- 1 Application Security Weekly Episode #113 - July 06, 2020
- 2 1. Interview - Apps Are The New Endpoint - How Can One Company Protect Them All? - 12:30 PM-01:00 PM
- 3 2. News - Application News - 01:00 PM-01:30 PM
Application Security Weekly Episode #113 - July 06, 2020
Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe
1. Interview - Apps Are The New Endpoint - How Can One Company Protect Them All? - 12:30 PM-01:00 PM
- We are looking for high-quality guest suggestions for all of our podcasts to fill our Q3 recording schedule! Submit your suggestions for guests by visiting securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
- With all the recent changes to BlackHat and DefCon, we realized we can keep doing what we do best - host virtual podcasts! I’m proud to announce Hacker Summer Camp 2020, a Security Weekly Virtual, Live-Stream Event, August 3 - August 6, 2020. To reserve your slot now, visit: securityweekly.com/summercamp2020
What do you do if your ambition is to provide security for all the mobile apps in the world? You hire a data scientist! Machine Learning is more than just a buzz word, it is the science behind making decisions quickly and at scale. Catherine Chambers returns to Application Security Weekly with Irdeto’s lead data scientist Will Hicke to describe how they turned Mobile Application Security into a data science problem, and what that means for your mobile app.
To download the white paper, visit htpps://securityweekly.com/irdeto
Since 2011 Catherine has been helping to architect Irdeto’s security solutions for web, mobile and embedded systems. She sometimes posts videos for Irdeto on the subject of reverse engineering under the name Cloakware®? Cate. Prior to joining Irdeto, Catherine worked for many years as a lead programmer in fast-paced startups. Her experience spans the range from coding in assembler to cloud computing. Catherine holds a Master’s degree in Mathematics from Queen’s University.
Will Hickie joined Irdeto in 2018 as a Data Science Architect to investigate how machine learning could be used to improve software and intellectual property protection. As a data scientist, Will employs a statistical data-to-outcomes approach to problem solving. With 20 years of software development experience, and more than a decade of applied ML, he is able to speak to both engineering and machine learning disciplines. Will skipped university and went directly into his first startup during the tech boom of the 1990s, designing algorithms for real-time surveillance systems. In his spare time Will enjoys hiking and spending time with his family.
2. News - Application News - 01:00 PM-01:30 PM
- Join the Security Weekly Mailing List & receive your invite to our community Discord server by visiting securityweekly.com/subscribe and clicking the button to join the list!
- In our first July webcast, you will learn how to stitch and enrich flow data for security with VIAVI Solutions! Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. Or visit securityweekly.com/ondemand to view our previously recorded webcasts!
John Kinsella's Content:
Mike Shema's Content:
- Would you like some RCE with your Guacamole? or at least read some some flawed C code that weakened an RDP service?
- Attackers Will Target Critical PAN-OS Flaw, Security Experts Warn, which isn't much of warning about flaws being attacked, but is a good reminder about modeling attacker goals.
- Microsoft releases emergency security update to fix two bugs in Windows codecs that once again proves a picture is worth a 1,000 flaws and why this older article notes the design changes that Android and Mozilla took in their media handling code.
- The Current State of Kubernetes Threat Modelling highlights past work in evaluating the security of Kubernetes, although it didn't touch on the ATT&CK matrix from Microsoft that we covered in episode 102.
- How To Build a Culture of Resilience Through Good Habits so that improving availability also leads to improving confidentiality and integrity.