Application Security Weekly (Audio)
Technology
Farshad Abasi joins us again to talk about creating a new OWASP project, the Secure Pipeline Verification Standard. (Bonus points for not being a top ten list!) We talk about what it takes to pitch a new project and the problems that this new project is trying to solve. For this kind of project to be successful -- as in making a positive impact to how software is built -- it's important to not only identify the right audience, but craft guidance in a way that's understandable and achievable for that audience. This is also a chance to learn more about a project in its early days and the opportunities for participating in its development!
Segment resources
PrintListener recreates fingerprints, iMessage updates key handling for a PQ3 rating, Silent Sabotage shows supply chain subterfuge against AI models, 2023 Rust survey results, the ways genAI might help developers, and more!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-274
Node.js Secure Coding - Oliver Tavakoli, Chris Thomas, Liran Tal - ASW #286
Inside the OWASP Top 10 for LLM Applications - Sandy Dunn, Mike Fey, Josh Lemos - ASW #285
AI & Hype & Security (Oh My!) & Hacking AI Bias - Caleb Sima, Keith Hoodlet - ASW #284
Why Companies Continue to Struggle with Supply Chain Security - Melinda Marks - ASW #283
Sustainable Funding of Open Source Tools - Mark Curphey, Simon Bennetts - ASW #282
Demystifying Security Engineering Career Tracks - Karan Dwivedi - ASW #281
Lessons That The XZ Utils Backdoor Spells Out - Farshad Abasi - ASW #280
Infosec Myths, Mistakes, and Misconceptions - Adrian Sanabria - ASW #279
Successful Security Needs a Streamlined UX - Benedek Gagyi - ASW #278
Figuring Out Where Appsec Fits When Starting a Cybersecurity Program - Tyler VonMoll - ASW #277
More API Calls, More Problems: The State of API Security in 2024 - Lebin Cheng - ASW #276
The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275
Redefining Threat Modeling - Security Team Goes on Vacation - Jeevan Singh - ASW Vault
Creating Code Security Through Better Visibility - Christien Rioux - ASW #273
Starting an OWASP Project (That's Not a List!) - Grant Ongers - ASW #272
Getting Your First Conference Presentation - Sarah Harvey - ASW #271
Dealing with the Burden of Bad Bots - Sandy Carielli - ASW #270
Communicating Technical Topics Without Being Boring - Eve Maler - ASW #269
What's in Store for 2024? - ASW #268
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
A Prairie Home Companion: News from Lake Wobegon