Difference between revisions of "ASWEpisode99"

From Security Weekly Wiki
Jump to navigationJump to search
Line 34: Line 34:
= News - Application News - TBD  =
= News - Application News - TBD  =
* [https://securitylab.github.com/research/exchange-rce-CVE-2020-0688 CVE-2020-0688 Losing the keys to your kingdom], which is why [https://www.zdnet.com/article/multiple-nation-state-groups-are-hacking-microsoft-exchange-servers/ Multiple nation-state groups are hacking Microsoft Exchange servers]
* [https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864 Revoking certain certificates on March 4]
* [https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864 Revoking certain certificates on March 4]
* [https://www.usenix.org/system/files/nsdi20-paper-li.pdf Gandalf: An Intelligent, End-To-End Analytics Service for Safe Deployment in Large-Scale Cloud Infrastructure]  
* [https://www.usenix.org/system/files/nsdi20-paper-li.pdf Gandalf: An Intelligent, End-To-End Analytics Service for Safe Deployment in Large-Scale Cloud Infrastructure]
* [https://www.darkreading.com/operations/cisos-who-want-a-seat-at-the-devops-table-better-bring-value/a/d-id/1337154 CISOs Who Want a Seat at the DevOps Table Better Bring Value]
* [https://www.theregister.co.uk/2020/03/04/microservices_last_resort/ Microservices guru warns devs that trendy architecture shouldn't be the default for every app, but 'a last resort']

Revision as of 03:45, 9 March 2020

Application Security Weekly Episode 99 - 2020-03-09

Episode Audio

Application Security Weekly Episode 99


  • Our first-ever virtual training is happening on March 19th at 11:00am ET with Adam Kehler & Rob Harvey from the Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming webcasts & trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.
  • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
  • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
  • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!

News - Application News - TBD


Application News - TBD

John Kinsella's Content:

John Kinsella-1.jpg

Template:ASW99NewsJohn Kinsella

Matt Alderman's Content:


Mike Shema's Content:


Interview: Guy Podjarny, Snyk - 6:00-6:45PM


Topic TBD

Guest: Bio:
Guy Podjarny is President / Co-Founder at
Guy Podjarny is Snyk’s Founder and President, focusing on using open source and staying secure. Guy was previously CTO at Akamai following their acquisition of his startup, Blaze.io, and worked on the first web app firewall & security code analyzer. Guy is a frequent conference speaker & the author of O’Reilly “Securing Open Source Libraries”, "Responsive & Fast” and “High Performance Images”.


John Kinsella - Vice President of Container Security at Qualys
Matt Alderman - CEO at Security Weekly
Mike Shema - Product Security Lead at Square