This week in the Application Security News, Mike and John talk: Flaws in Azure’s CosmosDB, OpenSSL vulns in string handling, dating app location security, cloud security orienteering, detailed S3 threat model, & more! Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

ChaosDB, OpenSSL String Bugs, Revealing Locations, & More Top 15 Vulns

Hosts

	John Kinsella - Co-founder & CTO at Cysense @johnlkinsella John Kinsella is the Chief Architect for Accurics
	Mike Shema - Product Security Lead at Square @Codexatron Mike Shema is the Product Security Lead of Square

Announcements

• InfoSec World 2021 is proud to announce its keynote lineup for this year’s in-person event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on world pass and main conference registration! Visit https://securityweekly.com/isw2021 to register now!

• Security Weekly Unlocked will be held IN PERSON this December 5-7 at the Hilton Lake Buena Vista!

  We are excited to announce our speakers: Lesley Carhart, John Strand, Alyssa Miller, Dave Kennedy, O’Shea Bowens, Marina Ciavatta, Patrick Coble, Chris Eng, Eric Escobar, Nick Leghorn, Michael Schladt, Kevin Johnson, Justin Kohler, Jay Beale, Trenton Ivey & Ryan Cobb!

  Visit https://securityweekly.com/unlocked to register and check out our rockstar lineup!