Securing Modern Web Apps: Development Techniques are Changing – Tom Hudson – ASW #161

August 9, 2021

Sponsored By

Visit https://securityweekly.com/detectify for more information!

The use of web apps, SPAs, and APIs are growing steadily and traditional scanning methods don’t provide enough coverage. The appsec tools need to innovate and become smarter and more contextual in order to test modern apps and APIs at scale. Tom Hudson, Security Research Team Lead at Detectify, will give a peek into how Detectify is innovating to help solve these modern app and API developer challenges.

Segment Resources:

- Sign up for updates and be the first to know about Detectify API scanning open beta: https://www.detectify.com/api
- Blog post announcing Detectify’s plans to expand scanner to fuzz public-facing APIs: https://blog.detectify.com/2021/08/03/detectify-fuzzing-public-facing-apis/

This segment is sponsored by Detectify.

Visit https://securityweekly.com/detectify to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes!

Full Episode Show Notes

Securing Modern Web Apps: Development Techniques are Changing

Guests

Tom Hudson - Security Research Team Lead at Detectify

@tomnomnom

Tom Hudson started his career as a software engineer and got into security when a former employer invited him to the company bug bounty program. The experience landed him on the HackerOne scoreboard. Since then, Tom has become a prominent figure in the hacker community, known for his many hacking tools that he hosts on Github.

Hosts

John Kinsella - Chief Architect at Accurics

@johnlkinsella

John Kinsella is the Chief Architect for Accurics

Mike Shema - Product Security Lead at Square

@Codexatron

Mike Shema is the Product Security Lead of Square

Announcements

SC Media debuts its all-new SC digital experience, fully integrated with Security Weekly podcast content and more. The new site increases the scope and scale of original content resources from editorial staff, contributors, and the far-reaching CyberRisk Alliance network. Visit www.scmagazine.com to check out the new look!
Join us August 26th at 11am eastern to learn how to implement cloud security that actually works. If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

DevOps

Maximize security by managing versioning for attackability

Chetan ConikeeDecember 2, 2021

Security teams need to adopt an approach based on the best aspects of humans and machines.

Cloud security

Cloud migration blamed for rise in app-based security breaches

SC StaffNovember 16, 2021

Ninety-one percent of app security managers reported experiencing vulnerable app-related security breaches during the past year, with 54% attributing breaches to their transition to the cloud, TechRadar reports citing a survey from Checkmarx.