Application Security Weekly #35
Recorded October 15, 2018 at G-Unit Studios in Rhode Island!
- Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
- Join us for our Webcast with Signal Sciences about Which way should you shift testing in the SDLC?, November 8th @3-4pm EST. Go to securityweekly.com/signalsciences to register now!
Interview: Garrett Gross, Rapid 7
is the Sr. Solutions Engineer at [www.rapid7.com/securityweekly Rapid 7].
Garrett Gross received his first modem at age six and has been plugged in ever since. Today, Garrett is a Senior Solutions Engineer with a specialization in application security at Rapid7. He serves as an escalation layer to the applied engineering department, provides technical enablement, and facilitates cross-departmental functionality. He has served in various information technology roles in a myriad of environments, ranging from systems administration in higher education to applied engineering at security startups. Garrett has been a hacker and technophile his entire life, loving nothing more than discovering new ways to make and break things.
Product Security by Design
Bugs, Breaches, and More!
1.) Git Project patches Remote Code Execution Vulnerability
2.) Google is Shutting Down Google+ after 500k accounts potentially affected by a data breach
3.) Facebook breach hit up to 5 Million EU Users
If you Build It, They Will Come
1.) Facebook Wants people to Invite its Cameras into their Homes
2.) Facebook Reveals how recent hack Exposed Sensitive User Details, including Search History
3.) Around 62% of all Internet sites will run an Unsupported PHP Version in 10 Weeks
Learning & Tools
1.) Google's Cyber Unit "Jigsaw" introduces Intra, a new Censorship-busting App
2.) Microsoft Open Sources its Patent Portfolio
3.) GitHub introduces User blocking Notifications
Food for Thought
1.) DevOps Producing more Insecure Apps than Ever
2.) Climate Change being taught on Fortnite Twitch stream
3.) Private by Design