Jun 29, 2021
This week in the AppSec News: Visual Studio Code's Workplace Trust, Injured Android an insecure mobile app, Microsoft accidentally signed driver with rootkits, The NSA funds a new sister Matrix to ATT&CK: D3FEND, & "Ransomware: maybe it's you, not them?", and more!
Visit https://www.securityweekly.com/asw for all the...
Jun 28, 2021
In this segment with Clint Gibler, learn:
* Why secure defaults are higher ROI than finding vulnerabilities
* How modern AppSec teams are working with their engineering counterparts
* Targeting vulnerability classes, avoiding bug whack-a-mole
* The latest innovations in lightweight static analysis
Segment Resources:
Jun 22, 2021
This week in the AppSec Weekly News John and Mike discuss: SLSA framework for supply chain integrity, Wi-Fi network of doom for iPhones, seven-year old systemd privesc, $30K for an API call, Codecov refactors from Bash, using the AST to refactor Python, shifting left and right, and more!
Visit
Jun 21, 2021
What are some of the DAST scanners challenges, like coverage of modern apps, point & shoot, scan time, partial scans, or scanning at scale? What do developers look for in a DAST scanner?
This segment is sponsored by Probely. Visit https://securityweekly.com/probely to learn more about them!
Visit
Jun 15, 2021
This week in the AppSec News, Mike and John talk: ALPACA surveys protocol confusion, lessons from the EA breach, forgotten lessons about sprintf, Go fuzzing goes beta, security lessons from Kubernetes Goat, basic lessons for OT from CISA, & more!
Visit https://www.securityweekly.com/asw for all the latest...