Application Security WeeklySubscribe
Application security, AI/ML

Dealing with the Burden of Bad Bots – Sandy Carielli – ASW #270

Where apps provide something of value, bots are sure to follow. Modern threat models need to include scenarios for bad bots that not only target user credentials, but that will also hoard inventory and increase fraud. Sandy shares her recent research as we talk about bots, API security, and what developers can do to deal with these.

Segment resources

Full episode and show notes

Announcements

  • Security Weekly listeners: Cyber threats are evolving — is your organization keeping up? The 2023 Cybersecurity Year in Review is Here! Uncover the latest challenges and strategic responses in CRA's 2023 Cybersecurity Year in Review – sponsored by RSA Conference. From the impact of generative AI to the risks of ransomware to navigating new SEC rulings, get ahead for 2024 with your free copy. Download the report at securityweekly.com/yearinreview2023

Guest

Principal Analyst at Forrester Research

Sandy is a principal analyst at Forrester advising security and risk professionals on application security, with a particular emphasis on the collaboration among security and risk, application development, operations, and business teams. Her research covers topics such as proactive security design, security testing in the software delivery lifecycle, protection of applications in production environments, and remediation of hardware and software flaws.

Hosts

Tech Lead at Block
Senior Engineering Leader at AWS

Related

AI fixes everything, C++ the actual worst, IAM is hard – ASW #308

This week, in the Application Security News, we dismiss magical thinking and discuss what generative AI will actually be able to do for us. We also discuss whether Secure by Design's goals are practical or not. OSC&R releases a report on software supply chain that should be interesting, though neither of us had time to read it yet. Also, Wat...