Node.js Secure Coding – Oliver Tavakoli, Chris Thomas, Liran Tal – ASW #286
Full Audio
View Show IndexSegments
1. Node.js Secure Coding – Liran Tal – ASW #286
Secure coding education should be more than a list of issues or repeating generic advice. Liran Tal explains his approach to teaching developers through examples that start with exploiting known vulns and end with discussions on possible fixes. Not only does this create a more engaging experience, but it also relies on code that looks familiar to developers rather than contrived or overly simplistic examples.
Segment resources:
Announcements
Get ready for an electrifying experience at the 15th annual Identiverse! Join 3,000+ identity professionals at the ARIA Resort & Casino in Vegas on May 28-31, 2024, for 4 days packed with dynamic learning & collaboration. Don't miss out on keynote speakers including Denee Defiore, CSIO of United Airlines; Tucker Bryant, Entrepreneur and Former Googler; George Roberts, Director of Identity and Access Engineering at McDonald's and many more!
As a community member, receive 25% off your Identiverse 2024 tickets using code IDV24-SW25!
Register today: securityweekly.com/idv2024
Dive into cybersecurity with CyberRisk Alliance for exclusive insights from RSA Conference 2024. Explore executive interviews with industry leaders, uncovering visionary perspectives on threats and strategies. Delve into curated articles on trends and innovations, equipping yourself with essential knowledge for today's cyber landscape. Visit securityweekly.com/RSAC for expert guidance and inspiration in navigating cybersecurity challenges confidently.
Guest
Liran Tal is an award-winning software developer, security researcher, and open-source champion in the JavaScript community. He’s an internationally recognized GitHub Star, acknowledged for his open-source advocacy, and has received the OpenJS Foundation’s Pathfinder for Security for his work on Node.js security. His contributions to developer security education include leading OWASP projects, building supply chain security tools, participating in CNCF and OpenSSF initiatives, and authoring books such as O’Reilly’s Serverless Security. He leads the developer advocacy team at Snyk.io and is on a mission to empower developers with better application security skills.
Hosts
2. Unpacking XDR & Business Applications – Chris Thomas, Oliver Tavakoli – ASW #286
The challenge of evaluating threat alerts in aggregate – what a collection and sequence of threat signals tell us about an attacker’s sophistication and motives – has bedeviled SOC teams since the dawn of the Iron Age. Vectra AI CTO Oliver Tavakoli will discuss how the design principles of our XDR platform deal with this challenge and how GenAI impacts this perspective.
Segment Resources:
Vectra AI Platform Video: https://vimeo.com/916801622
Blog: https://www.vectra.ai/blog/what-is-xdr-the-promise-of-xdr-capabilities-explained
Blog: https://www.vectra.ai/blog/xdr-explored-the-evolution-and-impact-of-extended-detection-and-response
MXDR Calculator: https://www.vectra.ai/calculators/mxdr-value-calculator
This segment is sponsored by Vectra AI. Visit https://securityweekly.com/vectrarsac to learn more about them!
In this interview, we will discuss the network security challenges of business applications and how they can also be the solution. AlgoSec has spent over two decades tackling tough security issues in some of the world’s most complex networks. Now, they’re applying their expertise to hybrid networks—where customers are combining their on-premise resources along with multiple cloud providers.
Segment Resources: https://www.algosec.com/resources/
This segment is sponsored by AlgoSec. Visit https://securityweekly.com/algosecrsac to learn more about them!
Sponsored By
Guests
Chris Thomas brings over 25 years of technology sales, partnerships and executive management experience. He has been part of the executive management teams which led four venture-backed companies to three successful acquisitions (Kontiki, Deja, Vidyo) and one $1.2B IPO (Intralinks).
Most recently, Chris was SVP, Worldwide Sales for Vidyo, an enterprise-grade unified communications platform for businesses and developers. Over a 10-year period Chris was responsible for Vidyo’s accelerated growth, Channel and Partners strategy and execution, and led Vidyo’s move to the cloud. Chris was also responsible for a vertical sales strategy and global expansion which led to Vidyo’s acquisition.
Prior to Vidyo, he was SVP of Worldwide Business Development at Intralinks, SVP Worldwide at Deja, President & CEO at Summitworks Technology, an IT solutions provider. Chris also held senior sales positions at Kontiki, Ziff Davis and IDG. He holds a BA in English with a minor in Business from The Catholic University of America.
Oliver Tavakoli is chief technology officer at Vectra AI. He sets the technical strategy for the company. Oliver has overseen the adoption of technology in cybersecurity for over 25 years, the last ten of which have been at Vectra AI. Prior to Vectra, Oliver was the CTO for the security business of Juniper Networks. He joined Juniper as a result of its acquisition of Funk Software, where Oliver was the CTO. Earlier in his career, Oliver worked at IBM, Fluent Machines, and Novell Inc and founded Trilogy Inc, which was acquired by Funk Software.
Hosts
