ASW Episode03

From Paul's Security Weekly
Jump to: navigation, search

Application Security Weekly #3

Recorded January 26, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.
  • Annoucements

    • Also check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: Currently On-Demand we have webcasts with: Cybereason, Onapsis, Signal Sciences, BHIS, and Stealthbits!
    • If you work in IT and want to have access to an awesome library of OnDemand training head on over to ITPro.TV/securityweekly! They are now accepting requests for demos of the IT Team solution that allows you and your co-workers to access over 3300 hours of training at any time! Use the code SecWeekly30 for the 7-day free trial and 30% off!
    • InfoSec World is March 19-21st of 2018. It is at Lake Buena Vista, Florida. Security Weekly subscribers can save 15% off the InfoSec World 2018 Main Conference or World Pass with the code OS18-SW! You can catch talks from Adrian Sanabria, Diana Kelley and Ed Moyle, Jennifer Manella, Joseph Zacharias, Mark Arnold, Matias Madou, and Summer Fowler. Good job!

    Interview: Matias Madou of Secure Code Warrior

    Matias Madou is the CTO of Secure Code Warrior where he is responsible for leading the company’s technology vision and overseeing the engineering team. Matias has more than 15 years of hands-on software security experience and has developed solution for companies such as HP Fortify, and founded a company called Sensei Security. Over his career, Matias has led multiple application security research projects which have led to commercial products and boasts over 10 patents under his belt. When he is away from his desk, Matias has served as an instructor for advanced application security training courses and regularly speaks at global conferences including RSA Conference, Black Hat, DefCon, BSIMM, OWASP AppSec and BruCon. Matias holds a Ph.D. in Computer Engineering from Ghent University, where he studied application security through program obfuscation to hide the inner workings of an application.

    0.) When did you first realize that you were interested in developing software?
    1.) What prompted you to become more involved in the Security side of software development?
    2.) In your opinion, what has changed the most since you joined the industry?
    3.) What will students learn about at the Tech Lab you're teaching at InfoSec World?
    4.) What's next for Secure Code Warrior?


    The Star

    Tim Cook surprises kids taking coding lessons at Apple store in Eaton Centre

    Bugs, Breaches, and More!

    Critical Flaw in All Blizzard Games Could Let Hackers Hijack Millions of PCs

    Here’s why the epidemic of malicious ads grew so much worse last year

    After ignoring for months, Uber fixes two-factor bypass bug after all

    Facebook invites submissions for “Secure the Internet Grants”

    Redhat have now reverted CPU patches for Spectre due to stability issues introduced

    Hackers Are Using ‘Fire & Fury’ to Install Malware

    If you build it, they will come

    Russian Twitterbots are blaming the US shutdown on Democrats

    “80% of the AWS creds I posted to github got stolen. But <10% of the ones posted to pastebin, which is better than some commercial secret storage services I’ve tried…” - Dan Bourke from Atlassian on his SPACECRAB honeytokens project at

    Malicious Chrome extension is next to impossible to manually remove

    Food for Thought

    Automation Critical to Securing Code in an Agile, DevOps World

    Working overnight has been classified as a carcinogen

    Which programming language are you?

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+