ASW Episode18

From Paul's Security Weekly
Jump to: navigation, search

Application Security Weekly #18

Recorded June 4, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Annoucements:

    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at:
    • Ticket Sales are open for Social Engineering RI Conference. Saturday, June 6th at Salve Regina University in Newport RI. Go to - to register! We are giving away 2 tickets to this conference. Please send your best meme of Paul and Larry to
    • How do you feel about User and Entity Behavior Analytics? What about your SEIM? Check out Logrhythm's webcast on June 14th at 3:00pm-4:00pm.

    Agile vs. DevOps

    The Twitter thread that prompted this episode

    The Agile Manifesto

    0.) What's the difference between Agile, Ci/CD, and DevOps?

    1.) Agile and DevOps: Friends or Foes?

    2.) DevOps vs Agile: What's the Difference and How Are They Related?

    Learning & Tools

    1.) OWASP Top 10 Proactive Controls v3.0 released

    2.) VS Live Share

    3.) VS Code can do that?!

    4.) Wazuh: Open Source Host and Endpoint Security

    5.) Bob Ross Lorem Ipsum


    Bugs, Breaches, and More!

    0.) Remote Code Execution vulnerability in Git

    1.) Comcast website bug leaks Xfinity customer data

    If you build it, they will come

    0.) $VENDOR GDPR Aligntment

    1.) How other companies are responding to GDPR

    2.) Web Storage: The Lesser Evil for Session Tokens

    3.) Oracle Plans to Drop Java Serialization Support, the Source of Most Security Bugs Understanding Java Deserialization

    4.) Digital Ambulance Chasers? Law Firms Send Ads To Patients' Phones Inside ERs

    Food for Thought

    0.) Microsoft acquires GitHub GitHub blog

    1.) A reflection on Software Craftsmanship

    2.) The percentage of open source code in proprietary apps is rising

    3.) Cybersecurity Snapshot, April 2018

    4.) Pocket Developer D20

    5.) GDPR

    6.) First Contact