OMIGOD, FORCEDENTRY, Code Ownership, Security as a Product, & IoT Device Criteria - ASW #166 | Security Weekly Podcast Network (Video) Podcast

OMIGOD, FORCEDENTRY, Code Ownership, Security as a Product, & IoT Device Criteria - ASW #166: This week in the AppSec News, Mike and John talk: RCE in Azure OMI, punching a hole in iMessage BlastDoor, Travis CI exposes sensitive environment variables, keeping code ownership accurate, deploying security as a product, IoT Device Criteria (aka... by Application Security Weekly (Video)

32 min listen

ChaosDB, OpenSSL String Bugs, Revealing Locations, & More Top 15 Vulns - ASW #164: This week in the Application Security News, Mike and John talk: Flaws in Azure's CosmosDB, OpenSSL vulns in string handling, dating app location security, cloud security orienteering, detailed S3 threat model, & more! Show Notes: Visit ... by Application Security Weekly (Video)

35 min listen

ChaosDB, OpenSSL String Bugs, Revealing Locations, & More Top 15 Vulns - ASW #164: This week in the Application Security News, Mike and John talk: Flaws in Azure's CosmosDB, OpenSSL vulns in string handling, dating app location security, cloud security orienteering, detailed S3 threat model, & more! Show Notes: Visit ... by Security Weekly Podcast Network (Video)

35 min listen

OWASP Top 10, CISA Bad Practices, Azurescape, Confluence RCE, & API Security Tokens - ASW #165: This week in the AppSec News, Mike and John talk: OWASP Top 10 draft for 2021, bad practices noted by CISA, Azurescape cross-account takeover, Confluence RCE, WhatsApp image handling, API security tokens survey, & more! Visit for all the... by Security Weekly Podcast Network (Video)

37 min listen

OWASP Top 10, CISA Bad Practices, Azurescape, Confluence RCE, & API Security Tokens - ASW #165: This week in the AppSec News, Mike and John talk: OWASP Top 10 draft for 2021, bad practices noted by CISA, Azurescape cross-account takeover, Confluence RCE, WhatsApp image handling, API security tokens survey, & more! Visit for all the... by Application Security Weekly (Video)

37 min listen

Don't Hate the Player, Hate the Game - ASW #166: This week, we welcome Jeff Williams, Co-Founder and Chief Technology Officer at Contrast Security, to discuss Transforming Modern Software Development with Developer-first Application Security! Modern software development demands a different approach... by Security Weekly Podcast Network (Audio)

70 min listen

Dependency Confusion, Suspender Falls, Web Shells, & AppSec Scale - ASW #140: This week on the Application Security News, Dependency confusion for internal packages, Chrome pulls down the Great Suspender, Microsoft highlights web shells, some strategies on scaling AppSec, & more! Visit for all the latest episodes!... by Application Security Weekly (Video)

34 min listen

Dependency Confusion, Suspender Falls, Web Shells, & AppSec Scale - ASW #140: This week on the Application Security News, Dependency confusion for internal packages, Chrome pulls down the Great Suspender, Microsoft highlights web shells, some strategies on scaling AppSec, & more! Visit for all the latest episodes!... by Security Weekly Podcast Network (Video)

34 min listen

IIS Bug, Browsers & Androids & Supply Chains Oh My! - ASW #152: This week in the AppSec News segment, Mike and John talk: HTTP bug bothers IIS, Android platform security, supply chain security (new and old), brief (very brief) history of browser security, & more! Visit for all the latest episodes! Show Notes: by Security Weekly Podcast Network (Video)

32 min listen

IIS Bug, Browsers & Androids & Supply Chains Oh My! - ASW #152: This week in the AppSec News segment, Mike and John talk: HTTP bug bothers IIS, Android platform security, supply chain security (new and old), brief (very brief) history of browser security, & more! Visit for all the latest episodes! Show... by Application Security Weekly (Video)

32 min listen

Discourse RCE, Trojan Source, WhatsApp Security, & Privacy Engineering - ASW #172: This week in the AppSec News, Mike & John talk: Discourse SNS webhook RCE, a checklist for a Minimum Viable Secure Product, WhatsApp security assessment, privacy engineering specialties, & DevOps presentations! Visit for all the latest... by Security Weekly Podcast Network (Video)

39 min listen

Discourse RCE, Trojan Source, WhatsApp Security, & Privacy Engineering - ASW #172: This week in the AppSec News, Mike & John talk: Discourse SNS webhook RCE, a checklist for a Minimum Viable Secure Product, WhatsApp security assessment, privacy engineering specialties, & DevOps presentations! Visit for all the latest... by Application Security Weekly (Video)

39 min listen

Talking Heads - ASW #150: While the vision for app security is relatively clear, executing on that vision is still somewhat of a work in progress. Fast-moving, interdependent pieces—custom code and open source packages, infrastructure and network configurations, user... by Security Weekly Podcast Network (Audio)

75 min listen

Bug Bounties in Windows/WebKit, Edge Hardening, OAuth Hardening, & GoDaddy Breach - ASW #176: This week in the AppSec News: Bug bounty payout practices, Edge goes super duper secure mode, WebKit CSP flaw has consequences for OAuth, GoDaddy breach, vuln in MediaTek audio DSP, & more! Visit for all the latest episodes! Show Notes: by Security Weekly Podcast Network (Video)

39 min listen

Bug Bounties in Windows/WebKit, Edge Hardening, OAuth Hardening, & GoDaddy Breach - ASW #176: This week in the AppSec News: Bug bounty payout practices, Edge goes super duper secure mode, WebKit CSP flaw has consequences for OAuth, GoDaddy breach, vuln in MediaTek audio DSP, & more! Visit for all the latest episodes! Show Notes: by Application Security Weekly (Video)

39 min listen

Imperva Updates WAAP, SonicWall Confirms 0-Day, & Arista Zero Trust - ESW #215 by Enterprise Security Weekly (Video)

34 min listen

Imperva Updates WAAP, SonicWall Confirms 0-Day, & Arista Zero Trust - ESW #215: This week in the Enterprise News, Mission Secure Announces Series B, Akamai Technologies Acquires Inverse, for Microsoft, Security is a $10 Billion Business, Sontiq acquires Cyberscout, IRONSCALES improves the ability to detect phishing attacks,... by Security Weekly Podcast Network (Video)

34 min listen

Tasty Beverage - ASW #184: Doug Kersten, CISO of Appfire, will discuss how the nature of vulnerabilities today makes it critical for developers to make sure they’re building projects in a secure manner in order to quickly mitigate vulnerabilities – or they risk being left... by Security Weekly Podcast Network (Audio)

81 min listen

Samsung RCE 0-Click, Whispers, & Compromising Pluton - ASW #107: In the Application Security News, Cloud servers hacked via critical SaltStack vulnerabilities, Samsung Confirms Critical Security Issue For Millions: Every Galaxy After 2014 Affected, Mitigating vulnerabilities in endpoint network stacks, Microsoft... by Security Weekly Podcast Network (Video)

34 min listen

Samsung RCE 0-Click, Whispers, & Compromising Pluton - ASW #107: In the Application Security News, Cloud servers hacked via critical SaltStack vulnerabilities, Samsung Confirms Critical Security Issue For Millions: Every Galaxy After 2014 Affected, Mitigating vulnerabilities in endpoint network stacks, Microsoft... by Application Security Weekly (Video)

34 min listen

Major Identities & Micro Services - Application Security Weekly #63: Mike and John delve into some DevSecOps topics. They discuss good design patterns that emerged from cloud native environments, Kubernetes and containers, and building blocks of unique services in the AppSec world. Full Show Notes:... by Security Weekly Podcast Network (Video)

32 min listen

Major Identities & Micro Services - Application Security Weekly #63: Mike and John delve into some DevSecOps topics. They discuss good design patterns that emerged from cloud native environments, Kubernetes and containers, and building blocks of unique services in the AppSec world. Full Show Notes: Follow us on Twitter: by Application Security Weekly (Video)

32 min listen

AirTags & Threat Models, Qualcomm Modem Vuln, Exim RCE(s), & Binary Hardening - ASW #150: This Week in the AppSec News, Mike and John talk: "Find My threat model" with AirTags, Qualcomm modem vuln hits lots of Android, an Exim update patches lots of vulns, measuring hardened binaries, a maturity model for k8s, & more! Visit for... by Application Security Weekly (Video)

38 min listen

AirTags & Threat Models, Qualcomm Modem Vuln, Exim RCE(s), & Binary Hardening - ASW #150: This Week in the AppSec News, Mike and John talk: "Find My threat model" with AirTags, Qualcomm modem vuln hits lots of Android, an Exim update patches lots of vulns, measuring hardened binaries, a maturity model for k8s, & more! Visit for... by Security Weekly Podcast Network (Video)

38 min listen

Killing the SOC, Burger King Runes, ReliaQuest Valuation, & StrongDM - ESW #252: This week in the enterprise security news: ReliaQuest crests a $1bn valuation, CyCognito raises a $100m Series C, AWS enhances cloud vulnerability management, StrongDM automates access to infrastructure, Can we trust AI written code?, Killing the SOC... by Security Weekly Podcast Network (Video)

44 min listen

Killing the SOC, Burger King Runes, ReliaQuest Valuation, & StrongDM - ESW #252: This week in the enterprise security news: ReliaQuest crests a $1bn valuation, CyCognito raises a $100m Series C, AWS enhances cloud vulnerability management, StrongDM automates access to infrastructure, Can we trust AI written code?, Killing the SOC... by Enterprise Security Weekly (Video)

44 min listen

JSON, OpenSSL, Educational Resources, & Flaws in CodeQL - ASW #141: This week on the Application Security News, Implementation pitfalls in parsing JSON, finding all forms of a flaw with CodeQL, more educational resources for hacking apps, engineering and product management practices for DevOps, & more! ... by Application Security Weekly (Video)

33 min listen

JSON, OpenSSL, Educational Resources, & Flaws in CodeQL - ASW #141: This week on the Application Security News, Implementation pitfalls in parsing JSON, finding all forms of a flaw with CodeQL, more educational resources for hacking apps, engineering and product management practices for DevOps, & more! ... by Security Weekly Podcast Network (Video)

33 min listen

Eyes Open - ASW #174: This week, we welcome Ryan Lloyd, Chief Product Officer at Guardsquare, to discuss Mobile Application Security! Mobile applications have a unique attack surface. The tools and techniques being used to compromise these environments are constantly... by Security Weekly Podcast Network (Audio)

71 min listen

Still Raging - ASW #125: This week, we welcome James Manico, CEO at Manicode Security, to talk about Application Security Best Practices! In the Application Security News, Redefining Impossible: XSS without arbitrary JavaScript, API flaws in an "unconventional" smart device,... by Security Weekly Podcast Network (Audio)

71 min listen

Discover this podcast and so much more

OMIGOD, FORCEDENTRY, Code Ownership, Security as a Product, & IoT Device Criteria - ASW #166

OMIGOD, FORCEDENTRY, Code Ownership, Security as a Product, & IoT Device Criteria - ASW #166

Description

Titles in the series (100)

More Episodes from Security Weekly Podcast Network (Video)

Related podcast episodes