Info

Paul's Security Weekly TV

Security news, interviews, how-to technical segments. For security professionals by security professionals. We Hack Naked.
RSS Feed Subscribe in Apple Podcasts
Paul's Security Weekly TV
2018
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: Category: application security weekly
Sep 20, 2018

Alpine Linux hit with bug that can lead to Poisoned Containers, data breaches affect stock performance in the long run, Bluebox-ng, a Node.js VoIP pentesting framework, and CommitStrip: It's Not an App!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode32 Follow us on Twitter: https://www.twitter.com/securityweekly

Sep 19, 2018

Keith Hoodlet and Paul Asadoorian interview April Wright. They discuss people connected by apps, workplace reward systems, and the importance of building/practicing the process before documenting it. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode32 Follow us on Twitter: https://www.twitter.com/securityweekly

Sep 13, 2018

U.S. Government releases post-mortem on Equifax, MacOS security baseline script by Jerry Gamblin, Equifax mega-breach and nothing has changed, Docker hacking challenge, and Bug Bounties and mental health.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode31 Follow us on Twitter: https://www.twitter.com/securityweekly

Sep 12, 2018

Zane Lackey is the Founder/Chief Security Officer at Signal Sciences. Zane Lackey explains how we the security industry needs to shift left when it comes to applications and patching.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode31 Follow us on Twitter: https://www.twitter.com/securityweekly

Aug 30, 2018

In the Application security news, 'Fortnite' developer had sharp words for Google after an Exploit was discovered, PHP flaw puts WordPress sites at risk, Oracle will charge for Java starting in 2019, how Netflix does Failovers in 7 minutes flat, hacking Black Hat, Burp Suite 2.0 Beta released, Windows 95 running in Electron, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode30 Follow us on Twitter: https://www.twitter.com/securityweekly

Aug 29, 2018

Keith Hoodlet and Paul Asadoorian talk about The Apache Struts2 RCE Vulnerability. They cover:

- CVE-2018-11776

- How the 3 Ways of DevOps can guide us toward better security practices

- Shared Version Control

- Test Environments

- Shared Ticketing

- ChatOps

- Buying

Time Full Show Notes: https://wiki.securityweekly.com/ASW_Episode30

Follow us on Twitter: https://www.twitter.com/securityweekly

Aug 23, 2018

Matt Alderman and Paul sat down at DEF CON to talk all of the AppSec vendors that they held briefings with at our Pool Cabana. They sat down with companies like Synopsis, Signal Sciences, and discussed how their products influence the AppSec world.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode29 Follow us on Twitter: https://www.twitter.com/securityweekly

Aug 22, 2018

Tom is the founder of ServerlessOps (https://www.serverlessops.io/) and an experienced operations engineer. He started ServerlessOps after he asked the question, what would he do if servers went away? At a loss for an answer and interested in the future of his profession, he decided to pursue the answer. Tom is actively engaged in promoting serverless infrastructure and engaging with the community to learn more about their thoughts, wants, and concerns are around the topic.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode29 Follow us on Twitter: https://www.twitter.com/securityweekly

Aug 15, 2018

After arriving back from Black Hat and DEF CON 2018, Doug joins Keith to share some of his stories about attending the world famous security conferences. They discuss, secure coding practices.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode28

Follow us on Twitter: https://www.twitter.com/securityweekly

Aug 14, 2018

Alibaba Cloud Security team discovers Apache spark rest API remote code execution exploit, Comcast security flaws exposed partial address, Hacker finds hidden 'God Mode' in old x86 CPUs, and more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode28

Follow us on Twitter: https://www.twitter.com/securityweekly

Aug 9, 2018

Hardware-based Root of Trust, Small Trusted Computing Base, React v16.4.2, GitHub shows best practices for account security and recoverability, and the cost of JavaScript, and Food for Thought!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode27

Follow us on Twitter: https://www.twitter.com/securityweekly

Aug 8, 2018

Galen founded and lead the team building the Azure Sphere, announced at RSA Conference 2018. Our goal is to make IoT safe for society. Azure Sphere provides an end-to-end solution that enables any device manufacturer to create highly-secured devices; devices possessing all 7 Properties of Highly-Secured Devices.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode27

Follow us on Twitter: https://www.twitter.com/securityweekly

Aug 2, 2018

New Spectre attack can remotely steal secrets, Microsoft discovers supply chain attack at unnamed maker of PDF Software, XSS filter in edge, OWASP iGoat is a vulnerable swift application for iOS, and much more!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode26 Follow us on Twitter: https://www.twitter.com/securityweekly

Aug 1, 2018

Jessica Rozhin is currently a Security Engineer at an Oakland Financial Tech startup called Marqeta. This is her first role in the security space, but she is no stranger to technical operations and incident response. Before Marqeta she spent several years working the the Network Operations Center at Box, focused on preventing, responding to and resolving large scale customer impacting site incidents.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode26 Follow us on Twitter: https://www.twitter.com/securityweekly

Jul 26, 2018

As a Global Corporate Solutions Engineer, Joe Garcia has a strong background in DevOps, Cloud and Security and is currently focused on helping customers implement and scale effective secrets management solutions. He was previously a Solutions Architect with the CyberArk Customer Success team for the West and Southeast regions.

Full Show Note: https://wiki.securityweekly.com/ASW_Episode25 Follow us on Twitter: https://www.twitter.com/securityweekly

Jul 25, 2018

Venmo caught publishing all transactions publicly, Oracle releases critical patches, Microsoft releases PowerShell Core for Linux, Health insurers are vacuuming up details about you, changing your screen to Grayscale can help fight phone addiction, when to 'purchase' a solution to your cybersecurity problem, & more on this episode of Application Security Weekly!

Full Show Note: https://wiki.securityweekly.com/ASW_Episode25

Follow us on Twitter: https://www.twitter.com/securityweekly

Jul 18, 2018

In the news, compromised JavaScript package caught stealing npm credentials, remote iOS bugs, a $39 device that can defeat iOS USB Restricted mode, Broadcom buys CA Technologies, Burp Suite Automation Tool, & more on this episode of Application Security Weekly!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode24 Follow us on Twitter: https://www.twitter.com/securityweekly

Jul 12, 2018

One of the hardest problems that Application Security practitioners need to solve is the problem of visibility. Not only do they need to uncover all of the different projects under development - they also need to worry about what libraries and frameworks those projects are using.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode23 Follow us on Twitter: https://www.twitter.com/securityweekly

Jul 11, 2018

In the news, Google patches critical remote code execution bugs in Android OS, A new data breach may have exposed personal information of almost every American adult, Facebook acknowledges it shared user data with 61 companies, social media apps are 'deliberately' addictive to users, & more on this episode of Application Security Weekly!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode23 Follow us on Twitter: https://www.twitter.com/securityweekly

Jul 5, 2018

'GDPR-Lite', Testing Firefox, refactoring in VS Code, sniff network traffic from our iOS device, Gentoo GitHub organization is hacked, and what does it mean to experience fulfillment? All that and more, here on Application Security Weekly!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode22 Follow us on Twitter: https://www.twitter.com/securityweekly

Jun 28, 2018

Apple comments on erroneous reports of iPhone brute force passcode hack, XSS, in Google Colaboratory + CSP bypass, how to deploy to Azure with Docker & VS Code, and debugging JavaScript in Google Chrome and Visual Studio Code.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode21 Follow us on Twitter: https://www.twitter.com/securityweekly

Jun 27, 2018

Dan Kuykendall is the Senior Director of Application Security Products at Rapid7 where he directs the strategic vision, research and product development for the company’s application security solutions.

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode21 Follow us on Twitter: https://www.twitter.com/securityweekly

Jun 21, 2018

In the news, Microsoft Windows remote kernel crash vulnerability, another flaw hits Tapplock smart locks, cops aren't confident iPhone hackers found a workaround to Apple's new security feature Spain's La Giga app caught using fans' phone mics and GPS to detect illegal Futebol broadcasts, & more on this episode of Application Security Weekly!Full Show Notes: https://wiki.securityweekly.com/ASW_Episode20 Follow us on Twitter: https://www.twitter.comsecurityweekly

Jun 20, 2018

Ron started his cybersecurity career as a network penetration tester for the NSA. at BBN, he developed network honeypots to lure hackers and he ran US Internetworking's team of penetration testers and incident responders.Full Show Notes: https://wiki.securityweekly.com/ASW_Episode20 Follow us on Twitter: https://www.twitter.comsecurityweekly

1 2 3 Next »