Application Security Weekly (Audio)
Technology
Farshad Abasi joins us again to talk about creating a new OWASP project, the Secure Pipeline Verification Standard. (Bonus points for not being a top ten list!) We talk about what it takes to pitch a new project and the problems that this new project is trying to solve. For this kind of project to be successful -- as in making a positive impact to how software is built -- it's important to not only identify the right audience, but craft guidance in a way that's understandable and achievable for that audience. This is also a chance to learn more about a project in its early days and the opportunities for participating in its development!
Segment resources
PrintListener recreates fingerprints, iMessage updates key handling for a PQ3 rating, Silent Sabotage shows supply chain subterfuge against AI models, 2023 Rust survey results, the ways genAI might help developers, and more!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-274
Building a Scanner and a Community with Zed Attack Proxy - Simon Bennetts - ASW #254
Broadening What We Call AppSec - Christien Rioux - ASW Vault
How Can Security Be Smart About Using AI? - Jeff Pollard - ASW #253
Security in a Cloud Native World & Mobile App Attacks - ASW #252
Pointers and Perils for Presentations - Josh Goldberg - ASW #251
You've Got Appsec, But Do You Have ArchSec? - Merritt Baer - ASW #250
Identity and Verifiable Credentials in Cars - Eve Maler - ASW #249
Navigating the Complexities of Development to Create Secure APIs - Kristen Bell - ASW #248
Securing Non-Election Election Systems, Modernizing AppSec Education - Brian Glas - ASW #247
Software Trust & Adversaries, Developer-Focused Security - Shannon Lietz, Melinda Marks - ASW #246
The Psychology of Training - Matias Madou - ASW Vault
Latest Web Vulnerability Trends & Best Practices - Patrick Vandenberg - ASW #245
Policy Momentum in Coordinated Vulnerability Disclosure - Amit Elazari - ASW Vault
Enhancing Security: App Modernization, Identity Orchestration, & Big IAM Challenge - Eric Olden - ASW #244
What's the Deal with API Security? - Sandy Carielli - ASW #243
Doing Application Security Right – Farshad Abasi – ASW VAULT
Ten Things I Hate About Lists - ASW #242
Securing the App Lifecycle: Strategies for Long-Term Software Security and Mitigating the Threat of Malicious Packages - ASW #241
From Security Theater to Resilience: Unveiling New Approaches to Application Security - ASW #240
Navigating the Complexities of Application Security: Vulnerability Management, Risk Mitigation, and Business Logic Attacks - ASW #239
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast