ASW Episode44

From Paul's Security Weekly
Jump to: navigation, search

Recorded December 17, 2018 at G-Unit Studios in Rhode Island!


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Announcements

    • RSA Conference 2019 is the place to be for the latest in cybersecurity data, innovation and thought leadership. From March 4 – 8, San Francisco will come alive with cybersecurity’s brightest minds as they gather together to discuss the industry’s newest developments. Go to to register now using the discount code 5U9SWFD to receive $100 off a full conference pass!
    • If you are interested in quality over quantity and having meaningful conversations instead of just a badge scan, join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass.
    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at:

    Interview: Harry Sverdlove, Edgewise

    Harry Sverdlove
    is the CTO of Edgewise.
    Harry Sverdlove, Edgewise’s Chief Technology Officer, was previously CTO of Carbon Black, where he was the key driving force behind their industry-leading endpoint security platform. Earlier in his career, Harry was principal research scientist for McAfee, Inc., where he supervised the architecture of crawlers, spam detectors and link analyzers. Prior to that, Harry was director of engineering at Compuware Corporation (formerly NuMega), and principal architect for Rational Software, where he designed the core automation engine for Rational Robot.


    Bugs, Breaches, and More!

    1.) Facebook bug exposed private photos of 6.8 million users

    2.) Critical SQLite Flaw Leaves Millions of Apps Vulnerable to Hackers

    3.) Thousands of Jenkins servers will let anonymous users become admins

    4.) phpMyAdmin 4.8.4 is released

    If you Build It, They Will Come

    1.) One giant step backwards for cyber security in encryption bill fiasco

    2.) Signal: We can't include a backdoor in our app for the Australian government

    3.) WordPress plugs bug that led to Google indexing some user passwords

    4.) Forget Shifting Security Left; It's Time to Race Left

    Learning & Tools

    1.) SwitfnessX: A cross-platform note-taking & target-tracking app for penetration testers

    2.) The Go Programming Language

    3.) Project to Product

    4.) It Doesn't Have to Be Crazy at Work

    Food for Thought

    1.) JIRA is an antipattern

    2.) We need Sustainable Free and Open Source Communities

    3.) Stripe Atlas: Scaling engineering organizations

    4.) CommitStrip: Security vs. Business

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+