Application Security Weekly #21
Recorded June 25, 2018 at G-Unit Studios in Rhode Island!
- Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
Interview: Dan Kuykendall, Rapid7
Dan Kuykendall is the Senior Director of Application Security Products at Rapid7 where he directs the strategic vision, research and product development for the company’s application security solutions. In addition to keeping up with the latest attack patterns, Dan remains focused on one of the toughest aspects of application security - the rapidly evolving web and mobile application development trends. He does this with the philosophy that we need to help security experts keep up by automating as much as possible to free up pen testers for the tough work that requires human brains.
Bugs, Breaches, and More!
1.) Apple comments on erroneous reports of iPhone brute force passcode hack Original Reporting
2.) Flaw in macOS 'Quick Look' could reveal encrypted data
3.) XSS in Google Colaboratory + CSP bypass
4.) Lacework Study Finds 300 Unsecured Container Orchestration Dashboards
If you build it, they will come
1.) Improving extension transparency for users & Dan Goodin calls out Google
3.) But Microsoft IS porting Skype to React Native
4.) The man who was fired by a machine
Learning & Tools
1.) Deploy to Azure with Docker & VS Code
2.) Starter: An Open Source Dockerfile Generator
4.) List Lambdas
Food for Thought
1.) The Problem You Solve Is More Important Than The Code You Write
2.) That time Nick Craver broke StackOverflow
3.) CommitStrip: Are you any good at it?
4.) CommitStrip: The World Cup and the Sysadmin