Threat Modeling Archives - Security Weekly

ChaosDB, OpenSSL String Bugs, Revealing Locations, & More Top 15 Vulns – ASW #164

This week in the Application Security News, Mike and John talk: Flaws in Azure’s CosmosDB, OpenSSL vulns in string handling, dating app location security, cloud…

A DevOps Perspective on Risk Tolerance & Risk Transfer – Caroline Wong – ASW #164

In the segment Mike and Caroline will discuss Risk Tolerance and Risk Transfer. They’ll touch on the following: risk ranking, risk transfer in supply chain,…

Categories: 3rd Party Risk Application Security Application Security Weekly Careers DevOps Interview Threat Modeling

Deciduous / Decision trees + Security Chaos Engineering – Kelly Shortridge – ESW #240

Deciduous is an app Kelly built with Ryan Petrich that simplifies the process of creating security decision trees. Security decision trees are valuable aids in…

Categories: Enterprise Security Weekly Interview Security Operations Threat Modeling

Securing Modern Web Apps: Development Techniques are Changing – Tom Hudson – ASW #161

Sponsored By Visit https://securityweekly.com/detectify for more information! The use of web apps, SPAs, and APIs are growing steadily and traditional scanning methods don’t provide enough…

Categories: Application Security Application Security Weekly DevOps Interview Threat Modeling Vulnerability Management

PurpleSharp: Automated Adversary Simulation – Mauricio Velazco – BH21 #2

Defending enterprise networks against attackers continues to present a difficult challenge for blue teams. Prevention has fallen short; improving detection & response capabilities has proven…

Categories: Active Directory Attack Simulation BH2021 Blue Team Interview Penetration Testing Threat Modeling Vulnerability Management

OT Security for Critical Infrastructure and Why It Is Not “Intuitive” – Edward Liebig – BSW #226

The IT and operational technologies of critical infrastructure are under attack. The “general expectation” from the public and lawmakers is “fix it already” but we…

Categories: Business Security Weekly Interview Remote Access Threat Modeling

PunkSpider, Bug Bounties, RCE in PyPI, Kernel Pwning With eBPF, & Top Vulns From CISA – ASW #160

This week in the AppSec News: PunkSpider coming to DEF CON, Google matures its VRP, $50K bounty for an access token, RCE in PyPI, kernel…

Categories: Application Security Application Security Weekly Bug Bounties DevOps News Security Research Threat Modeling

Platform Firmware Security – Magggie Jauregui – ASW #160

Firmware security is complex and continues to be an industry challenge. In this podcast we’ll talk about the reasons firmware security remains a challenge and…

Categories: Application Security Application Security Weekly DevOps Hardware Security Interview IoT Threat Modeling

CISO Roundtable: Ransomware Attacks and the True Cost to Business – CSP #28

Sponsored By Visit https://www.cybereason.com/cisostories for more information! A recent global research report conducted by Cybereason, titled “Ransomware: The True Cost to Business”,…

Categories: Application Security Backup and Recovery Encryption Endpoint Security Exploit Prevention Incident Response Intrusion Detection Podcast Security Operations The CISO Stories Podcast Threat Modeling Topic Vulnerability Management

CWE Top 25, Bugs in Inconstancies, Sequoia Vuln, Twitter Transparency, & Cloud Risks – ASW #159

This week in the AppSec News: CWE releases the top 25 vulns for 2021, findings bugs in similar code, Sequoia vuln in the Linux kernel,…

Categories: Application Security Application Security Weekly Cloud Security DevOps News Security Research Threat Modeling

Filter By: