Proactive Controls, AppSec USA, and Gartners MQ on AppSec Testing (S02E10)

Proactive Controls, AppSec USA, and Gartners MQ on AppSec Testing (S02E10)

Robert and I try a new format talking about a few topics per episode. We talk about changes with the Proactive Controls, AppSecUSA, and the Gartner Magic Quadrant for Application Security Testing.

We mentioned the link to OWASP Proactive Controls to review the draft and suggest updates.

Blackhat Security Conference (S02E09)

Blackhat Security Conference (S02E09)

On this episode of the AppSec Podcast.

We talk with Robert about his experiences at the Blackhat Security Conference.

He’s going to explain some of the AppSec focused parts of the conference, and more about the Alec Stamos Keynote.

Rate us on iTunes and provide a positive comment, please!

The OWASP Top 10 Proactive Controls (S02E08)

The OWASP Top 10 Proactive Controls (S02E08)

It’s time for another episode of The Application Security Podcast.

On this episode, Dave Ferguson talks with Chris about the OWASP Top 10 Proactive Controls.

Rate us on iTunes and provide a positive comment, please!

The OWASP Threat Dragon (S02E06)

The OWASP Threat Dragon (S02E06)

Welcome back to the Application Security Podcast!
On this episode, we speak with Mike Goodwin, the founder of the OWASP Threat Dragon.

We dive into what the threat dragon is and how it can work for you

You can find the tool here: https://github.com/mike-goodwin/owasp-threat-dragon

Rate us on iTunes and provide a positive comment, please!

I Just Like Static Analysis. Static Analysis is My Favorite (S02E05)

I Just Like Static Analysis. Static Analysis is My Favorite (S02E05)

We’re back with another episode of The Application Security Podcast.

This time, we talk to Mark Willis about the many facets of static analysis and how it affects the dev ops world.

Rate us on iTunes and leave a positive comment, please!

Continuous Integration in .NET(S02E04)

Continuous Integration in .NET(S02E04)

Hello all,

Welcome back to season two of the Application Security Podcast. On this weeks episode, we talk to Eric Johnson about static analysis, pen testing, continuous integration and much more.

Thanks for listening!

 

Rate us on iTunes and provide a positive comment, please!

The Technical Debt Ceiling (S02E03)

The Technical Debt Ceiling (S02E03)

Our topic today is technical debt and how security plays into it. Chris was at Converge Conference 2017  in Detroit, Michigan (for which he says is the best security conference around), and continued the AppSec PodCast series of hallway conversations. Chris is joined by Matt Clapham. This is Matt’s second time on the podcast.

Rate us on iTunes and provide a positive comment, please!

Controversy within the OWASP Top 10 RC (S02E02)

Controversy within the OWASP Top 10 RC (S02E02)

On this episode of the application security podcast, Robert and I jump over a wall. Just kidding. This isn’t Top Gear.

This is our second episode of season two of the #AppSec PodCast. Robert and I talk about the OWASP Top 10 2017 release candidate. We walk through what is the OWASP Top 10, and what is some of the controversy that surrounds the changes made for this year.

Rate us on iTunes and provide a positive comment, please!

Security in the Design and Architecture (S02E01)

Security in the Design and Architecture (S02E01)

Welcome to the second season of the #AppSec PodCast. Robert and I are back at it, interviewing experts from across the world of application security. This episode is an interview Robert and I did with Brook Schoenfield (@BrkSchoenfield) during the RSA Conference 2017.

Brook S.E. Schoenfield is a Distinguished Engineer at Intel Security Group. At Intel Security (includes the former McAfee), Mr. Schoenfield is the senior technical leader for delivering software products that protect themselves and Intel Security’s customers. He has been a security architecture leader at global technology companies for over 15 years of his 30+ years in high tech. He is a founding member of IEEE’s Center For Secure Design.

We discuss secure design, architecture, and threat modeling. Brook has been an advocate for security across the industry for many years, and has a knack for explaining complex things in an uncomplicated way. What a pleasure to speak with him!

Rate us on iTunes and provide a positive comment, please!