33 min listen
ASW #229 - Nick Selby
ratings:
Length:
81 minutes
Released:
Feb 14, 2023
Format:
Podcast episode
Description
Organizations spend hundreds of work hours to build applications and services that will benefit customers and employees alike. Whether the application/service is externally facing or for internal use only, it is mandatory to identify and understand the scope of potential cyber risks and threats it poses to the organization. But where and how do you start with an accurate threat model? Nick can discuss how to approach this and create a model that's useful to security and developers alike. Segment Resources https://github.com/trailofbits/publications/blob/master/reviews/2022-12-curl-threatmodel.pdf Reddit's breach disclosure, simple vulns in Toyota's web portals, OpenSSL vulns, voting results for Portswigger's top 10 web hacking techniques of 2022, tiny IoT cryptography implementations, real world migration of a million lines of code Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw229
Released:
Feb 14, 2023
Format:
Podcast episode
Titles in the series (100)
Paul's Security Weekly - Special Edition - Mike Poor & Ed Skoudis Interview - Part II: In part II of our interview we discuss: Brazilian hacker groups The physical manifestation of the NOP Sled OS Security/Insecurity, Shmoocon OS X Hack, OS X predictions Apple's move to Intel and its impact on security Bastille for Mac OS X Why not to... by Security Weekly Podcast Network (Audio)