Enterprise Security Weekly Subscribe

Application security

Platform Security – PaaS & Hosting – Trey Ford – ESW #221

March 24, 2021

- What security features does Heroku offer that the customer can control and how have these evolved over time?

- How do you balance the security of the application, with the security of the deployment, with the security of the platform?

- What are some tips and/or advice for deploying applications and keeping them secure during the lifecycle? (e.g. as a developer I may run applications in a secure environment, but then down the line someone runs my container with --privileged and exposes a security hole).

The goal being our audience learns what to consider when choosing a platform (or platforms) to run applications from a security perspective.

Full episode and show notes

Announcements

Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Trey Ford

Trey Ford

Executive Director, Deputy CISO at Vista Equity Partners

Transformational leader at the intersection of cybersecurity and strategy, with a passion for how compliance, legal, and privacy work together to deepen customer trust and stakeholder confidence. Deeply technical generalist, strategic advisor to ente

Hosts

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

Adrian Sanabria

Adrian Sanabria

Director of Product Marketing at Valence Security

https://valencesecurity.com

Tyler Shields

Tyler Shields

Fractional CMO, Cyber Angel Investor and Advisor at 90 Degree Ventures

https://www.90degree.vc/

Related

Managed services

Generative AI Security Implications, Protecting Web Applications – Liam Mayron – PSW #786

May 24, 2023

Liam Mayron from Fastly comes on the show to talk about his unique path into information security, the security implications of generative AI, advances in technologies to protect web applications, detecting bots, and enabling better MSP services! This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them!...

Managed services

Are MSSPs Snubbing Web Security? Why Websites Take a Back Seat to Network Needs – CFH #22

May 23, 2023

It's understandable why many organizations' cyber investments heavily concentrate on protecting core networks and data centers from breaches and ransomware attacks. But let's not overlook the importance of ensuring that your website remains operational, especially when it directly drives revenue through sales or advertisements. Threats such as DDoS...

New TLDs Zip By, eBPF Fuzzer, Microsoft Rocks Rust, Unwanted Tracking Spec – ASW #242

May 22, 2023

New TLDs are already old news, fuzzing eBPF validators, Microsoft sets to kill bug classes, draft RFC to track location trackers, a top ten list with directory traversal on it, conference videos from Real World Crypto and BSidesSF, and an attack tree generator from markdown.