Application security, DevOps, Security awareness, Vulnerability management

AppSec Orchestration/Correlation & DevSecOps Efficiency – Anita D’Amico, Patrick Carey – ASW #167

September 27, 2021

In its 2019 Hype Cycle for Application Security report, Gartner revealed a new, “high-priority” category called Application Security Orchestration and Correlation (ASOC). ASOC delivers three primary benefits to the AppSec process within organizations: efficiency, scalability, and accountability. We will take a closer look at these benefits and discuss it can help your DevSecOps team function better.

This segment is sponsored by Synopsys.

Visit https://securityweekly.com/synopsys to learn more about them!

Announcements

InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.

Guests

Anita D'Amico

VP, Market Development at Synopsys

Anita D’Amico, PhD is the former CEO of Code Dx, Inc. an Application Security Orchestration and Correlation company recently acquired by Synopsys. She currently serves as the Vice President of Market Development in the Synopsys Software Integrity Group. Her roots are in experimental psychology and human factors, and she has built a career of leading technology development to enhance human performance. More recently she has focused her attention on enhancing the decisions and work processes of software developers and AppSec analysts to make code more secure. Anita was named as one of “100 Fascinating Females Fighting Cybercrime” in the 2019 book “Women Know Cyber.”

Patrick Carey

Senior Director of Product Marketing at Synopsys

http://synopsys.com/

Patrick Carey is Senior Director of Product Marketing for Synopsys Software Integrity Group, where he manages go-to-market analysis and strategy for Synopsys’ portfolio of application security solutions. Patrick’s 30-year includes leadership roles in software development, product management, consulting, and marketing in a wide-range of companies, from early-stage start-ups to large companies including Citrix and Accenture. Patrick is based in Burlington, MA.

Hosts

Mike Shema

Security Partner at Square

Tyler Robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

trob#6466

http://darkelement.io/

Application security

OpenAI Info Leak, BitCoin ATM Hack, GitHub RSA SSH Key, Measuring AI Security – ASW #234

March 27, 2023

Ferrari refuses ransomware, OpenAI deals with security issues from cacheing, video killed a crypto ATM, GitHub rotates their RSA SSH key, bypassing CloudTrail, terms and techniques for measuring AI security and safety

Application security

Real-life Examples. Benefits, Risk & Security Implications of AI – Frank Catucci – ASW #234

March 27, 2023

With the increased interest and use of AI such as GTP 3/4, ChatGPT, GitHub Copilot, and internal modeling, there comes an array of use cases and examples for increased efficiency, but also inherent security risks that organizations should consider. In this talk, Invicti’s CTO & Head of Security Research Frank Catucci discusses potential use cas...

DevOps

PassTheHash from Outlook, RCE in Modem Chipset, OpenSSH Sandboxes, Curl’s Anniversary – ASW #233

March 20, 2023

Outlook can leak NTLM hashes, potential RCE in a chipset for Wi-Fi calling in phones (and autos!?), the design of OpenSSH's sandboxes, more on the direction of OWASP, celebrating 25 years of Curl.