Third-party risk, DevOps, Bug bounties, Threat modeling, Security Research

China’s Top Hacking Contest, GitHub Actions, & Vulnonym – ASW #129

November 9, 2020

China’s top hacking contest turns months of effort into 15 minutes of exploits, an injection flaw in GitHub Actions, understanding post-compromise activity in exploits targeting Solaris and VoIP, security and quality challenges in integrating software from multiple vendors, and CVE naming turns into wibbly wobbly timey wimey stuff! Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

China's Top Hacking Contest, GitHub Actions, & Vulnonym

None

Hosts

[caption id="attachment_210" align="alignleft" width="120"]John Kinsella John Kinsella - Vice President of Container Security[/caption] [caption id="attachment_210" align="alignleft" width="120"]Matt Alderman Matt Alderman - CEO[/caption] [caption id="attachment_210" align="alignleft" width="120"]Mike Shema Mike Shema - Product Security Lead[/caption]

Announcements

  • Would you like to have all of your favorite Security Weekly content at your fingertips? Do you want to hear from Sam & Andrea when we have upcoming webcasts & technical trainings? Have a question for one of our illustrious hosts, someone from the Security Weekly team, or wish you could “hang” out with the Security Weekly crew & community? Subscribe on your favorite podcast catcher, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe

  • In our upcoming webcasts & technical trainings, you will learn why you should stop trying to discover & classify data, how to thwart attackers using deception & how to build a risk-based vulnerability management program! Visit https://securityweekly.com/webcasts to see what we have coming up, or visit securityweekly.com/ondemand to view our previously recorded webcasts!

[audio src="http://traffic.libsyn.com/sw-all/ASW_129_-_News-0_converted.mp3"]
prestitial ad