ASW Episode17

From Paul's Security Weekly
Jump to: navigation, search

Application Security Weekly #17

Recorded May 21, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Annoucements:

    • Go to and use the code Secweekly30 to try it FREE for 7 days, and receive 30% off your monthly membership for the lifetime of your active subscription.
    • Our content available On-Demand at: This material is available free to our security weekly listeners and subscribers. Also, be sure to check out “The State of Penetration Testing” with BHIS and some other previously recorded webcasts you may have missed!
    • Bugcrowd is Hiring! After closing a Series C funding round at $26 Million, Bugcrowd is expanding headcount across the organization. Checkout, or email to find out more
    • Our upcoming webcast with Javelin Networks on Overcoming the Limitations of Privilege Account Management is being held on May 24 from noon - 1:00pm

    Interview: James Wickett, Signal Sciences

    James Wickett
    Head of Research at Signal Sciences.
    James spends a lot of time at the intersection of the DevOps and Security communities. He works as Head of Research at Signal Sciences and is a supporter of the Rugged Software and Rugged DevOps movements. Seeing the gap in software testing, James founded an open source project, Gauntlt, to serve as a Rugged Testing Framework. He is the author of DevOps Fundamentals, Infrastructure Automation, both DevOps core courses available on and LinkedIn Learning.

    He got his start in technology when he founded a startup as a student at University of Oklahoma and since then has worked in environments ranging from large, web-scale enterprises to small, rapid-growth startups. He is a dynamic speaker on topics in DevOps, InfoSec, cloud security, security testing, Rugged DevOps and serverless.

    James is the creator and founder of the Lonestar Application Security Conference which is the largest annual security conference in Austin, TX. He also runs DevOps Days Austin and is on the global DevOps Days board. He also holds several security certifications including CISSP and GWAPT.

    In his spare time he is trying to learn how to make a perfect BBQ brisket.


    Bugs, Breaches, and More!

    1.) Entire Nest ecosystem of smart home devices goes offline

    2.) Shadowy Hackers accidentally Reveal Two Zero-Days to Security Researchers

    3.) Leaking Sensitive Data Through Google Groups

    If you build it, they will come

    1.) How Alphabet plans to keep hackers away from this year's election

    2.) The Node.js Ecosystem is Chaotic and Insecure

    3.) I asked Apple for all my data. Here's what was sent back

    4.) Open-source vulnerabilities plague enterprise codebase systems

    5.) F-Secure launches Cyber Security Academy

    Food for Thought

    1.) Security as a Product

    2.) 10 highest-paying IT security jobs

    3.) Canada facing 'brain drain' as young tech talent leaves for Silican Valley

    4.) Energy Efficiency across Programming Languages

    5.) Production or Staging, you never know which...

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+