34 min listen
ASW #189 - Alvaro Muñoz
ratings:
Length:
76 minutes
Released:
Mar 22, 2022
Format:
Podcast episode
Description
This week in the AppSec News: A great escape isn't always as great as it sounds, Solana cryptocurrency logic isn't always as great as intended, some people's idea of "peace" isn't that great at all, and some great security suggestions for package maintainers. - Past research such as JNDI Injection, Unsafe deserialization, Struts RCEs - OSS security: CodeQL, Dependabot, collaboration between researchers and developers, OWASP Top Ten Proactive Controls, CVD for OSS. Show Notes: https://securityweekly.com/asw189 Segment Resources: - [Write more secure code with the OWASP Top 10 Proactive Controls](https://github.blog/2021-12-06-write-more-secure-code-owasp-top-10-proactive-controls/) - [An analysis on developer-security researcher interactions in the vulnerability disclosure process](https://github.blog/2021-09-09-analysis-developer-security-researcher-interactions-vulnerability-disclosure/) - [Building security researcher and developer collaboration](https://www.securitymagazine.com/articles/97066-how-to-build-security-researcher-and-software-developer-collaboration) - [Coordinated vulnerability disclosure (CVD) for open source projects](https://github.blog/2022-02-09-coordinated-vulnerability-disclosure-cvd-open-source-projects/) - [GitHub Advisory Database now open to community contributions](https://github.blog/2022-02-22-github-advisory-database-now-open-to-community-contributions/) - [Blue-teaming for Exiv2: creating a security advisory process](https://github.blog/2021-11-02-blue-teaming-create-security-advisory-process/) Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Released:
Mar 22, 2022
Format:
Podcast episode
Titles in the series (100)
Paul's Security Weekly - Special Edition - Mike Poor & Ed Skoudis Interview - Part I: We are very excited to present to our listeners an exclusive interview with Mike Poor & Ed Skoudis of Intelguardians and The SANS Institute. Larry, The Mason, and myself spoke with Mike and Ed about a wide range of information security topics. This... by Security Weekly Podcast Network (Audio)