Application Security PodCast 574428

Georgia Weidman (@georgiaweidman) met with Robert at CodeMash to discuss her origin story, mobile, IoT, penetration testing, and details about her various companies. If you’ve never seen Georgia’s book on penetration testing, we recommend you grab a copy. http://www.nostarch.com/pentesting To sign up for the <Hi/5> newsletter mentioned at the start of this week’s show, visit https://www.securityjourney.com/hi5 The post Georgia Weidman — Mobile, IoT, and Pen Testing appeared first on Security Journey.

Here it is. The finale of season four. Thanks to everyone who listens in and , if there’s any people you want us to interview on the podcast, tweet at us @AppSeodcast The post Season 4 Finale (S04E27) appeared first on Security Journey.

On this episode, Chris and Robert are ed by Geoff Hill to talk about Rapid Threat Model Prototyping Process. You can find Geoff on Twitter @Tutamantic_Sec The post Rapid Threat Model Prototyping Process (S04E26) appeared first on Security Journey.

On this episode, Chris and Robert are ed by Bill Wilder to talk about Running Azure Securely. You can find Bill on Twitter @codingoutloud The post Running Azure Securely (S04E25) appeared first on Security Journey.

On this episode, Chris and Robert are ed by Matt Konda to talk about what Glue is. You can find Matt on Twitter @mkonda OWASP Glue The post OWASP Glue (S04E24) appeared first on Security Journey.

On this episode, Chris is ed by Josh Grossman, Avi Douglen, and Ofer Maor at AppSec USA. They discuss the AppSec group in Israel and a few important talks you should watch from AppSec USA this year. You can find Josh on Twitter @JoshCGrossman You can find Avi on Twitter @sec_tigger You can find Ofer on Twitter @OferMaor The post AppSec in Israel and Three Talks to watch from AppSec USA(S04E23) appeared first on Security Journey.

On this episode, Chris and Robert are ed by Daniel Miessler to talk about the Top 10 list for IoT. You can find Daniel on Twitter @DanielMiessler IoT Project The post OWASP IoT Top 10 (S04E22) appeared first on Security Journey.

On this episode, Chris is ed by Travis Meak to talk about SecOps and the ways it can help make a developers life easier. You can find Travis on Twitter @travismeak The post SecOps Makes Developers Lives Easier (S04E21) appeared first on Security Journey.

On this week, we listen in on the #AppSecUSA talk by Chris about Security Culture Hacking. You can find Chris on Twitter @edgeroute     The post Security Culture Hacking: Disrupting the Security Status Quo (S04E20) appeared first on Security Journey.

On this episode, Jim Manico s again to talk about the ways that AppSec has changed over the years and give us an in-depth look at the history of SQL Injection and XSS. You can find Jim on Twitter @manicode The post The Extremely Unabridged History of SQLi and XSS(S04E19) appeared first on Security Journey.

On this episode, Chris talks with Jeff Williams about the History of OWASP and where it came from. You can find Jeff on Twitter @planetlevel The post The History of OWASP (S04E18) appeared first on Security Journey.

Bjorn Kimminich s to talk about JuiceShop on this weeks episode. He dives into what JuiceShop is and some of the use cases for it. You can find Bjorn on Twitter @bkimminich JuiceShop’s Twitter JuiceShop Demo   The post The Joy of the Vulnerable Web: JuiceShop(S04E17) appeared first on Security Journey.

On this episode, Chris is at AppSec USA and is ed by Swaroop to talk about iGoat. They discuss how iGoat relates to WebGoat and how they can be used for pen testing. You can find Swaroop on Twitter @swaroopsy The post iGoat and iOS Mobile Pen Testing (S04E16) appeared first on Security Journey.

On this episode, Chris and Robert talk with Adam and John from HackerOne about Bug Bounty. They dive into bug bounty from the programming side and the security researcher side to show how you can put these pieces together to be successful with bug bounty. You can find Adam on Twitter @SushiHack and Jon @jon_bottarini     The post Two Sides to a Bug Bounty: The Researcher and The Program (S04E15) appeared first on Security Journey.

Chris talks with Erlend Oftedal about what the Norway Chapter of OWASP and continues on into what retire.js is and how it works. You can find Erlend on Twitter @webtonull The post What You Require, You Must Also Retire (S04E14) appeared first on Security Journey.

Abhay Bhargav s Robert this week to talk about threat modeling as code. He dives into how this can help you in your own threat models. You can find Abhay on Twitter @abhaybhargav The post Threat Modeling as Code (S04E13) appeared first on Security Journey.

Tony UV s Robert on this weeks episode to discuss all things threat libraries in the cloud. You can find Tony on Twitter @t0nyuv The post Threat Libraries in the Cloud (S04E12) appeared first on Security Journey.

On this episode, Chris and Robert talk to Aaron Rinehart about how the security community can embrace chaos engineering. You can find Aaron on Twitter @aaronrinehart The post Chaos Engineering and #AppSec (S04E11) appeared first on Security Journey.

On this episode, Chris is ed by Jessie and Vandana from Women in #AppSec to discuss the project! They dive in what the project is and how the numerous OWASP Chapters around the world can participate! You can find them on Twitter @InfosecVandana and @jessrobin96 The post WIA: Women in #AppSec (S04E10) appeared first on Security Journey.

This week we’re ed by Karen Staley, the Executive Director of the OWASP Foundation. She dives into what’s happening on OWASP and what we can be looking forward to in the future. You can find her on Twitter @owasped The post A Conversation with Karen (S04E09) appeared first on Security Journey.