Application Security Weekly Subscribe

DevSecOps, Vulnerability Management

Crypto Bugs, IoT Planes and Application Inspectors, Oh My! – ASW #92

January 20, 2020

PoC Exploits Published For Microsoft Crypto Bug disclosed by NSA, Pratt & Whitney Expects GTF Engine Software Update on A220 Jet in Spring, Building a more private web: A path towards making third party cookies obsolete and making the User-Agent less revealing about the user, Introducing Microsoft Application Inspector, Vulnerability management requires good people and patching skills and DevSecOps: 10 Best Practices to Embed Security into DevOps are more like 10 verbs related to DevOps responsibilities.

Full episode and show notes

Hosts

John Kinsella

John Kinsella

Co-founder & CTO at Cysense

Matt Alderman

Matt Alderman

VP, Product at Living Security

Mike Shema

Mike Shema

Tech Lead at Block

Related

Application security

Starting with Appsec — Is It More of a Position or a Process? – ASW #264

November 27, 2023

This year we've talked about vulns, clouds, breaches, presentations, and all the variations of Dev, Sec, and Ops. As we end the year, let's talk about starting things -- like starting an appsec program or an appsec career. But is there still a need for an appsec team? Or has it turned into specializations for areas like cloud security and bug bount...

Application security

Randstorm, Nothing Chats, Platform Engineering, PyPI Security Audit – ASW #264

November 27, 2023

Weak randomness in old JavaScript crypto, lack of encryption in purported end-to-end encryption, a platform engineering maturity model, PyPI's first security audit, vision for a Rust specification, and more!

Application security

Platform Firmware Security – Magggie Jauregui – ASW Vault

November 20, 2023

Firmware security is complex and continues to be an industry challenge. In this podcast we'll talk about the reasons firmware security remains a challenge and some best practices around platform security. Segment Resources: https://www.helpnetsecurity.com/2020/04/27/firmware-blind-spots/ https://www.helpnetsecurity.com/2020/09/28/hardware-securi...