Application Security Weekly Subscribe

API Security – Dave Ferguson – ASW #89

December 16, 2019

Dave Ferguson is the Director of Product Management, WAS at Qualys. Dave will discuss the issue of latent vulnerabilities and how they may linger in your custom-coded web applications and APIs, presenting an enticing target for attackers.

Full Show Notes: https://securityweekly.com/qualys

Full episode and show notes

Guest

Dave Ferguson

Dave Ferguson

Director of Product Management, WAS at Qualys

Dave Ferguson is Director of Product Management for Web Application Security at Qualys. After writing code and developing applications for over a decade, Dave transitioned to focus on application security. Prior to Qualys, he led the global application security program at Sabre Corporation and worked as a Principal Consultant at FishNet Security (now Optiv). Dave is the author of the OWASP Forgot Password Cheat Sheet and holds CISSP and CSSLP certifications.

Hosts

Mike Shema

Mike Shema

Tech Lead at Block

John Kinsella

John Kinsella

Co-founder & CTO at Cysense

Matt Alderman

Matt Alderman

VP, Product at Living Security

Related

Application security

Starting with Appsec — Is It More of a Position or a Process? – ASW #264

November 27, 2023

This year we've talked about vulns, clouds, breaches, presentations, and all the variations of Dev, Sec, and Ops. As we end the year, let's talk about starting things -- like starting an appsec program or an appsec career. But is there still a need for an appsec team? Or has it turned into specializations for areas like cloud security and bug bount...

Application security

Randstorm, Nothing Chats, Platform Engineering, PyPI Security Audit – ASW #264

November 27, 2023

Weak randomness in old JavaScript crypto, lack of encryption in purported end-to-end encryption, a platform engineering maturity model, PyPI's first security audit, vision for a Rust specification, and more!

Application security

Platform Firmware Security – Magggie Jauregui – ASW Vault

November 20, 2023

Firmware security is complex and continues to be an industry challenge. In this podcast we'll talk about the reasons firmware security remains a challenge and some best practices around platform security. Segment Resources: https://www.helpnetsecurity.com/2020/04/27/firmware-blind-spots/ https://www.helpnetsecurity.com/2020/09/28/hardware-securi...