Difference between revisions of "Asw129"

From Security Weekly Wiki
Jump to navigationJump to search
(Created page with " <!-- ************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! *************************** --> = Application Securit...")
 
 
(19 intermediate revisions by the same user not shown)
Line 10: Line 10:
 
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 
-->
 
-->
 +
= 1. China's Top Hacking Contest, GitHub Actions, & Vulnonym - 12:30 PM-01:00 PM  =
 +
<!-- 
 +
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 +
-->
 +
 +
<center>{{#ev:youtube|axKZr6qS2B4 }}</center>
 +
 +
 +
 +
=== Announcements ===
 +
<ul style="margin-left: 50px;">
 +
 +
<li> <p>Would you like to have all of your favorite Security Weekly content at your fingertips? Do you want to hear from Sam &amp; Andrea when we have upcoming webcasts &amp; technical trainings? Have a question for one of our illustrious hosts, someone from the Security Weekly team, or wish you could &#8220;hang&#8221; out with the Security Weekly crew &amp; community? Subscribe on your favorite podcast catcher, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe</p></li>
 +
 +
<li> <p>In our upcoming webcasts &amp; technical trainings, you will learn why you should stop trying to discover &amp; classify data, how to thwart attackers using deception &amp; how to build a risk-based vulnerability management program! Visit https://securityweekly.com/webcasts to see what we have coming up, or visit securityweekly.com/ondemand to view our previously recorded webcasts!</p></li>
 +
 +
</ul>
 +
 +
=== Description ===
 +
 +
China's top hacking contest turns months of effort into 15 minutes of exploits, an injection flaw in GitHub Actions, understanding post-compromise activity in exploits targeting Solaris and VoIP, security and quality challenges in integrating software from multiple vendors, and CVE naming turns into wibbly wobbly timey wimey stuff!
 +
 +
 +
 +
==Hosts==
 +
 +
 +
==[https://twitter.com/@johnlkinsella John Kinsella]'s Content: ==
 +
<gallery mode="nolines" widths=150px heights=150px>
 +
Image:John_Kinsella-1.jpg
 +
</gallery>
 +
{{Template:ASW129NewsJohnKinsella}}
 +
 +
==[https://twitter.com/@maldermania Matt Alderman]'s Content: ==
 +
<gallery mode="nolines" widths=150px heights=150px>
 +
Image:MattAlderman-0.png
 +
</gallery>
 +
{{Template:ASW129NewsMattAlderman}}
 +
 +
==[https://twitter.com/@Codexatron Mike Shema]'s Content: ==
 +
<gallery mode="nolines" widths=150px heights=150px>
 +
Image:mike-shema-0.jpg
 +
</gallery>
 +
{{Template:ASW129NewsMikeShema}}
 +
 +
 +
= 2. Security Is a Feature - 01:00 PM-01:30 PM  =
 +
<!-- 
 +
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 +
-->
 +
 +
<center>{{#ev:youtube|lKJNZ61Bjnk }}</center>
 +
 +
 +
 +
=== Announcements ===
 +
<ul style="margin-left: 50px;">
 +
 +
<li> <p>Join Amit Bareket, Co-founder &amp; <span class="caps">CEO</span> of Perimeter 81 &amp; Paul Asadoorian for a technical deep-dive into the problems inherent in legacy <span class="caps">VPN</span> technology. Together they will explore solutions for the modern workforce &amp; how momentum toward perimeter-less architecture is helping redefine the future of cybersecurity. Register Now by visiting https://securityweekly.com/perimeter81</p></li>
 +
 +
<li> <p>Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. This 1 day virtual event wraps up with the 15th anniversary edition of Paul&#8217;s Security Weekly live on Youtube! Visit https://securityweekly.com/unlocked to view the agenda and register for free!</p></li>
 +
 +
</ul>
 +
 +
=== Description ===
 +
 +
What does it take to manage security teams and security initiatives? Find out the importance of people in security, whether it's keeping a team engaged or encouraging a team to rethink how they approach security.
 +
 +
 +
Keith's appearance on PSW #564: https://youtu.be/9r0-Sga2bEg
 +
 +
PSW #564 Show Notes: https://wiki.securityweekly.com/Episode564
 +
 +
 +
 +
==Guest(s)==
 +
 +
 +
===Keith Hoodlet===
 +
<gallery mode="nolines" widths=175px heights=175px>
 +
 +
Image:KeithHoodlet-0.jpg|'''[https://twitter.com/@securingdev Keith Hoodlet]''' is Senior Manager, Application Experience at Thermo Fisher Scientific<br>
 +
 +
</gallery>
 +
Keith Hoodlet is the Senior Manager of Application Experience within Corporate Information Security at Thermo Fisher Scientific - a global enterprise seeking to make the world healthier, cleaner, and safer. Named as one of the world's 50 Influential DevSecOps Professionals), Keith has worked on projects such as the Application Security Weekly podcast (episodes 0 - 55), as well as the renewed InfoSec Mentors Project where he acts as Founder and CTO; Keith is also known for his work as an ethical hacker and Top 200 security researcher / MVP on the Bugcrowd platform.<br>
 +
 +
 +
==Hosts==
 +
 +
<gallery mode="nolines" widths=175px heights=175px>
 +
 +
Image:John_Kinsella-1.jpg|<center>[https://twitter.com/@johnlkinsella John Kinsella]  - Chief Architect at Accurics</center>
 +
 +
Image:mike-shema-0.jpg|<center>[https://twitter.com/@Codexatron Mike Shema]  - Product Security Lead at Square</center>
 +
 +
</gallery>

Latest revision as of 15:10, 11 November 2020

Application Security Weekly Episode #129 - November 09, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. China's Top Hacking Contest, GitHub Actions, & Vulnonym - 12:30 PM-01:00 PM


Announcements

  • Would you like to have all of your favorite Security Weekly content at your fingertips? Do you want to hear from Sam & Andrea when we have upcoming webcasts & technical trainings? Have a question for one of our illustrious hosts, someone from the Security Weekly team, or wish you could “hang” out with the Security Weekly crew & community? Subscribe on your favorite podcast catcher, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe

  • In our upcoming webcasts & technical trainings, you will learn why you should stop trying to discover & classify data, how to thwart attackers using deception & how to build a risk-based vulnerability management program! Visit https://securityweekly.com/webcasts to see what we have coming up, or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

China's top hacking contest turns months of effort into 15 minutes of exploits, an injection flaw in GitHub Actions, understanding post-compromise activity in exploits targeting Solaris and VoIP, security and quality challenges in integrating software from multiple vendors, and CVE naming turns into wibbly wobbly timey wimey stuff!


Hosts

John Kinsella's Content:

Articles

Matt Alderman's Content:

Articles

Mike Shema's Content:

Articles


2. Security Is a Feature - 01:00 PM-01:30 PM


Announcements

  • Join Amit Bareket, Co-founder & CEO of Perimeter 81 & Paul Asadoorian for a technical deep-dive into the problems inherent in legacy VPN technology. Together they will explore solutions for the modern workforce & how momentum toward perimeter-less architecture is helping redefine the future of cybersecurity. Register Now by visiting https://securityweekly.com/perimeter81

  • Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. This 1 day virtual event wraps up with the 15th anniversary edition of Paul’s Security Weekly live on Youtube! Visit https://securityweekly.com/unlocked to view the agenda and register for free!

Description

What does it take to manage security teams and security initiatives? Find out the importance of people in security, whether it's keeping a team engaged or encouraging a team to rethink how they approach security.


Keith's appearance on PSW #564: https://youtu.be/9r0-Sga2bEg

PSW #564 Show Notes: https://wiki.securityweekly.com/Episode564


Guest(s)

Keith Hoodlet

Keith Hoodlet is the Senior Manager of Application Experience within Corporate Information Security at Thermo Fisher Scientific - a global enterprise seeking to make the world healthier, cleaner, and safer. Named as one of the world's 50 Influential DevSecOps Professionals), Keith has worked on projects such as the Application Security Weekly podcast (episodes 0 - 55), as well as the renewed InfoSec Mentors Project where he acts as Founder and CTO; Keith is also known for his work as an ethical hacker and Top 200 security researcher / MVP on the Bugcrowd platform.


Hosts