Application security, Cloud security, DevOps, Vulnerability management

Talking Cookies – ASW #132

This week, we welcome back Tim Mackey, Principal Security Strategist at Synopsys, to talk about Security Decisions During Application Development! In the Application Security News, Xbox bug exposed email identities, focusing on prevention for your cloud security strategies, Amazon looking to hire more Rust developers, KubeCon continues push for security, and a DevOps reading list!

Visit https://securityweekly.com/synopsys to learn more about them!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Security Decisions During Application Development – Tim Mackey – ASW #132

The security of any application is a function of the decisions made during development. Measuring the risk of those decisions isn't something contained within a single tool, but instead requires a set of perspectives on how a "bad decision" can manifest itself in the security of the app.

This segment is sponsored by Synopsys.

Visit https://securityweekly.com/synopsys to learn more about them!

Sponsored By

Synopsys

Announcements

  • Tomorrow is the big day! The virtual doors open for the first-ever Security Weekly Unlocked virtual event at 10:30am and the last round table should end around 9:30pm! We have an outstanding line-up of presenters, who will be answering questions LIVE in our Discord server during their presentations! Make sure you register for this FREE event before it's too late! Visit https://securityweekly.com/unlocked to view the line-up and register!

Guest

Tim Mackey
Tim Mackey
Principal Security Strategist at Synopsys

Tim Mackey is a principal security strategist for the Synopsys Cybersecurity Research Center. As a security strategist, he applies his skills in distributed systems engineering, mission critical engineering, performance monitoring, large-scale data center operations, and global data privacy regulations to customer problems. An O’Reilly Media published author, Tim has also been covered in publications around the globe including Fortune, NBC News, Dark Reading, InfoSecurity Magazine, and The Straits Times.

Hosts

Mike Shema
Mike Shema
Security Partner at Square
John Kinsella
John Kinsella
Co-founder & CTO at Cysense
Matt Alderman
Matt Alderman
Executive Director at CyberRisk Alliance

2. Top CyberSec Skills for 2021, Xbox Gamertag Bug, & MobileIron RCE Flaw – ASW #132

Xbox bug exposed email identities, focusing on prevention for your cloud security strategies, Amazon looking to hire more Rust developers, KubeCon continues push for security, and a DevOps reading list!

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

Mike Shema
Mike Shema
Security Partner at Square
  1. 1. Critical MobileIron RCE Flaw Under Active Attack - for a bug disclosed and patched in June.
  2. 2. Xbox bug could have allowed hackers to link gamer tags with players’ emails - making identity in Fortnite less fortified than expected.
  3. 3. Prevention Is Better Than the Cure When Securing Cloud-Native Deployments - reiterates a tenet of DevOps -- the feedback loop.
  4. 4. Amazon: We’re hiring software engineers who know programming language Rust - gives us a chance to consider the influence of toolchains on security.
  5. 5. KubeCon Coverage: Incentivizing the DevSecOps Culture - gives us a chance to think about motivating teams to focus on prevention, toolchains, and feedback loops.
  6. 6. The DevOps Reading List: Choosing your next DevOps book - gives us some ways to learn more about DevOps.
John Kinsella
John Kinsella
Co-founder & CTO at Cysense
prestitial ad