John Melton joins to discuss the #OWASP AppSensor project. He talks about how AppSensor works and how it can be used in your application.
You can find John on Twitter @_jtmelton
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Android | Email | Google Play | Stitcher | TuneIn | RSS | More
David Habusha joins on this weeks episode to discuss the OWASP Top 10 A9: Using components with known vulnerabilities.
He also dives into the Software Composition Analysis (SCA) market.
You can find David on Twitter @davidhabusha
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Android | Email | Google Play | Stitcher | TuneIn | RSS | More
Steve Springett joins the show to talk Dependency Check and Dependency Track. He also discusses how they can be used to help prevent you from using components with known vulnerabilities.
You can find Steve on Twitter @stevespringett
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Android | Email | Google Play | Stitcher | TuneIn | RSS | More
Steven Wierckx joins Robert and Chris this week to talk about the #OWASP Threat Modeling project that he’s involved in.
You can find Steven on Twitter @ihackforfun
https://open-security-summit.org/
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Android | Email | Google Play | Stitcher | TuneIn | RSS | More
Jim Manico joins on this weeks episode to discuss some of the changes with the OWASP Cheat Sheets and the plans they have for the future of that project. Jim also talks about how they are looking for experts in the field to create or update some of the Cheat Sheets.
You can find Jim on Twitter @manicode
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Android | Email | Google Play | Stitcher | TuneIn | RSS | More
Neil Smithline joins this week to discuss one one of the new items on the OWASP Top 10 List, Insufficient Logging and Monitoring.
Links:
OWASP Proactive Controls: Intrusion Detection
You can find Neil on Twitter @neilsmithine
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Android | Email | Google Play | Stitcher | TuneIn | RSS | More
Jim Routh joins the podcast to discuss selling #AppSec up the chain. Jim has built 5 successful software security programs in his career and serves as a CISO now. Jim shares his real-world experience with how to successfully sell #AppSec to senior management (as well as many other pieces of wisdom for running an AppSec program).
You can find Jim on Twitter @jmrouth01
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Android | Email | Google Play | Stitcher | TuneIn | RSS | More
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Android | Email | Google Play | Stitcher | TuneIn | RSS | More
Magen Wu works through the topic of burnouts and mental health in the world of security. She gives some examples on how to handle this and how to recognize if people around you are burning out.
You can find her on Twitter @infosec_tottie
Additional information on this topic:
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Android | Email | Google Play | Stitcher | TuneIn | RSS | More
Katy Anton joins this week to discuss number four on the OWASP Top 10. She dives into what XXE is, how to deal with it, and some of the other new items on the OWASP Top 10 2017.
You can find Katy on Twitter @KatyAnton
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Android | Email | Google Play | Stitcher | TuneIn | RSS | More