Security Weekly
Application Security WeeklySubscribe
Application security, Zero trust, DevSecOps

Still Raging – ASW #125

Full Audio

View Show Index

Segments

1. Application Security Best Practices – James Manico – ASW #125

Managing passwords is a critical developer task. Developers tasked with building or augmenting legacy authentication systems have a daunting task when facing modern adversaries. This session will review some of the changes suggested in NIST SP800-63b the "Digital Identity Guideline on Authentication and Lifecycle Management regarding password policy".

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

  • We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

Guest

OLYMPUS DIGITAL CAMERA
James Manico
CEO at Manicode Security

Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also an investor/advisor for BitDiscovery, Nucleus Security, Secure Circle, CESPPA and Signal Sciences. Jim is a frequent speaker on secure software practices, is a member of the Java Champion community, and is the author of “Iron-Clad Java: Building Secure Web Applications” from Oracle Press. Jim also volunteers for the OWASP foundation as the project co-lead for the OWASP Application Security Verification Standard and the OWASP Proactive Controls.

Hosts

Tech Lead at Block
Senior Engineering Leader at AWS
Chief Product Officer at CyberSaint

2. Fortinet SIEM RCE, Facebook Bug Bounty, & Anti-Virus Vulnerabilities – ASW #125

Redefining Impossible: XSS without arbitrary JavaScript, API flaws in an "unconventional" smart device, Facebook Bug Bounty Announces "Hacker Plus", Anti-Virus Vulnerabilities, and Chrome Introduces Cache Partitioning!

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • It's official! Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. The inaugural edition of Security Weekly Unlocked also celebrates Security Weekly's 15th Anniversary. Visit securityweekly.com/unlocked to submit your presentation & register for free!

Hosts

Tech Lead at Block
Senior Engineering Leader at AWS
Chief Product Officer at CyberSaint

Related