Difference between revisions of "ASWEpisode108"

From Security Weekly Wiki
Jump to navigationJump to search
(Added By Paul's Craptastic PPWorks Code)
 
(Added By Paul's Craptastic PPWorks Code)
Line 10: Line 10:
 
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 
-->
 
-->
= 1. Interview - Using Rate Limiting to Protect Web Apps and APIs - 12:30 PM  =
+
= 1. Interview - Using Rate Limiting to Protect Web Apps and APIs - 12:30 PM-01:00 PM  =
 
<!--   
 
<!--   
 
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
Line 16: Line 16:
  
  
 +
 +
=== Announcements ===
 +
<ul style="margin-left: 50px;">
 +
 +
<li>Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!</li>
 +
 +
<li>Join the Security Weekly Mailing List &amp; receive your invite to our community Discord server by visiting securityweekly.com/subscribe and clicking the button to join the list! </li>
 +
 +
</ul>
  
 
=== Description ===
 
=== Description ===
 +
 +
Rate limiting can be used to protect against a number of modern web application and API attacks. We’ll discuss some of those attacks, including Object ID enumeration, in detail, will demo an attack and will show how using rate limiting in our solution can protect against these attacks.
 +
 +
  
 +
 +
==Guest(s)==
 +
 +
 +
===Jack Zarris===
 +
<gallery mode="nolines" widths=175px heights=175px>
 +
 +
Image:JackZarris-0.png|'''Jack Zarris''' is Senior Sales Engineer at Signal Sciences<br>
 +
 +
</gallery>
 +
Jack Zarris is a Senior Sales Engineer with Signal Sciences. He has over 20 years of experience in the security industry, with focuses on web application and database security for on-prem and cloud hosted apps, product management, load balancing, and mobile device management and security.<br>
  
  
Line 24: Line 48:
  
 
<gallery mode="nolines" widths=175px heights=175px>
 
<gallery mode="nolines" widths=175px heights=175px>
 +
 +
Image:John_Kinsella-1.jpg|<center>[https://twitter.com/@johnlkinsella John Kinsella]  - Vice President of Container Security at Qualys</center>
 +
 +
Image:MattAlderman-0.png|<center>[https://twitter.com/@maldermania Matt Alderman]  - CEO at Security Weekly</center>
  
 
Image:mike-shema-0.jpg|<center>[https://twitter.com/@Codexatron Mike Shema]  - Product Security Lead at Square</center>
 
Image:mike-shema-0.jpg|<center>[https://twitter.com/@Codexatron Mike Shema]  - Product Security Lead at Square</center>

Revision as of 19:39, 17 May 2020

Application Security Weekly Episode #108 - May 18, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Interview - Using Rate Limiting to Protect Web Apps and APIs - 12:30 PM-01:00 PM

Announcements

  • Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!
  • Join the Security Weekly Mailing List & receive your invite to our community Discord server by visiting securityweekly.com/subscribe and clicking the button to join the list!

Description

Rate limiting can be used to protect against a number of modern web application and API attacks. We’ll discuss some of those attacks, including Object ID enumeration, in detail, will demo an attack and will show how using rate limiting in our solution can protect against these attacks.



Guest(s)

Jack Zarris

Jack Zarris is a Senior Sales Engineer with Signal Sciences. He has over 20 years of experience in the security industry, with focuses on web application and database security for on-prem and cloud hosted apps, product management, load balancing, and mobile device management and security.


Hosts

2. Interview - Highlights From The New Open Source Security and Risk Analysis (OSSRA) Report - 01:00 PM

Description

Hosts