Difference between revisions of "Asw129"
| Line 72: | Line 72: | ||
=== Description === | === Description === | ||
| − | + | What does it take to manage security teams and security initiatives? Find out the importance of people in security, whether it's keeping a team engaged or encouraging a team to rethink how they approach security. | |
Revision as of 20:23, 8 November 2020
Contents
Application Security Weekly Episode #129 - November 09, 2020
Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe
1. Application News - 12:30 PM-01:00 PM
Announcements
-
Would you like to have all of your favorite Security Weekly content at your fingertips? Do you want to hear from Sam & Andrea when we have upcoming webcasts & technical trainings? Have a question for one of our illustrious hosts, someone from the Security Weekly team, or wish you could “hang” out with the Security Weekly crew & community? Subscribe on your favorite podcast catcher, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe
-
In our upcoming webcasts & technical trainings, you will learn why you should stop trying to discover & classify data, how to thwart attackers using deception & how to build a risk-based vulnerability management program! Visit https://securityweekly.com/webcasts to see what we have coming up, or visit securityweekly.com/ondemand to view our previously recorded webcasts!
Description
Segment Description Coming Soon!
Hosts
John Kinsella's Content:
Articles
Matt Alderman's Content:
Articles
- Bug Bounty Hunters' Pro Tips on Chasing Vulns & Money
- Containers for Data Analysis Are Rife With Vulnerabilities
Mike Shema's Content:
Articles
- Windows 10, iOS, Chrome, and many others fall at China's top hacking contest, which means a another steep climb for prompt patching.
- Google Project Zero to GitHub: You've had 104 days to sort out injection vuln – now we're telling world-plus-dog reveals the Project Zero report on GitHub actions that sheds more light on why GitHub is deprecating set-env and add-path commands and why you should pay attention to Security hardening for GitHub Actions
- Live off the Land? How About Bringing Your Own Island? An Overview of UNC1945 provides a chance to talk with DevOps teams about hardening systems and improving detections for post-compromise activities.
- INJ3CTOR3 Operation – Leveraging Asterisk Servers for Monetization also provides a chance to talk with DevOps teams about subtleties of PHP security and understanding post-compromise activities.
- NASA’s new rocket would be the most powerful ever. But it’s the software that has some officials worried. And while the consequence of failure are far more consequential, the challenges are far more familiar. Even the minutes of the meeting feel grounded in security and DevOps discussions.
- Vulnonym: Stop the Naming Madness! seems to misdiagnose the problem by making vuln names more maddening to memorize. Maybe more meaningful methods might make messaging more memorable.
2. Keith Hoodlet - 01:00 PM-01:30 PM
Announcements
-
Join Amit Bareket, Co-founder & CEO of Perimeter 81 & Paul Asadoorian for a technical deep-dive into the problems inherent in legacy VPN technology. Together they will explore solutions for the modern workforce & how momentum toward perimeter-less architecture is helping redefine the future of cybersecurity. Register Now by visiting https://securityweekly.com/perimeter81
-
Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. This 1 day virtual event wraps up with the 15th anniversary edition of Paul’s Security Weekly live on Youtube! Visit https://securityweekly.com/unlocked to view the agenda and register for free!
Description
What does it take to manage security teams and security initiatives? Find out the importance of people in security, whether it's keeping a team engaged or encouraging a team to rethink how they approach security.
Keith's appearance on PSW #564: https://youtu.be/9r0-Sga2bEg
PSW #564 Show Notes: https://wiki.securityweekly.com/Episode564
Guest(s)
Keith Hoodlet
Keith Hoodlet is Senior Manager, Application Experience at Thermo Fisher Scientific
Keith Hoodlet is the Senior Manager of Application Experience within Corporate Information Security at Thermo Fisher Scientific - a global enterprise seeking to make the world healthier, cleaner, and safer. Named as one of the world's 50 Influential DevSecOps Professionals), Keith has worked on projects such as the Application Security Weekly podcast (episodes 0 - 55), as well as the renewed InfoSec Mentors Project where he acts as Founder and CTO; Keith is also known for his work as an ethical hacker and Top 200 security researcher / MVP on the Bugcrowd platform.
Hosts
John Kinsella - Vice President of Container Security at Qualys 
Mike Shema - Product Security Lead at Square
