Difference between revisions of "ASWEpisode86"

From Paul's Security Weekly
Jump to: navigation, search
(Interview:)
Line 29: Line 29:
  
 
===== Bugs, Breaches, and More! =====
 
===== Bugs, Breaches, and More! =====
 +
* [https://www.itsecurityguru.org/2019/11/22/1m-google-hacking-prize/ $1M Google Hacking Prize]
 +
* [https://www.darkreading.com/application-security/12b-records-exposed-in-massive-server-leak/d/d-id/1336439 1.2B Records Exposed in Massive Server Leak]
  
 
===== If you build it, they will come =====
 
===== If you build it, they will come =====
  
 
===== Learning & Tools =====
 
===== Learning & Tools =====
 +
* [https://www.darkreading.com/edge/theedge/whats-in-a-waf-/b/d-id/1336402 What's in a WAF?]
  
 
===== Food for Thought =====
 
===== Food for Thought =====
  
 
{{SocialMedia}}
 
{{SocialMedia}}

Revision as of 19:46, 24 November 2019

Recorded November 25, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • John Kinsella
    is the Vice President of Container Security for Qualys.
  • Mike Shema
    is the Product Security Lead of Square.
  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020 and click the register button to register with our discount code!
    • Attend RSA Conference 2020, February 24-28 and join thousands of security professionals, forward-thinking innovators and solution providers for five days of actionable learning, inspiring conversation and breakthrough ideas. Register before January 24 and save $900 on a Full Conference Pass. Save an extra $150 by going to securityweekly.com/rsac2020 and use our code to register!
    • Our next webcast is February 13th with Sri Sundaralingam, Vice President, Product and Solutions Marketing at ExtraHop where we will discuss Cloud Native Network Detection and Response! Register for our upcoming webcasts by visiting securityweekly.com, selecting the webcast drop down from the top menu bar and clicking registration.


    Interview: Tim Mackey, Synopsys

    Tim Mackey
    is the Principal Security Strategist of Synopsys CyRC (Cybersecurity Research Center).
    Tim Mackey is a principal security strategist within the Synopsys CyRC (Cybersecurity Research Center). He joined Synopsys as part of the Black Duck Software acquisition where he worked to bring integrated security scanning technology to Red Hat OpenShift and the Kubernetes container orchestration platforms. As a security strategist, Tim applies his skills in distributed systems engineering, mission critical engineering, performance monitoring, and large-scale data center operations to customer problems. He takes the lessons learned from those activities and delivers talks globally at well-known events such as RSA, OSCON, Open Source Summit, KubeCon, Interop, CA World, Container World, DevSecCon, DevOps Days, and the IoT Summit. Tim is also an O’Reilly Media published author.

    Segment Topic:
    The security of any application is a function of the decisions made during development.

    Segment Description:
    Measuring the risk of those decisions isn't something contained within a single tool, but instead requires a set of perspectives on how a "bad decision" can manifest itself in the security of the app.

    Segment Resources:



    News

    Bugs, Breaches, and More!
    If you build it, they will come
    Learning & Tools
    Food for Thought

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+