ASWEpisode105

From Security Weekly Wiki
Revision as of 21:19, 1 May 2020 by Paul Asadoorian (talk | contribs) (Added By Paul's Craptastic PPWorks Code)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Application Security Weekly Episode 105 - 2020-04-27

Episode Audio

Application Security Weekly Episode 105

Announcements

  • Learn how penetration testing reduces risk in our next live webcast with Core Security (a Help Systems Company). Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts/trainings by visiting securityweekly.com/ondemand.
  • Join the Security Weekly Mailing List by visiting securityweekly.com/subscribe and clicking the button to join the list! We will be starting to roll out our public Discord channel in the next week or so and our mailing list subscribers will get the first invites!
  • Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!
  • We are looking for high-quality guest suggestions for all of our podcasts to fill our Q3 recording schedule! Submit your suggestions for guests by visiting securityweekly.com/guests and submitting the form! We review suggestions monthly and will reach out to you once reviewed!

Fullaudio - None

Description:

This week, we welcome Avi Douglen, Founder and CEO of Bounce Security, to talk about Threat Modeling in Application Security, DevSecOps, and how Application Security is mapping Security culture! In the Application Security News, Nintendo Confirms Breach of 160,000 Accounts via a legacy endpoint, NSA shares list of vulnerabilities commonly exploited to plant web shells, Code Patterns for API Authorization: Designing for Security, Health Prognosis on the Security of IoMT Devices? Not Good, and 8 Tips to Create an Accurate and Helpful Post-Mortem Incident Report!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly



John Kinsella's Content:

John Kinsella-1.jpg


Template:ASW105FullaudioJohn Kinsella

Matt Alderman's Content:

MattAlderman-0.png


Template:ASW105FullaudioMatt Alderman

Mike Shema's Content:

Mike-shema-0.jpg


Template:ASW105FullaudioMike Shema


News - Nintendo Breach, NSA Advisory, & Security of IoMT

Description:

This week, in the Application Security News, Nintendo Confirms Breach of 160,000 Accounts via a legacy endpoint, NSA shares list of vulnerabilities commonly exploited to plant web shells, Code Patterns for API Authorization: Designing for Security, Health Prognosis on the Security of IoMT Devices? Not Good, and 8 Tips to Create an Accurate and Helpful Post-Mortem Incident Report!



John Kinsella's Content:

John Kinsella-1.jpg


Template:ASW105NewsJohn Kinsella

Matt Alderman's Content:

MattAlderman-0.png


Mike Shema's Content:

Mike-shema-0.jpg



Interview: Threat Modeling in AppSec - 6:00-6:45PM

Description:

This week, we welcome Avi Douglen, Founder and CEO of Bounce Security, to talk about Threat Modeling in Application Security, DevSecOps, and how Application Security is mapping Security culture!

Guest: Bio:
Avi Douglen is Founder and CEO at Bounce Security
AviD is a prominent security architect and software developer, with decades of experience leading development teams in building secure products and protecting complex systems. He has enjoys researching efficient security engineering, usable security, and scaling enterprise security systems. He founded Bounce Security to focus on bringing his own brand of efficient software security to a wider range of technology companies and software developers. Mr. Douglen is a frequent trainer and speaker at industry conferences, such as OWASP, RSA, BSides, and InfoSec, as well as developer conferences such as O’Reilly, DevSecCon, PyCon, and DevOpsDays.

Hosts

John Kinsella - Vice President of Container Security at Qualys
Matt Alderman - CEO at Security Weekly
Mike Shema - Product Security Lead at Square