Difference between revisions of "ASWEpisode101"

From Security Weekly Wiki
Jump to navigationJump to search
(Added By Paul's Craptastic PPWorks Code)
(Added By Paul's Craptastic PPWorks Code)
 
(7 intermediate revisions by the same user not shown)
Line 20: Line 20:
  
 
</p>
 
</p>
= Interview: Singularity: a Different Take on Container Security - 6:00-6:45PM =
+
= Interview: Singularity: A Different Take on Container Security - 6:00-6:45PM =
 
<!--   
 
<!--   
 
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 
-->
 
-->
 
{|style="width: 100%;margin: auto; " cellpadding="10"
 
{|style="width: 100%;margin: auto; " cellpadding="10"
 +
 +
|<center>{{#ev:youtube|WNm8UJ_ON8w }}</center>
  
 
|-
 
|-
|<p>'''Description:'''<br><br> None</p>
+
|<p>'''Description:'''<br><br> Singularity is a container runtime that was built from the ground up to live in multi-user environments where POSIX permissions must be respected. In addition to a novel runtime approach, the Singularity Image Format (SIF) differs significantly from other container image formats, with built-in support for full image encryption as well as digital signatures.</p>
  
 
|}
 
|}
 
{|style="width: 100%;margin: auto; " cellpadding="5"
 
{|style="width: 100%;margin: auto; " cellpadding="5"
 +
 +
|'''Guest:'''
 +
|'''Bio:'''
 +
|-
 +
 +
|[[Image:AdamHughes-0.jpg|200px|thumb|<center>'''Adam Hughes''' is Chief Software Architect at Sylabs Inc.]</center>]]
 +
 +
|Adam is a developer with nearly two decades of experience in cyber security, real-time operating systems, carrier grade telecommunications systems, and large-scale distributed systems. After joining Sylabs in early 2018, he helped develop the Singularity Container Services suite, which forms an ecosystem around the Singularity container runtime. He has since taken on the role of Chief Software Architect and is now responsible for technical leadership of all Sylabs products.
 +
|-
  
 
|}
 
|}
Line 39: Line 50:
  
 
{|style="width: 100%;margin: auto; " cellpadding="1"
 
{|style="width: 100%;margin: auto; " cellpadding="1"
 +
 +
|[[Image:John_Kinsella-1.jpg|100px|thumb|<center>[https://twitter.com/@johnlkinsella John Kinsella]  - Vice President of Container Security at Qualys</center>]]
 +
 +
|[[Image:MattAlderman-0.png|100px|thumb|<center>[https://twitter.com/@maldermania Matt Alderman]  - CEO at Security Weekly</center>]]
 
 
 
|[[Image:mike-shema-0.jpg|100px|thumb|<center>[https://twitter.com/@Codexatron Mike Shema]  - Product Security Lead at Square</center>]]
 
|[[Image:mike-shema-0.jpg|100px|thumb|<center>[https://twitter.com/@Codexatron Mike Shema]  - Product Security Lead at Square</center>]]
Line 44: Line 59:
 
|}
 
|}
  
= Technical Segment - Why combining SAST and SCA in your IDE produces higher quality, secure software faster =
+
= Fullaudio - None =
 
<!--   
 
<!--   
 
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
Line 51: Line 66:
  
 
|-
 
|-
|<p>'''Description:'''<br><br> None</p>
+
|<p>'''Description:'''<br><br> This week, we welcome Adam Hughes, Chief Software Architect at Sylabs Inc., to discuss Singularity: A Different Take on Container Security! In the second segment, we welcome Utsav Sanghani, Senior Product Manager at Synopsys, to discuss Why combining SAST and SCA in your IDE produces higher quality, secure software faster!
  
 +
To learn more about Synopsys, visit: https://securityweekly.com/synopsys
 +
Visit https://www.securityweekly.com/asw for all the latest episodes!
  
 +
Follow us on Twitter: https://www.twitter.com/securityweekly
 +
Like us on Facebook: https://www.facebook.com/secweekly</p>
  
  
Line 59: Line 78:
 
|}
 
|}
  
 +
 +
==[https://twitter.com/@johnlkinsella John Kinsella]'s Content: ==
 +
[[Image:John_Kinsella-1.jpg|50px|thumb|left]]
 +
<br>
 +
{{Template:ASW101FullaudioJohn Kinsella}}
 +
 +
==[https://twitter.com/@maldermania Matt Alderman]'s Content: ==
 +
[[Image:MattAlderman-0.png|50px|thumb|left]]
 +
<br>
 +
{{Template:ASW101FullaudioMatt Alderman}}
 +
 +
==[https://twitter.com/@Codexatron Mike Shema]'s Content: ==
 +
[[Image:mike-shema-0.jpg|50px|thumb|left]]
 +
<br>
 +
{{Template:ASW101FullaudioMike Shema}}
 +
 +
 +
= Technical Segment - The Benefits of SAST and SCA in Your IDE - Utsav Sanghani  =
 +
<!-- 
 +
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 +
-->
 +
{|style="width: 100%;margin: auto; " cellpadding="10"
 +
 +
|<center>{{#ev:youtube|jyuqIwT42r8 }}</center>
 +
 +
|-
 +
|<p>'''Description:'''<br><br> Static application security testing (SAST) is critical for uncovering and eliminating issues in proprietary code. However, over 60% of the code in an average application today is composed of open source components. SAST isn't designed to find open source vulnerabilities (CVEs) or identify open source licenses. And manually maintaining a repository of approved open source components for developers is inefficient and time-consuming. That’s where software composition analysis (SCA) comes in. Introducing a new functionality within the Code Sight IDE plugin that combines SAST and SCA in one place to enable secure development.</p>
 +
 +
 +
|-
 +
|'''Guest:'''
 +
|'''Bio:'''
 +
|-
 +
 +
|[[Image:Utsav_Sanghani-0.jpg|200px|thumb|<center>'''Utsav Sanghani''' is Senior Product Manager at Synopsys]</center>]]
 +
 +
|Utsav Sanghani is a senior product manager at Synopsys where he supports strategic cloud product initiatives. He works closely with customers, engineers, and design teams to guide strategic products from conception to launch and straightens out any potential hurdles in the process. He holds a business degree from Dartmouth College and a bachelor’s degree in engineering from the University of Mumbai, India.
 +
|-
 +
 +
 +
 +
 +
|}
 +
 +
 +
==[https://twitter.com/@johnlkinsella John Kinsella]'s Content: ==
 +
[[Image:John_Kinsella-1.jpg|50px|thumb|left]]
 +
<br>
 +
{{Template:ASW101Technical SegmentJohn Kinsella}}
 +
 +
==[https://twitter.com/@maldermania Matt Alderman]'s Content: ==
 +
[[Image:MattAlderman-0.png|50px|thumb|left]]
 +
<br>
 +
{{Template:ASW101Technical SegmentMatt Alderman}}
 
 
 
==[https://twitter.com/@Codexatron Mike Shema]'s Content: ==
 
==[https://twitter.com/@Codexatron Mike Shema]'s Content: ==

Latest revision as of 21:54, 23 March 2020

Application Security Weekly Episode 101 - 2020-03-23

Episode Audio

Application Security Weekly Episode 101

Announcements

Interview: Singularity: A Different Take on Container Security - 6:00-6:45PM

Description:

Singularity is a container runtime that was built from the ground up to live in multi-user environments where POSIX permissions must be respected. In addition to a novel runtime approach, the Singularity Image Format (SIF) differs significantly from other container image formats, with built-in support for full image encryption as well as digital signatures.

Guest: Bio:
Adam Hughes is Chief Software Architect at Sylabs Inc.]
Adam is a developer with nearly two decades of experience in cyber security, real-time operating systems, carrier grade telecommunications systems, and large-scale distributed systems. After joining Sylabs in early 2018, he helped develop the Singularity Container Services suite, which forms an ecosystem around the Singularity container runtime. He has since taken on the role of Chief Software Architect and is now responsible for technical leadership of all Sylabs products.

Hosts

John Kinsella - Vice President of Container Security at Qualys
Matt Alderman - CEO at Security Weekly
Mike Shema - Product Security Lead at Square

Fullaudio - None

Description:

This week, we welcome Adam Hughes, Chief Software Architect at Sylabs Inc., to discuss Singularity: A Different Take on Container Security! In the second segment, we welcome Utsav Sanghani, Senior Product Manager at Synopsys, to discuss Why combining SAST and SCA in your IDE produces higher quality, secure software faster!

To learn more about Synopsys, visit: https://securityweekly.com/synopsys Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly



John Kinsella's Content:

John Kinsella-1.jpg


Template:ASW101FullaudioJohn Kinsella

Matt Alderman's Content:

MattAlderman-0.png


Template:ASW101FullaudioMatt Alderman

Mike Shema's Content:

Mike-shema-0.jpg


Template:ASW101FullaudioMike Shema


Technical Segment - The Benefits of SAST and SCA in Your IDE - Utsav Sanghani

Description:

Static application security testing (SAST) is critical for uncovering and eliminating issues in proprietary code. However, over 60% of the code in an average application today is composed of open source components. SAST isn't designed to find open source vulnerabilities (CVEs) or identify open source licenses. And manually maintaining a repository of approved open source components for developers is inefficient and time-consuming. That’s where software composition analysis (SCA) comes in. Introducing a new functionality within the Code Sight IDE plugin that combines SAST and SCA in one place to enable secure development.


Guest: Bio:
Utsav Sanghani is Senior Product Manager at Synopsys]
Utsav Sanghani is a senior product manager at Synopsys where he supports strategic cloud product initiatives. He works closely with customers, engineers, and design teams to guide strategic products from conception to launch and straightens out any potential hurdles in the process. He holds a business degree from Dartmouth College and a bachelor’s degree in engineering from the University of Mumbai, India.


John Kinsella's Content:

John Kinsella-1.jpg


Template:ASW101Technical SegmentJohn Kinsella

Matt Alderman's Content:

MattAlderman-0.png


Template:ASW101Technical SegmentMatt Alderman

Mike Shema's Content:

Mike-shema-0.jpg


Template:ASW101Technical SegmentMike Shema