Asw121

From Security Weekly Wiki
Jump to navigationJump to search

Application Security Weekly Episode #121 - September 14, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. The People & Process of DevOps - 12:30 PM-01:00 PM


Announcements

  • BSides Boston is back in action for their 10 year anniversary! The conference will be held on Saturday, September 26th & tickets are only $10! You can get yours at https://bsidesbos.org! Some of the Security Weekly team will be in our own channel on the BSides Boston Discord server answering questions and possibly doing some contests!

  • Join the Security Weekly Mailing List for webcast/virtual training announcements and to receive your personal invite to our Discord server by visiting https://securityweekly.com/subscribe and clicking the button to join the list!

Description

Developer friendly appsec; the people, process and culture of DevSecOps. The basics for some and struggles for others.



Guest(s)

Frank Catucci

Frank Catucci is a global application security leader with over 15 years of diverse experience which grants him the unique ability to see and lead information and application security with a unique, complete and holistic approach. Frank is currently leading efforts within application security and devsecops with groundbreaking security research, techniques and completeness of vision, as a pioneer and leader of application security and devsecops advancement.


Hosts

2. RCE via BACKBLAZE, Microsoft Patch Tuesday, & CRYLOGGER - 01:00 PM-01:30 PM


Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Security Weekly is ramping up our webcast/technical training schedule for the rest of 2020! In September you can Find out Why Traditional Data Security Can’t Be Zero Trust, and Learn how to reduce the blast radius of your cloud infrastructure. Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys, Microsoft Patch Tuesday, Sept. 2020 Edition, Academics find crypto bugs in 306 popular Android apps, none get patched, using CRYLOGGER to detect crypto misuses dynamically, Remote Code Execution as SYSTEM/root via Backblaze, and more!



Hosts

John Kinsella's Content:

Articles

Matt Alderman's Content:

Articles

Mike Shema's Content:

Articles