Difference between revisions of "ASW Episode76"

From Paul's Security Weekly
Jump to: navigation, search
(Created page with "''Recorded September 16, 2019 at G-Unit Studios in Rhode Island!'' == Episode Audio == <!-- <div align="center"> {{#widget:SoundCloud |id=651835745 |width=75% |height=100 |co...")
 
(Interview: Jay Durga, CIRCOR International)
Line 22: Line 22:
  
 
= Interview: Jay Durga, CIRCOR International =
 
= Interview: Jay Durga, CIRCOR International =
[[File:JayDurga.jpg|right|220px|thumb|<center>'''[https://www.linkedin.com/in/jay-durga-cissp Jay Durga]'''<br> is the IT Architect at [http://www.circor.com CIRCOR International].</center>]] Jay Durga is working as an IT Architect for CIRCOR International specialized in application security; he started as a programmer and has over 19+ years of experience with diverse roles in IT; he has earned CISSP credential and currently pursuing Masters in CyberSecurity; at this junction of the career he is deeply devoted to CyberSecurity and he proudly says that he is a brainchild of security weekly production. <br><br>'''Segment Topic:'''<br>Secure DevOps with OWASP ASVS (Application Security Verification Standard)<br><br>'''Segment Description:'''<br>The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The excel tool Jay Durga developed can be used to measure metric or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process.<br><br>'''Segment Resources:'''<br>The excel tool can be downloaded from GitHub page:
+
[[File:JayDurga.jpg|right|220px|thumb|<center>'''[https://www.linkedin.com/in/jay-durga-cissp Jay Durga]'''<br> is the IT Architect at [http://www.circor.com CIRCOR International].</center>]] Jay Durga is working as an IT Architect for CIRCOR International specializing in application security. He started as a programmer and has over 19+ years of experience with diverse roles in IT. He has earned CISSP credential and currently pursuing Masters in CyberSecurity. At this juncture of the career he is deeply devoted and committed to CyberSecurity. He got inspired listening to Security Weekly podcasts and that motivated him to develop the tool for OWASP ASVS (Application Security Verification Standard).<br><br>'''Segment Description:'''<br>The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The excel tool Jay Durga developed can be used to measure metric or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process.<br><br>'''Segment Resources:'''<br>The excel tool can be downloaded from GitHub page:
 
*https://github.com/DJGits/oniondefense/tree/master/owasp-asvs
 
*https://github.com/DJGits/oniondefense/tree/master/owasp-asvs
 
*https://github.com/DJGits/oniondefense/blob/master/owasp-asvs/OWASP-ASVS4.0-Assessment.xlsm
 
*https://github.com/DJGits/oniondefense/blob/master/owasp-asvs/OWASP-ASVS4.0-Assessment.xlsm

Revision as of 16:07, 12 August 2019

Recorded September 16, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • John Kinsella
    is the Vice President of Container Security for Qualys.
  • Mike Shema
    is the Product Security Lead of Square.
  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020 and click the register button to register with our discount code!
    • We're currently running our annual Listener Feedback Survey! Please visit securityweekly.com -> click the survey tab & select "2019 Listener Survey" to submit your responses!
    • Attend RSA Conference 2020, February 24-28 and join thousands of security professionals, forward-thinking innovators and solution providers for five days of actionable learning, inspiring conversation and breakthrough ideas. Register before January 24 and save $900 on a Full Conference Pass. Save an extra $150 by going to securityweekly.com/rsac2020 and use our code to register!
    • Mark your calendars for our Security Weekly Holiday Extravaganza! On December 19th, Security Weekly will be live-streaming 5 one hour panel discussions with some of the most knowledgable professionals in the industry! To round out the evening, Ed Skoudis will be joining the Security Weekly hosts to give his annual announcement about the CounterHack Holiday Hack Challenge! You can view the live stream on our Youtube channel or by visiting securityweekly.com/live. We hope to see you there!

    Interview: Jay Durga, CIRCOR International

    Jay Durga
    is the IT Architect at CIRCOR International.
    Jay Durga is working as an IT Architect for CIRCOR International specializing in application security. He started as a programmer and has over 19+ years of experience with diverse roles in IT. He has earned CISSP credential and currently pursuing Masters in CyberSecurity. At this juncture of the career he is deeply devoted and committed to CyberSecurity. He got inspired listening to Security Weekly podcasts and that motivated him to develop the tool for OWASP ASVS (Application Security Verification Standard).

    Segment Description:
    The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The excel tool Jay Durga developed can be used to measure metric or as a guidance document for testing effectiveness of security controls put in place in your SDLC and DevOps process.

    Segment Resources:
    The excel tool can be downloaded from GitHub page:



    News

    Bugs, Breaches, and More!
    If you build it, they will come
    Learning & Tools
    Food for Thought

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+