IndexedDB Leak, Linux Kernel Bug, Zoom Security, SSRF & Allow Lists, Security Courses - ASW #181 | Security Weekly Podcast Network (Video) Podcast

IndexedDB Leak, Linux Kernel Bug, Zoom Security, SSRF & Allow Lists, Security Courses - ASW #181: In the AppSec News, Safari fixes a privacy leak in IndexedDB, integer arithmetic flaw leads to Linux kernel bug, a look back on Zoom security, SSRF from an URL allow list bypass, a security engineering course and lectures, 25 years of HTTP/1.1 ... by Application Security Weekly (Video)

34 min listen

Bug Bounty Costs, GitHub's Advisory Database, ICS Vulns of 2021, CNCF Secure Software - ASW #186: Salesforce reveals their bounty totals for 2021, GitHub opens its advisory database for collaboration, a year in review of ICS vulns, automating WordPress plugin security analysis, the Secure Software Factory from CNCF, Samsung's encryption mistakes,... by Security Weekly Podcast Network (Video)

42 min listen

Bug Bounty Costs, GitHub's Advisory Database, ICS Vulns of 2021, CNCF Secure Software - ASW #186: Salesforce reveals their bounty totals for 2021, GitHub opens its advisory database for collaboration, a year in review of ICS vulns, automating WordPress plugin security analysis, the Secure Software Factory from CNCF, Samsung's encryption mistakes,... by Application Security Weekly (Video)

42 min listen

Cheesy Tomato Dreams - ASW #181: It is hard, if not impossible, to secure something you don’t know exists. While security professionals spend countless hours on complex yet interesting issues that *may* be exploitable in the future, basic attacks are occurring every day against... by Security Weekly Podcast Network (Audio)

70 min listen

ASW #212 - Sam Placette: Appsec places a lot of importance on secure SDLC practices, API security, integrating security tools, and collaborating with developers. What does this look like from a developer's perspective? We'll cover API security, effective ways to test code,... by Security Weekly Podcast Network (Audio)

82 min listen

Application News - Application Security Weekly #59: In the Application Security News, Software update gums up fingerprints, a counterproductive security practice expires thanks to well-considered guidelines, Docker Hub breach response, a path to hacking Ruby Gems, 5 Security Challenges to API... by Security Weekly Podcast Network (Video)

34 min listen

Application News - Application Security Weekly #59: In the Application Security News, Software update gums up fingerprints, a counterproductive security practice expires thanks to well-considered guidelines, Docker Hub breach response, a path to hacking Ruby Gems, 5 Security Challenges to API... by Application Security Weekly (Video)

34 min listen

TaskRouter JS SDK, EL1/EL3 Vulnerability, & 234 Alexa Skills Store Violations - ASW #116: TaskRouter JS SDK Security Incident, Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability, An EL1/EL3 coldboot vulnerability affecting 7 years of LG Android devices,... by Security Weekly Podcast Network (Video)

33 min listen

TaskRouter JS SDK, EL1/EL3 Vulnerability, & 234 Alexa Skills Store Violations - ASW #116: TaskRouter JS SDK Security Incident, Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability, An EL1/EL3 coldboot vulnerability affecting 7 years of LG Android devices,... by Application Security Weekly (Video)

33 min listen

ASW #215 - Akira Brand: We talk with Akira Brand about appsec educational resources and crafting better resources for developers to learn about secure coding. Segment Resources: - - - - Rust arrives in the Linux Kernel, verdict in the Uber security case,... by Security Weekly Podcast Network (Audio)

78 min listen

ExtraReplica, Document.domain Disfavored, & Highlights From Thinkst Quarterly - ASW #195: This week in the AppSec News: ExtraReplica in Azure, Chrome disfavors document.domain, appsec presentations highlighted in the latest Thinkst Quarterly, Nimbuspwn Vuln in Linux, & more! Visit for all the latest episodes! Show Notes: by Application Security Weekly (Video)

38 min listen

ExtraReplica, Document.domain Disfavored, & Highlights From Thinkst Quarterly - ASW #195: This week in the AppSec News: ExtraReplica in Azure, Chrome disfavors document.domain, appsec presentations highlighted in the latest Thinkst Quarterly, Nimbuspwn Vuln in Linux, & more! Visit for all the latest episodes! Show Notes: by Security Weekly Podcast Network (Video)

38 min listen

Supply Chains in Azure SDK/Xcode, GitHub Sessions, & GCP VRP - ASW #144: In the AppSec News: Supply chain security in Azure SDK and macOS Xcode, GitHub's postmortem on a session handling flaw, six GCP vulns from 2020, & information resources for hacking the cloud! Visit for all the latest episodes! Show Notes: by Security Weekly Podcast Network (Video)

31 min listen

Supply Chains in Azure SDK/Xcode, GitHub Sessions, & GCP VRP - ASW #144: In the AppSec News: Supply chain security in Azure SDK and macOS Xcode, GitHub's postmortem on a session handling flaw, six GCP vulns from 2020, & information resources for hacking the cloud! Visit for all the latest episodes! Show Notes: by Application Security Weekly (Video)

31 min listen

Sudo Vuln, Libgcrypt, BlastDoor on iMessage, & AWS Lambda security - ASW #138: This week in the Application Security News, Sudo sure does, Libgcrypt flaw, iMessage demonstrates security by design, AWS Lambda shares a message on its design security, & more! Visit for all the latest episodes! Show Notes: by Application Security Weekly (Video)

32 min listen

Sudo Vuln, Libgcrypt, BlastDoor on iMessage, & AWS Lambda security - ASW #138: This week in the Application Security News, Sudo sure does, Libgcrypt flaw, iMessage demonstrates security by design, AWS Lambda shares a message on its design security, & more! Visit for all the latest episodes! Show Notes: by Security Weekly Podcast Network (Video)

32 min listen

What's the Deal with API Security? - Sandy Carielli - ASW #243: Walking the show floor at RSA Conference, you couldn't trip without falling into an application security vendor booth ... and API security specialists were especially plentiful. Join Forrester Principal Analyst Sandy Carielli for her thoughts on RSA... by Security Weekly Podcast Network (Audio)

77 min listen

API Security from a Developer's Perspective - Sam Placette - ASW #212: Appsec places a lot of importance on secure SDLC practices, API security, integrating security tools, and collaborating with developers. What does this look like from a developer's perspective? We'll cover API security, effective ways to test code,... by Security Weekly Podcast Network (Video)

40 min listen

API Security from a Developer's Perspective - Sam Placette - ASW #212: Appsec places a lot of importance on secure SDLC practices, API security, integrating security tools, and collaborating with developers. What does this look like from a developer's perspective? We'll cover API security, effective ways to test code,... by Application Security Weekly (Video)

40 min listen

AppSec Tips & Tricks for Cloud Native and Kubernetes Environments - Kiran Kamity - ASW #209: The unique nature of cloud native apps, Kubernetes, and microservices based architectures introduces new risks and opportunities that require AppSec practitioners to adapt their approach to security tooling, integration with the CI/CD pipeline, and... by Application Security Weekly (Video)

38 min listen

AppSec Tips & Tricks for Cloud Native and Kubernetes Environments - Kiran Kamity - ASW #209: The unique nature of cloud native apps, Kubernetes, and microservices based architectures introduces new risks and opportunities that require AppSec practitioners to adapt their approach to security tooling, integration with the CI/CD pipeline, and... by Security Weekly Podcast Network (Video)

38 min listen

WatchGuard, Riverbed Launches New Xirrus, and Cylance - Enterprise Security Weekly #56: HashiCorp Vault brings disaster recover to security secrets management, Oracle joins SafeLogic to develop FIPS module for OpenSSL security, and Cylance bringing enterprise security platform technology to home users. Full Show Notes: Visit for all... by Enterprise Security Weekly (Video)

28 min listen

WatchGuard, Riverbed Launches New Xirrus, and Cylance - Enterprise Security Weekly #56: HashiCorp Vault brings disaster recover to security secrets management, Oracle joins SafeLogic to develop FIPS module for OpenSSL security, and Cylance bringing enterprise security platform technology to home users. Full Show Notes:... by Security Weekly Podcast Network (Video)

28 min listen

CWE Top 25, Bugs in Inconstancies, Sequoia Vuln, Twitter Transparency, & Cloud Risks - ASW #159: This week in the AppSec News: CWE releases the top 25 vulns for 2021, findings bugs in similar code, Sequoia vuln in the Linux kernel, Twitter transparency for account security, a future for cloud security, & more! Visit for all the latest... by Security Weekly Podcast Network (Video)

41 min listen

CWE Top 25, Bugs in Inconstancies, Sequoia Vuln, Twitter Transparency, & Cloud Risks - ASW #159: This week in the AppSec News: CWE releases the top 25 vulns for 2021, findings bugs in similar code, Sequoia vuln in the Linux kernel, Twitter transparency for account security, a future for cloud security, & more! Visit for all the latest... by Application Security Weekly (Video)

41 min listen

Starting with Appsec -- Is It More of a Position or a Process? - ASW #264: This year we've talked about vulns, clouds, breaches, presentations, and all the variations of Dev, Sec, and Ops. As we end the year, let's talk about starting things -- like starting an appsec program or an appsec career. But is there still a need... by Security Weekly Podcast Network (Audio)

74 min listen

SaltStack Enterprise 6.3, Semperis, & SafeGuard 7.6 - ESW #189: Semperis adds vulnerability assessment, security reporting, and auto-remediation to its DSP, AWS launches Amazon Honeycode to help quickly build mobile and web apps without programming, Attivo Networks Advanced Protection Disrupts Ransomware 2.0,... by Security Weekly Podcast Network (Video)

25 min listen

SaltStack Enterprise 6.3, Semperis, & SafeGuard 7.6 - ESW #189: Semperis adds vulnerability assessment, security reporting, and auto-remediation to its DSP, AWS launches Amazon Honeycode to help quickly build mobile and web apps without programming, Attivo Networks Advanced Protection Disrupts Ransomware 2.0,... by Enterprise Security Weekly (Video)

25 min listen

ASW #231 - Neatsun Ziv: In this episode, Neatsun Ziv, co-founder and CEO of Ox security takes a deep dive into supply chain security. He focuses on the new Open Software Supply Chain Attack Reference (OSC&R), a consortium of leading cybersecurity leaders. OSC&R the... by Security Weekly Podcast Network (Audio)

80 min listen

Supply Chain Security Security with Containers and CI/CD Systems - Kirsten Newcomer - #ASW 256: Supply chain has been a hot topic for a few years now, but so many things we need to do for a secure supply chain aren't new at all. We'll cover SBOMs, vuln management, and putting together a secure pipeline. Segment resources: In the news, a... by Security Weekly Podcast Network (Audio)

87 min listen

Discover this podcast and so much more

IndexedDB Leak, Linux Kernel Bug, Zoom Security, SSRF & Allow Lists, Security Courses - ASW #181

IndexedDB Leak, Linux Kernel Bug, Zoom Security, SSRF & Allow Lists, Security Courses - ASW #181

Description

Titles in the series (100)

More Episodes from Security Weekly Podcast Network (Video)

Related podcast episodes