Recorded September 23, 2019 at G-Unit Studios in Rhode Island!
- Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
- OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
- We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
- Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.
Interview: Nicolas Valcárcel, AdRoll
Nicolas is a Security Engineer at AdRoll. He has over a decade of experience working on the technology industry, including various development, operations and security roles. Nicolas has been involved in multiple early stage Startups and has helped them build the foundation for the engineering teams, as well as successfully design, bootstrap and build security programs.
Developers and security professional have vastly different views of the world, so it's not uncommon that trainings created by the later don't fully reach the former. Training for developers should be made with their tools and with their view of the world in mind.
Bugs, Breaches, and More!
If you build it, they will come
Learning & Tools
- No surprises in the top 25 most dangerous software errors and the list of 2019 CWE Top 25 Most Dangerous Software Errors
Food for Thought
- BSIMM10 Emphasizes DevOps' Role in Software Security and the BSIMM10 report
- Crowdsourced Security & the Gig Economy
- Lessons learned through 15 years of SDL at work