Difference between revisions of "ASW Episode56"

From Security Weekly Wiki
Jump to navigationJump to search
Line 18: Line 18:
 
==News==
 
==News==
  
===== Bugs, Breaches, and More! =====
+
=== Bugs, Breaches, and Bounties! ===
 +
* [https://github.com/envoyproxy/envoy/issues/6434 Envoy NULL character injection]
 +
* [https://github.com/envoyproxy/envoy/issues/6435 Envoy path traversal]
 +
* [https://eprint.iacr.org/2019/347 "Selfie" attack in PSK mutual authentication process]
 +
* [https://www.theverge.com/2019/4/3/18293978/facebook-app-developers-leak-user-records-data-cloud-servers Facebook app developers leaked millions of user records on cloud servers, researchers say]
  
===== If you build it, they will come =====
+
=== Dev, Sec, or Ops? ===
 +
* [https://blog.docker.com/2019/03/advancing-windows-containers-with-docker-and-kubernetes/ ADVANCING WINDOWS CONTAINERS WITH DOCKER AND KUBERNETES]
 +
* [https://devops.com/how-to-design-devsecops-compliance-processes-to-free-up-developer-resources/ How to Design DevSecOps Compliance Processes to Free Up Developer Resources]
  
===== Learning & Tools =====
+
=== Tools & Techniques ===
 
+
* [https://azm.azerialabs.com/ In-browser ARM assembler from Azeria]
===== Food for Thought =====
 
  
 +
=== Deep in Thought ===
 +
* [https://www.informationsecuritybuzz.com/articles/security-testing-trends-for-2019/ Security Testing Trends For 2019]
 +
* [https://containerjournal.com/2019/03/27/report-containers-are-weakest-security-leak-again/ Report: Containers Are Weakest Security Link Again]
 +
* [https://securityboulevard.com/2019/04/the-evolution-of-application-security-in-the-serverless-world/ The Evolution of Application Security In The Serverless World]
  
 
{{SocialMedia}}
 
{{SocialMedia}}

Revision as of 01:04, 8 April 2019

Recorded April 8, 2019 at G-Unit Studios in Rhode Island!

Hosts

  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Mike Shema
    is the Product Security Lead of Square.
  • John Kinsella
    is the Vice President of Container Security for Qualys.
  • Announcements

    • John Strand will be teaching Active Defense and Cyber Deception at Black Hat 2019.  Please register here!  Register Now @ [1].
    • We just released our 2019 Security Weekly 25 Index Survey. Please go to securityweekly.com and click the Survey link to help us understand who's evaluating, using, or formerly used any of the Security Weekly 25 companies. The results will be summarized and presented back to all responders in a private webcast.

    Interview: Loris Degioanni, Sysdig

    Loris Degioanni
    is the CTO & Founder of Sysdig.

    Loris Degioanni is the CTO and founder of Sysdig, the Cloud-Native Intelligence Platform. He is also the creator of the popular open source troubleshooting tool, sysdig and the open source container security tool Falco. Prior to founding Sysdig, Loris co-created Wireshark, the open source network analyzer, which today has 20+ million users. Loris holds a PhD in computer engineering from Politecnico di Torino and lives in Davis, California.


    Topic: Falco

    News

    Bugs, Breaches, and Bounties!

    Dev, Sec, or Ops?

    Tools & Techniques

    Deep in Thought


    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+