The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275 | Security Weekly Podcast Network (Video) Podcast

The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275: The need for vuln management programs has been around since the first bugs -- but lots of programs remain stuck in the past. We talk about the traps to avoid in VM programs, the easy-to-say yet hard-to-do foundations that VM programs need, and smarter... by Application Security Weekly (Video)

41 min listen

The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275: The need for vuln management programs has been around since the first bugs -- but lots of programs remain stuck in the past. We talk about the traps to avoid in VM programs, the easy-to-say yet hard-to-do foundations that VM programs need, and smarter... by Security Weekly Podcast Network (Audio)

79 min listen

How to Build a Developer-First Application Security Program - Harshil Parikh - ASW #190: Developers ignore security issues. But can we really blame them? After all, security folks bombard them with an endless stream of issues that need to be addressed with no way for them to separate what’s actually critical from all the noise, all... by Application Security Weekly (Video)

36 min listen

How to Build a Developer-First Application Security Program - Harshil Parikh - ASW #190: Developers ignore security issues. But can we really blame them? After all, security folks bombard them with an endless stream of issues that need to be addressed with no way for them to separate what’s actually critical from all the noise, all... by Security Weekly Podcast Network (Video)

36 min listen

ASW #239 - Patrick Vandenberg, Karl Triebes, Francesco Cipollone: Application security is messy and is getting messier. Modern application security teams are struggling to identify what's more important to fix. Cloud security and application security is getting squeezed all together. Modern vulnerability maturity... by Security Weekly Podcast Network (Audio)

81 min listen

Pokémon & Synthwave & Hair & Hats - ASW #135: A premise of adding security to DevOps is we can "shift left" AppSec responsibilities, one of which is building apps so they're secure by design. Yet what resources does the AppSec community provide for this approach to design? We take a look at the... by Security Weekly Podcast Network (Audio)

68 min listen

ASW #190 - Harshil Parikh: Developers ignore security issues. But can we really blame them? After all, security folks bombard them with an endless stream of issues that need to be addressed with no way for them to separate what’s actually critical from all the noise, all... by Security Weekly Podcast Network (Audio)

78 min listen

Always Interesting - ASW #143: This week, we welcome John Morello, VP of Product at Palo Alto Networks, joins us to talk about Cloud Native Security Platforms! Modern appsec demonstrates the importance of a cloud native strategy for enterprise security and how much that strategy... by Security Weekly Podcast Network (Audio)

62 min listen

Big Smiles - ASW #179: There's an understandable focus on "shift left" in modern DevOps and appsec discussions. So what does it take to broaden what we call appsec into something effective for modern apps, whether they're on the web, mobile, or cloud? We'll talk about... by Security Weekly Podcast Network (Audio)

74 min listen

Web Asset Discovery in Application Security - Tolga Kayas - ESW #242: Large organizations develop hundreds of new web applications every year. Some of those deployments are lost in time, and others go wild with high severity vulnerabilities. Forgotten and outdated web applications are a common culprit of successful hack... by Security Weekly Podcast Network (Video)

30 min listen

Web Asset Discovery in Application Security - Tolga Kayas - ESW #242: Large organizations develop hundreds of new web applications every year. Some of those deployments are lost in time, and others go wild with high severity vulnerabilities. Forgotten and outdated web applications are a common culprit of successful hack... by Enterprise Security Weekly (Video)

30 min listen

Starting with Appsec -- Is It More of a Position or a Process? - ASW #264: This year we've talked about vulns, clouds, breaches, presentations, and all the variations of Dev, Sec, and Ops. As we end the year, let's talk about starting things -- like starting an appsec program or an appsec career. But is there still a need... by Security Weekly Podcast Network (Video)

40 min listen

Starting with Appsec -- Is It More of a Position or a Process? - ASW #264: This year we've talked about vulns, clouds, breaches, presentations, and all the variations of Dev, Sec, and Ops. As we end the year, let's talk about starting things -- like starting an appsec program or an appsec career. But is there still a need... by Application Security Weekly (Video)

40 min listen

Starting with Appsec -- Is It More of a Position or a Process? - ASW #264: This year we've talked about vulns, clouds, breaches, presentations, and all the variations of Dev, Sec, and Ops. As we end the year, let's talk about starting things -- like starting an appsec program or an appsec career. But is there still a need... by Security Weekly Podcast Network (Audio)

74 min listen

Cloud Native Security Platforms - John Morello - ASW #143: Modern appsec demonstrates the importance of a cloud native strategy for enterprise security and how much that strategy must integrate with DevOps tools and workflows. Security solutions need to come from a cohesive platform that addresses the... by Security Weekly Podcast Network (Video)

34 min listen

Cloud Native Security Platforms - John Morello - ASW #143: Modern appsec demonstrates the importance of a cloud native strategy for enterprise security and how much that strategy must integrate with DevOps tools and workflows. Security solutions need to come from a cohesive platform that addresses the... by Application Security Weekly (Video)

34 min listen

Application Security Maturity and Frameworks - Francesco Cipollone - ASW #239: Application security is messy and is getting messier. Modern application security teams are struggling to identify what's more important to fix. Cloud security and application security is getting squeezed all together. Modern vulnerability maturity... by Security Weekly Podcast Network (Video)

52 min listen

Application Security Maturity and Frameworks - Francesco Cipollone - ASW #239: Application security is messy and is getting messier. Modern application security teams are struggling to identify what's more important to fix. Cloud security and application security is getting squeezed all together. Modern vulnerability maturity... by Application Security Weekly (Video)

52 min listen

ASW #212 - Sam Placette: Appsec places a lot of importance on secure SDLC practices, API security, integrating security tools, and collaborating with developers. What does this look like from a developer's perspective? We'll cover API security, effective ways to test code,... by Security Weekly Podcast Network (Audio)

82 min listen

ESW #309 - Tal Morgenstern, Casey Smith: The CI/CD pipeline is the backbone of the software development process, so it's critical to ensure you are meeting and exceeding the most critical security measures. Throughout this podcast, Tal Morgenstern, Co-founder and CSO of Vulcan Cyber, will... by Security Weekly Podcast Network (Audio)

145 min listen

DevOps and Site Reliability: How do the most popular websites stay online? How do mobile app developers release new versions safely and monitor them? Today we have Matt Watson from Stackify on the show to talk about Developer Operations (DevOps) and site reliability. These two are by Programming Throwdown

63 min listen

Vulnerability Management is Dead! - Rickard Carlsson - ESW #257: Modern tech stacks are becoming increasingly complex puzzles of components built in-house and sourced from third-party vendors. With DNS at the center of the infrastructure, and staging and production being sometimes just minutes apart, scanning for... by Enterprise Security Weekly (Video)

36 min listen

Vulnerability Management is Dead! - Rickard Carlsson - ESW #257: Modern tech stacks are becoming increasingly complex puzzles of components built in-house and sourced from third-party vendors. With DNS at the center of the infrastructure, and staging and production being sometimes just minutes apart, scanning for... by Security Weekly Podcast Network (Video)

36 min listen

Integrating Appsec Tools for DevOps Teams - Steve Wilson - ASW #186: DevOps teams have often been underserved by security tools. Modern appsec solutions need to fit within the existing workflows related to how software is built and deployed. But just dropping a tool into that pipeline isn't sufficient -- there are apps... by Security Weekly Podcast Network (Video)

37 min listen

Integrating Appsec Tools for DevOps Teams - Steve Wilson - ASW #186: DevOps teams have often been underserved by security tools. Modern appsec solutions need to fit within the existing workflows related to how software is built and deployed. But just dropping a tool into that pipeline isn't sufficient -- there are apps... by Application Security Weekly (Video)

37 min listen

Mitigating at Design Time - Shaun Lamb - ASW #95: In this interview segment, Mike and John interview Shaun Lamb about strategies for how best to design applications so they are "secure by default" and have fewer incidents and vulnerabilities, How DevOps or DevSecOps positively changes the... by Application Security Weekly (Video)

37 min listen

Mitigating at Design Time - Shaun Lamb - ASW #95: In this interview segment, Mike and John interview Shaun Lamb about strategies for how best to design applications so they are "secure by default" and have fewer incidents and vulnerabilities, How DevOps or DevSecOps positively changes the... by Security Weekly Podcast Network (Video)

37 min listen

ASW #207 - Chen Gour Arie: In today's high-tech industries, security is struggling to keep up with rapidly changing production systems and the chaos that agile development introduces into workflows. Application security (AppSec) teams are fighting an uphill battle to gain... by Security Weekly Podcast Network (Audio)

78 min listen

AppSec Tips & Tricks for Cloud Native and Kubernetes Environments - Kiran Kamity - ASW #209: The unique nature of cloud native apps, Kubernetes, and microservices based architectures introduces new risks and opportunities that require AppSec practitioners to adapt their approach to security tooling, integration with the CI/CD pipeline, and... by Security Weekly Podcast Network (Video)

38 min listen

AppSec Tips & Tricks for Cloud Native and Kubernetes Environments - Kiran Kamity - ASW #209: The unique nature of cloud native apps, Kubernetes, and microservices based architectures introduces new risks and opportunities that require AppSec practitioners to adapt their approach to security tooling, integration with the CI/CD pipeline, and... by Application Security Weekly (Video)

38 min listen

Discover this podcast and so much more

The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275

The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275

Description

Titles in the series (100)

More Episodes from Security Weekly Podcast Network (Video)

Related podcast episodes