From Security Weekly Wiki
Revision as of 19:56, 17 April 2020 by Paul Asadoorian (talk | contribs) (Added By Paul's Craptastic PPWorks Code)
Jump to navigationJump to search

Application Security Weekly Episode 104 - 2020-04-20

Episode Audio

Application Security Weekly Episode 104


  • Going cloudnative? See how to integrate application security in our next webcast with Signal Sciences! Learn how penetration testing reduces risk in our May webcast with Core Security (a Help Systems Company). Register for our upcoming webcasts or virtual trainings by visiting You can also access our on-demand library of previously recorded webcasts/trainings by visiting Each webcast will earn you 1 CPE credit that we will submit on your behalf if you provide your ISC2 number.
  • We have officially migrated our mailing list to BACK to our original platform! We have our categories nailed down and you are now able to customize what you receive from us based on your preferences by visiting and clicking the button to join the list! Once you have joined, you will also be able to go back and update your "interests" so that we can grow with you as you progress through your journey in InfoSec!
  • We are looking for high-quality guest suggestions for our Enterprise Security Weekly podcast to fill our upcoming recording schedule! We're committed to educating and providing entertainment for the InfoSec community and we would love to hear from you about who you would like us to interview on the show! Submit your suggestions for guests by visiting and submitting the form! We review suggestions monthly and will reach out to you once reviewed!
  • Join Qualys for VMDR Live on April 21 at 2pm ET for a live demonstration of the game-changing Vulnerability Management, Detection & Response offering - a unified solution that integrates vulnerability management, threat prioritization and patching in a single app. Register at

News - Application News - TBD



Mike Shema's Content:


Interview: Building an AppSec Ecosystem - 6:00-6:45PM


It's possible to check the boxes and have an AppSec program that looks great on paper, but still not have positive results. We will cover using continuous feedback from AppSec testing activities passing through threat models to make life better for AppSec, red teams, QA, and engineers.

Guest: Bio:
Rebecca Deck is Senior Staff Application Security Engineer at Avalara
Rebecca Deck is a Staff Application Security Engineer at Avalara. She determines application security tools and strategy and (hopefully) gets to perform application security testing. She has more than 20 years of experience in IT that includes QA, software development, engineering, incident response, and consulting. She's currently quarantined with her wife and kids living the dream of working and home schooling.


John Kinsella - Vice President of Container Security at Qualys
Matt Alderman - CEO at Security Weekly
Mike Shema - Product Security Lead at Square