allfeeds.ai

 

Application Security Weekly (Audio)  

Application Security Weekly (Audio)

Author: Security Weekly Productions

About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
Be a guest on this podcast

Language: en

Genres: News, Tech News, Technology

Contact email: Get it

Feed URL: Get it

iTunes ID: Get it


Get all podcast data

Listen Now...

Applying Usability and Transparency to Security - Hannah Sutor - ASW #311
Monday, 16 December, 2024

Practices around identity and managing credentials have improved greatly since the days of infosec mandating 90-day password rotations. But those improvements didn't arise from a narrow security view. Hannah Sutor talks about the importance of balancing security with usability, the importance of engaging with users when determining defaults, and setting an example for transparency in security disclosures. Segment resources https://youtu.be/ydg95R2QKwM Curl's oldest bug yet, RCPs (and more!) from AWS re:Invent, possible controls for NPM's malware proliferation, insights and next steps on protecting top 500 packages from the Census III report, the flawed design choice that made Microsoft's OTP (successfully) brute-forceable, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! 00:00 Welcome to Application Security Weekly! 01:49 Meet the Experts 03:28 What Are Non-Human Identities? 06:17 Balancing Security & Usability 08:24 MFA Challenges & Admin Security 12:09 Navigating Breaking Changes 16:05 Security by Design in Action 18:42 Identity Management for Startups 20:18 Secure by Design: Real Impact 24:03 Transparency After a Critical Vulnerability 31:39 Looking Ahead to 2025 32:45 Application Security in Three Words 34:10 - Intro & Cyber Resilience Insights 35:30 - The 25-Year-Old Curl Bug Story 38:27 - Fuzzing for Security: A Missed Opportunity? 42:56 - AWS re:Invent Security Highlights 46:04 - NPM Malware Surge 50:43 - Small Packages, Big Risks in NPM 54:05 - Open Source Security Trends 58:37 - Microsoft MFA Vulnerability Explained 62:38 - Hardware Hacking & DMA Exploits 65:05 - Auditing Ruby’s Package Ecosystem 68:12 - Looking Ahead to 2025 Show Notes: https://securityweekly.com/asw-311

 

We also recommend:


Cari Jansen's Digitips
Cari Jansen

XBRL Channel: Learn about XBRL
Charles Hoffman, CPA

Department of Engineering Science Centenary Lectures
Oxford University

TMT Broadcasting
TMT Broadcasting

Science Series


Disgusting Men


Ilia Guevara

What Drives Us
Russell Frost & Tony Schaefer

Mediepodden
Emanuel Karlsten & Olle Lidbom

WERKIN with
Hayley Sudbury

Vibe
Pretty Tech

eDucando Geek Anchor
eDucando Geek Anchor