy, OWASP SAMM version 2, Understanding Trusted Execution Environments and Arm TrustZone, Security Researchers Partner With Chrome To Take Down Browser Extension Fraud Network Affecting Millions of Users with a revisit to CRXcavator and a look at one of its components, RetireJS, It's the Boot for TLS 1.0 and TLS 1.1 and it's only been about six to nine years since major protocol attacks were demonstrated. How does your organization manage tech debt?, What Is DevSecOps and How to Enable It on Your SDLC?
