Difference between revisions of "ASW Episode76"

From Paul's Security Weekly
Jump to: navigation, search
(Created page with "''Recorded September 16, 2019 at G-Unit Studios in Rhode Island!'' == Episode Audio == <!-- <div align="center"> {{#widget:SoundCloud |id=651835745 |width=75% |height=100 |co...")
 
(Interview: Jay Durga, CIRCOR International)
 
Line 22: Line 22:
  
 
= Interview: Jay Durga, CIRCOR International =
 
= Interview: Jay Durga, CIRCOR International =
[[File:JayDurga.jpg|right|220px|thumb|<center>'''[https://www.linkedin.com/in/jay-durga-cissp Jay Durga]'''<br> is the IT Architect at [http://www.circor.com CIRCOR International].</center>]] Jay Durga is working as an IT Architect for CIRCOR International specialized in application security; he started as a programmer and has over 19+ years of experience with diverse roles in IT; he has earned CISSP credential and currently pursuing Masters in CyberSecurity; at this junction of the career he is deeply devoted to CyberSecurity and he proudly says that he is a brainchild of security weekly production. <br><br>'''Segment Topic:'''<br>Secure DevOps with OWASP ASVS (Application Security Verification Standard)<br><br>'''Segment Description:'''<br>The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The excel tool Jay Durga developed can be used to measure metric or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process.<br><br>'''Segment Resources:'''<br>The excel tool can be downloaded from GitHub page:
+
[[File:JayDurga.jpg|right|220px|thumb|<center>'''[https://www.linkedin.com/in/jay-durga-cissp Jay Durga]'''<br> is the IT Architect at [http://www.circor.com CIRCOR International].</center>]] Jay Durga is working as an IT Architect for CIRCOR International specializing in application security. He started as a programmer and has over 19+ years of experience with diverse roles in IT. He has earned CISSP credential and currently pursuing Masters in CyberSecurity. At this juncture of the career he is deeply devoted and committed to CyberSecurity. He got inspired listening to Security Weekly podcasts and that motivated him to develop the tool for OWASP ASVS (Application Security Verification Standard).<br><br>'''Segment Description:'''<br>The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The excel tool Jay Durga developed can be used to measure metric or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process.<br><br>'''Segment Resources:'''<br>The excel tool can be downloaded from GitHub page:
 
*https://github.com/DJGits/oniondefense/tree/master/owasp-asvs
 
*https://github.com/DJGits/oniondefense/tree/master/owasp-asvs
 
*https://github.com/DJGits/oniondefense/blob/master/owasp-asvs/OWASP-ASVS4.0-Assessment.xlsm
 
*https://github.com/DJGits/oniondefense/blob/master/owasp-asvs/OWASP-ASVS4.0-Assessment.xlsm

Latest revision as of 16:07, 12 August 2019

Recorded September 16, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • John Kinsella
    is the Vice President of Container Security for Qualys.
  • Mike Shema
    is the Product Security Lead of Square.
  • Announcements

    • We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand

    • So many of the big East Coast cybersecurity tradeshows take place in crowded cities like Boston and New York, where parking is a nightmare and will cost you an arm and a leg. However, this year's Compass Cybersecurity Symposium is being held at Twin River Casino in Lincoln, RI, just 15 minutes outside of Providence! The venue has plenty of free and easy parking. Speakers include social engineering expert Chris Hadnagy and Security Weekly podcast founder Paul Asadoorian. Use the discount code "SW2019" to save $20 on registration!

    • Security Weekly will be at Hacker Halted in Atlanta, GA this October 10th-11th! EC-Council is offering our listeners a $100 discount to attend the two day conference. Use discount code HH19SW when you register or go to securityweekly.com/hackerhalted and register there! Make sure you checkout the keynote (Paul Asadoorian) and Mr. Jeff Man's talk as well!

    • Have you been trying your hardest to get a ticket to DerbyCon FinishLine?! We know that tickets sold out almost immediately, as they do almost every year, and we have an exciting announcement: Security Weekly is giving away 7 tickets to DerbyCon! Here's what you need to do - subscribe to the Security Weekly YouTube channel and send an email to sam@securityweekly.com with either a written or video testimonial about what Security Weekly means to you! That's it, it's really that simple! First 7 people to complete this will receive a ticket to DerbyCon! You will also be invited to participate in our Security Weekly DerbyCon interview series that Sam and Mark will be running at the conference!


    Interview: Jay Durga, CIRCOR International

    Jay Durga
    is the IT Architect at CIRCOR International.
    Jay Durga is working as an IT Architect for CIRCOR International specializing in application security. He started as a programmer and has over 19+ years of experience with diverse roles in IT. He has earned CISSP credential and currently pursuing Masters in CyberSecurity. At this juncture of the career he is deeply devoted and committed to CyberSecurity. He got inspired listening to Security Weekly podcasts and that motivated him to develop the tool for OWASP ASVS (Application Security Verification Standard).

    Segment Description:
    The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The excel tool Jay Durga developed can be used to measure metric or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process.

    Segment Resources:
    The excel tool can be downloaded from GitHub page:



    News

    Bugs, Breaches, and More!
    If you build it, they will come
    Learning & Tools
    Food for Thought

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+