Application Security Weekly Subscribe

Pick Your Example – ASW #76

September 16, 2019

Full Audio

View Show Index

Segments

1. OWASP Application Security Verification Standard – Jay Durga – ASW #76

The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The excel tool Jay Durga developed can be used to measure metric or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode76

Guest

Jay Druga

IT Architect at CIRCOR International

is working as an IT Architect for CIRCOR International specialized in application security; he started as a programmer and has over 19+ years of experience with diverse roles in IT; he has earned CISSP credential and currently pursuing Masters in CyberSecurity; at this junction of the career he is deeply devoted to CyberSecurity and he proudly says that he is a brainchild of Security Weekly Productions.

Hosts

Senior Engineering Leader at AWS

Chief Product Officer at CyberSaint

2. Bugs, Breaches, & More – ASW #76

Simjacker – Next Generation Spying Over Mobile, Intel CPUs Vulnerable to Sensitive Data Leakage in NetCAT Attack and NetCAT: Practical Cache Attacks from the Network, What is PSD2? And how it will impact the payments processing industry, Better Together: Why Software-Development Toolmakers Should Embrace Integration, and more!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode143

Hosts

Tech Lead at Block

Senior Engineering Leader at AWS

Chief Product Officer at CyberSaint

3. OWASP Application Security Verification Standard – ASW #76

The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The excel tool Jay Durga developed can be used to measure metric or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode76 Visit https://www.securityweekly.com/asw for all the latest episodes!

Related

Application security

Arg Parsing in Rust, End of Life Hardware, CSRB & MS, Chrome’s V8 Sandbox – ASW #281

April 15, 2024

A Rust advisory highlights the perils of parsing and problems of inconsistent approaches, D-Link (sort of) deals with end of life hardware, CSRB recommends practices and processes for Microsoft, Chrome’s V8 Sandbox increases defense, and more!

Application security

Demystifying Security Engineering Career Tracks – Karan Dwivedi – ASW #281

April 15, 2024

There are as many paths into infosec as there are disciplines within infosec to specialize in. Karan Dwivedi talks about the recent book he and co-author Raaghav Srinivasan wrote about security engineering. There's an appealing future to security taking on engineering roles and creating solutions to problems that orgs face. We talk about the breadt...

Application security

OWASP Breach, Types of Prompt Injection, Device-Bound Sessions, ASVS & APIs – ASW #280

April 8, 2024

OWASP leaks resumes, defining different types of prompt injection, a secure design example in device-bound sessions, turning an ASVS requirement into practice, Ivanti has its 2000s-era Microsoft moment, HTTP/2 CONTINUATION flood, and more!