ASWEpisode109

From Security Weekly Wiki
Revision as of 18:45, 1 June 2020 by Paul Asadoorian (talk | contribs) (Added By Paul's Craptastic PPWorks Code)
Jump to navigationJump to search

Application Security Weekly Episode #109 - June 01, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Interview - How to Prevent Account Takeover Attacks - 12:30 PM-01:00 PM


Visit https://securityweekly.com/recaptcha for more information!


Announcements

  • Join the Security Weekly Mailing List & receive your invite to our community Discord server by visiting securityweekly.com/subscribe and clicking the button to join the list!
  • Learn how hidden vulnerabilities lead to application compromise in our next webcast with Snyk! Our second June webcast will be with Google Cloud teaching you how to prevent account takeover attacks! Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

Attackers are using methods such as password spraying and credential theft to commit fraud against websites at an alarming rate. Automated bots are aiding the attacker to conduct these operations at scale. Your defensive strategy should include a mechanism to determine if a session is being controlled by a real user or a bot. How can we best accomplish this without creating too much friction between the real users and your web applications?

To learn more about Google Cloud and reCAPTCHA, visit: https://securityweekly.com/recaptcha To register for our upcoming webcast with Google Cloud: https://attendee.gotowebinar.com/register/886342018982842384?source=ASW


https://cloud.google.com/recaptcha-enterprise

To register for our upcoming webcast with Google Cloud: https://attendee.gotowebinar.com/register/886342018982842384?source=ASW


Guest(s)

John Chirhart

John is an Engineer on Google Cloud Security’s User Protection Services (UPS) Team. He specializes in developing capabilities and solutions to detect and mitigate automated attacks against web applications and infrastructure. John first joined Google as part of Chronicle, a Google Moonshot Factory Graduate. He’s an information security and compliance veteran with 18+ years of experience.


Hosts

2. Interview - Apps Are the New Endpoint - 01:00 PM-01:30 PM

Visit https://securityweekly.com/irdeto for more information!


Announcements

  • Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!
  • Learn how hidden vulnerabilities lead to application compromise in our next webcast with Snyk! Our second June webcast will be with Google Cloud teaching you how to prevent account takeover attacks! Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

Apps are everywhere. Increasingly apps are the main entry point for daily services such as banking, home security or even unlocking a car. But mobile devices are untrustworthy: a place where hackers can reverse engineer apps, tamper with them, and steal the secrets they hold. As apps become the new endpoints, it’s high time to reconsider their security. In this webcast Catherine Chambers, Senior product manager, will discuss why Security needs to be on your app’s feature list.

To learn more about Irdeto, visit: https://securityweekly.com/irdeto


https://irdeto.com/trusted-software/

https://blog.irdeto.com/2020/05/06/does-your-mobile-application-hide-secrets/

https://blog.irdeto.com/2020/04/22/why-application-security-testing-is-only-half-the-battle/


Guest(s)

Catherine Chambers

Since 2011 Catherine has been helping to architect Irdeto’s security solutions for web, mobile and embedded systems. She sometimes posts videos for Irdeto on the subject of reverse engineering under the name Cloakware®? Cate. Prior to joining Irdeto, Catherine worked for many years as a lead programmer in fast-paced startups. Her experience spans the range from coding in assembler to cloud computing. Catherine holds a Master’s degree in Mathematics from Queen’s University.


Hosts