Security Weekly
Application Security WeeklySubscribe
DevOps

Pick Your Example – ASW #76

This week, we welcome Jay Durga, IT Architect at CIRCOR International, to discuss the excel tool he developed, and how it can be used to measure metrics or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process! In the Application Security News, Simjacker Next Generation Spying Over Mobile, Intel CPUs Vulnerable to Sensitive Data Leakage in NetCAT Attack and NetCAT: Practical Cache Attacks from the Network, What is PSD2? And how it will impact the payments processing industry, Better Together: Why Software-Development Toolmakers Should Embrace Integration, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode76

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. OWASP Application Security Verification Standard – Jay Durga – ASW #76

The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The excel tool Jay Durga developed can be used to measure metric or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode76

Guest

Jay Druga
Jay Druga
IT Architect at CIRCOR International

is working as an IT Architect for CIRCOR International specialized in application security; he started as a programmer and has over 19+ years of experience with diverse roles in IT; he has earned CISSP credential and currently pursuing Masters in CyberSecurity; at this junction of the career he is deeply devoted to CyberSecurity and he proudly says that he is a brainchild of Security Weekly Productions.

Hosts

Mike Shema
Mike Shema
Security Partner at Square
John Kinsella
John Kinsella
Co-founder & CTO at Cysense
Matt Alderman
Matt Alderman
VP, Product at Living Security

2. Bugs, Breaches, & More – ASW #76

Simjacker – Next Generation Spying Over Mobile, Intel CPUs Vulnerable to Sensitive Data Leakage in NetCAT Attack and NetCAT: Practical Cache Attacks from the Network, What is PSD2? And how it will impact the payments processing industry, Better Together: Why Software-Development Toolmakers Should Embrace Integration, and more!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode143

Hosts

Mike Shema
Mike Shema
Security Partner at Square
John Kinsella
John Kinsella
Co-founder & CTO at Cysense
Matt Alderman
Matt Alderman
VP, Product at Living Security

3. OWASP Application Security Verification Standard – ASW #76

The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The excel tool Jay Durga developed can be used to measure metric or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode76 Visit https://www.securityweekly.com/asw for all the latest episodes!

Host

Mike Shema
Mike Shema
Security Partner at Square

Related

DevOps
Automating Security With Static Analysis – Josh Goldberg – ASW #233

Static analysis is the art of scrutinizing your code without building or running it. Common static analysis tools are formatters (which change whitespace and other trivia), linters (which detect likely best practice and style issues), and type checkers (which detect likely bugs). Each of these can aid in improving application security by detecting ...
prestitial ad