Application Security Weekly Episode #135 – January 04, 2021
Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe
1. Security By Design – 12:30 PM-01:00 PM
Announcements
-
Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!
-
Learn how to conquer cloud complexity in our first Security Weekly webcast of 2021 on January 28th @ 11am ET! Register at https://securityweekly.com/webcasts. If you missed any of our 2020 webcasts or technical trainings, they are available at https://securityweekly.com/ondemand
Description
A premise of adding security to DevOps is we can “shift left” AppSec responsibilities, one of which is building apps so they’re secure by design. Yet what resources does the AppSec community provide for this approach to design? We take a look at the OWASP Top 10, Web Security Testing Guide, and Application Security Verification Standard to find a way forward for DevOps teams.
Hosts
John Kinsella – Chief Architect at Accurics |
Mike Shema – Product Security Lead at Square |
2. Kubernetes Clusters, Microsoft Solarigate, & Apple’s Security DIY – 01:00 PM-01:30 PM
Announcements
-
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
-
If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!
Description
Microsoft purges malicious SolarWinds presence and highlights a threat model around their source code, the tl;drsec crew provides a hardening guide for Kubernetes, Apples provides a user guide for hardening accounts, Firefox provides a new storage system to defeat side channel abuse.
Hosts
John Kinsella – |
Mike Shema –
|