Recorded April 8, 2019 at G-Unit Studios in Rhode Island!
- Register for our upcoming webcast with ServiceNow by going to securityweekly.com/webcasts . If you have missed any of our previously recorded webcasts, you can find them at securityweekly.com/ondemand.
- Attending KubeCon and CloudNativeCon Europe 2019 in Barcelona May 20-23, 2019? Join your peers at the Cloud-Native Transformation Summit 2019 hosted by Sysdig on May 20th. Our very own Matt Alderman will be emceeing the event. Pre-registration is required. You can add it on during your KubeCon + CloudNativeCon registration.
- This is the last week for our 2019 Security Weekly 25 Index Survey. Please go to securityweekly.com and click the Survey link to help us understand who’s evaluating, using, or formerly used any of the Security Weekly 25 companies. The results will be summarized and presented back to all responders in a private webcast.
- We've heard from our listeners that they love our content, but the amount of content we distribute can sometimes be overwhelming. We've recently released our customizable listener interest list. Visit securityweekly.com/subscribe and click the button to Join the Listener List and let us know your interests.
Interview: Loris Degioanni, Sysdig
Loris Degioanni is the CTO and founder of Sysdig, the Cloud-Native Intelligence Platform. He is also the creator of the popular open source troubleshooting tool, sysdig and the open source container security tool Falco. Prior to founding Sysdig, Loris co-created Wireshark, the open source network analyzer, which today has 20+ million users. Loris holds a PhD in computer engineering from Politecnico di Torino and lives in Davis, California.
Bugs, Breaches, and Bounties!
- Envoy NULL character injection
- Envoy path traversal
- "Selfie" attack in PSK mutual authentication process
- Facebook app developers leaked millions of user records on cloud servers, researchers say
Dev, Sec, or Ops?
- ADVANCING WINDOWS CONTAINERS WITH DOCKER AND KUBERNETES
- How to Design DevSecOps Compliance Processes to Free Up Developer Resources
Tools & Techniques
Deep in Thought
- Security Testing Trends For 2019
- Report: Containers Are Weakest Security Link Again
- The Evolution of Application Security In The Serverless World