Latest Software security Podcast Episodes
Contrast Labs Sets a High Bar and Plays a Critical Role in Protecting Contrast Customers
Inside AppSec - October 13, 2021 18:00 - 42 minutesContrast Labs was a fledgling organization just a few years ago when Contrast’s CISO David Lindner took on the mantle of leadership. Today, Contrast Labs is a pivotal linchpin—threat modeling to protect Contrast’s network, applications, users, and data from malicious attacks, providing engineeri...
Shannon Morse, Infosec Content Creator
SpiderBytes: the SpiderOak Podcast - October 12, 2021 00:51 - 25 minutes ★★★★★ - 3 ratingsToday we chat with Shannon Morse. She is a content creator and influencer with a focus on infosec and privacy. We talk about her recommendations, how to factor physical security into your threat model, and lots more. You can learn more and see Shannon's videos on YouTube https://youtu...
Zach Otte, Designer at SpiderOak
SpiderBytes: the SpiderOak Podcast - October 04, 2021 18:23 - 22 minutes ★★★★★ - 3 ratingsToday we chat with Zach Otte about the intersection of design, security, and privacy. Balancing these is an important part of the work he does at SpiderOak and he's got some great insights to share. Zach has been at SpiderOak for four years and is the primary designer for the UI/UX of S...
Why More Isn't Better When It Comes to AppSec and Why Less Is Better
Inside AppSec - September 28, 2021 15:00 - 35 minutesCybersecurity adheres to the belief that the more results you can generate, the better your security model. This is certainly true in the application security space, where the more alerts that are generated, the better an organization's security posture. But this isn't necessarily true. In this ...
Behind-the-Scenes Perspectives on the Compilation, Analysis, and Publication of the 2021 OWASP Top Ten
Inside AppSec - September 24, 2021 10:00 - 52 minutesThe 2021 OWASP Top Ten was a huge research and analytical undertaking involving over 500,000 applications and 200 CWEs. The amount of data analyzed was upwards of 4x greater than what was used for the 2017 OWASP Top Ten release. OWASP Top Ten Co-Lead and Union University Professor Brian Glas dis...
Key Takeaways and AppSec Recommendations From the 2021 OWASP Top Ten
Inside AppSec - September 24, 2021 09:00 - 50 minutesThe 2021 OWASP Top Ten contains some significant changes, including several additions. Understanding what changed and why they changed is important for application security professionals. This Inside AppSec Podcast features Contrast Security's CTO and Co-founder Jeff Williams and CISO David Lind...
Episode 036 - “Cybersecurity is Everyone’s Business” | How Can We Make Cybersecurity More Mainstream? - Dave Chatterjee, PhD
Agent of Influence - September 15, 2021 10:00 - 30 minutes“Cybersecurity is Everyone’s Business” | How Can We Make Cybersecurity More Mainstream? In this episode of Agent of Influence, Nabil speaks with Dave Chatterjee, PhD, Professor at The University of Georgia and Duke University – and author of Cybersecurity Readiness: A Holistic and High-Perform...
Ben Webb, Information Security Risk Analyst
SpiderBytes: the SpiderOak Podcast - September 10, 2021 03:38 - 24 minutes ★★★★★ - 3 ratingsBen Webb is an information security risk analyst in the financial sector. He’s also heavily involved in SecKC, the largest hacker meetup in the world. If you’re in the Kansas City area and would like to join the next meetup, which happens to be SecKC’s 10th anniversary, go to https://se...
Dave Pearah, SpiderOak CEO
SpiderBytes: the SpiderOak Podcast - September 05, 2021 02:55 - 22 minutes ★★★★★ - 3 ratingsOur first episode is here! We're excited to introduce SpiderBytes to the world, and who better to start us off than SpiderOak's fearless leader Dave Pearah. To learn more about Dave on his LinkedIn profile - https://www.linkedin.com/in/pearah/. SpiderBytes is sponsored by SpiderOak. (...
Episode 035 - Middle School Teacher Turned CISO Talks Reverse Engineering, Asset Management, and More - Seth Edgar
Agent of Influence - September 01, 2021 10:00 - 35 minutesMiddle School Teacher Turned CISO Talks Reverse Engineering, Asset Management, and More In this episode of Agent of Influence, Nabil speaks with Seth Edgar, CISO at insurance solutions provider AF Group. Hear Seth discuss his unconventional career path, parallels between his experience as a mid...
Episode 034 - The Future of Penetration Testing is Not Check-the-Box | Get to Know NetSPI’s New CTO - Travis Hoyt
Agent of Influence - August 18, 2021 13:00 - 25 minutesThe Future of Penetration Testing is Not Check-the-Box | Get to Know NetSPI’s New CTO In this episode of Agent of Influence, Nabil speaks with Travis Hoyt, a well-known financial services security leader – and NetSPI’s new Chief Technology Officer (CTO)! They discuss why he's excited to be at N...
Serious Vulnerabilities Per Application Jump in Latest Bimonthly AppSec Intelligence Report
Inside AppSec - August 13, 2021 00:00 - 26 minutesThe number of vulnerabilities per application in the May-June Bimonthly Application Security Intelligence Report from Contrast Labs remained flat, but the number of serious vulnerabilities jumped. This Inside AppSec Podcast conversation discusses what vulnerability types saw the biggest increase...
Key Insights on Application Makeup: Custom and Open-source Code (New Report) – Part 3
Inside AppSec - August 04, 2021 10:00 - 26 minutesIf anything, the recent software supply chain attacks demonstrate the interconnectivity of modern software and the exponential risk one successful exploit poses to thousands of organizations worldwide. Contrast Security's annual 2021 Application Security Observability Report finds that custom co...
Key Insights on Application Vulnerabilities and Attacks (New Report) – Part 2
Inside AppSec - August 04, 2021 10:00 - 29 minutesThe percentage of applications with serious vulnerabilities increased significantly over the past year. However, vulnerability prevalence varied across vulnerability type. Knowing which ones are the most prevalent and with the greatest likelihood to impact enables security and development teams ...
Episode 033 - The Evolution of Incident Response, Lessons Learned from Chinese-Based Tech Companies, Mental Health, and More - Doug Brush
Agent of Influence - August 04, 2021 10:00 - 36 minutesThe Evolution of Incident Response, Lessons Learned from Chinese-Based Tech Companies, Mental Health, and More In this episode of Agent of Influence, Nabil speaks with Doug Brush, Global Advisory CISO at Splunk. Doug discusses M&A security challenges, the evolution of incident response, why we ...
Key Insights on Security Debt and Vulnerability Escape Rate Trends (New Report) - Part 1
Inside AppSec - August 04, 2021 10:00 - 30 minutesThe more application security debt an organization carries, the greater the risk and operational inefficiencies. Contrast Security's CTO and Co-founder Jeff Williams and CISO David Lindner reflect on security debt findings in Contrast's 2021 Application Security Observability Report in this Insi...
Episode 032 - “Shift Left, But Not Too Left”: A Conversation on AppSec and Development Trends - Maty Siman
Agent of Influence - July 14, 2021 10:00 - 27 minutes“Shift Left, But Not Too Left”: A Conversation on AppSec and Development Trends In this episode of Agent of Influence, Nabil speaks with Maty Siman, founder and CTO at Checkmarx. Hear Maty share the Checkmarx origin story and discuss application security and development trends, how to manage op...
Java Applications Under Attack Barrage in Latest Contrast Labs Bimonthly AppSec Intel Report
Inside AppSec - June 23, 2021 23:00 - 21 minutesThe March–April 2021 Bimonthly AppSec Intelligence Report from Contrast Labs pegs the overall RiskScore Index at 5.06, the lowest since July 2020. This should be good news, especially with the percentage of applications with a serious vulnerability decreasing in this bimonthly time frame. Howeve...
Episode 031 - What’s Keeping Security Leaders Up at Night? DDoS, Ransomware, 5G, and Security Employment - Michael Kaczmarek
Agent of Influence - June 23, 2021 10:00 - 33 minutesWhat’s Keeping Security Leaders Up at Night? DDoS, Ransomware, 5G, and Security Employment In this episode of Agent of Influence, Nabil speaks with Michael “Kaz” Kaczmarek, head of product management for Neustar’s Security Solutions business unit. They discuss how his engineering background has...
CVE-2020-17091: Remote Code Execution Vulnerability in Microsoft Teams Found by Contrast Labs
Inside AppSec - June 15, 2021 14:00 - 29 minutesContrast Labs’ Director of Security Research Matt Austin discovered a Remote Code Execution (RCE) vulnerability in Microsoft Teams that could have exposed the Microsoft Teams software supply chain to a malicious exploit that could have impacted millions of users and thousands of businesses. List...
Contrast DevSecOps Platform Now Includes Pipeline-native Static Analysis
Inside AppSec - June 10, 2021 12:00 - 26 minutesIncumbent legacy static analysis approaches employ large rule sets to look for code quality issues that require lengthy scan processes and generate large piles of findings—many of which are false positives. Contrast Security's Chief Strategy Officer Surag Patel and Sr. Product Marketing Director...
Episode 030 - Communicating Cybersecurity ROI, AppSec Frameworks, AI and ML Security, and More - Diana Kelley
Agent of Influence - June 09, 2021 10:00 - 38 minutesCommunicating Cybersecurity ROI, AppSec Frameworks, AI and ML Security, and More In this episode of Agent of Influence, Nabil speaks with Diana Kelley, founding partner and CTO at Security Curve, volunteer, security architect, keynote speaker, among her many other roles. They discuss how she un...
Digital Transformation in Financial Services Accelerates, Application Security Struggles to Keep Up
Inside AppSec - May 26, 2021 13:00 - 27 minutesContrast Security’s 2021 State of Application Security in Financial Services Report canvasses a number of topics related to application security in financial services such as how the rapid adoption of DevOps/Agile in financial services is outpacing application security, how application security ...
Episode 029 - Application Security and Penetration Testing Insights from a Utilities Sector CISO - Manish Khera
Agent of Influence - May 26, 2021 10:00 - 32 minutesApplication Security and Penetration Testing Insights from a Utilities Sector CISO In this episode of Agent of Influence, Nabil speaks with Manish Khera, a CISO at a major utilities company. Hear Manish’s thoughts on utility sector cybersecurity challenges and opportunities, the Biden administr...
Navigating Open-source Security Obstacles and Mapping Out Solution Requirements (Part 2)
Inside AppSec - May 19, 2021 20:00 - 20 minutesThe recent Contrast Security 2021 Open-source Security Report reveals real-world (and previously undiscovered) aspects about open-source library usage and the risks associated with it. Legacy approaches to open-source security generate alert noise, struggle to track software licensing risks, and...
Open-source Library Risks Expose the Software Supply Chain (Part 1)
Inside AppSec - May 19, 2021 19:00 - 28 minutesUse of open-source frameworks and libraries offers organizations added scale—the ability to achieve the speed and efficiency demanded by the modern software development life cycle (SDLC). Yet, there are various differences in open-source libraries in terms of vulnerabilities and licensing, and o...
Episode 028 - Is Data Science the Key to a Mature Security Program? - Jim Routh
Agent of Influence - May 12, 2021 10:00 - 39 minutesIs Data Science the Key to a Mature Security Program? In this episode of Agent of Influence, Nabil speaks with Jim Routh, a well-known security leader and current board member at various innovative early-stage cybersecurity startups. Listen to Jim’s insights on how to define and encourage innov...
Software Supply Chain Is a Priority in the Latest Contrast Security Bimonthly AppSec Intel Report
Inside AppSec - May 07, 2021 18:00 - 22 minutes2021 is the year of the software supply chain when it comes to cyber risks. Thousands of organizations have been repeatedly hit from multiple points across the software factory attack surface. The January-February 2021 Contrast Labs Bimonthly AppSec Intelligence Report contains trend data reflec...
Modern Application Security Now Available for Golang Applications
Inside AppSec - May 06, 2021 13:00 - 12 minutesGo is an open-source programming language that makes it easy to build simple, reliable, and efficient software across various operating systems. But until now, developers and application security specialists were stuck using legacy application security methods that generated high volumes of fals...
Right and Wrong DevSecOps Metrics: Measuring What Counts
Inside AppSec - April 28, 2021 20:00 - 24 minutesThe metrics many organizations use today to measure the success of their application security programs fail to capture risks that matter to the business and incentivize the wrong outcomes. A comprehensive approach to DevSecOps that uses metrics that reflect actual risk measures areas such as vul...
Related Software security Topics