Application Security Weekly Subscribe

Cloud Security, Application security, DevSecOps

Transforming Modern Software Development with Developer-First AppSec – Jeff Williams – ASW #166

September 20, 2021

Modern software development demands a different approach to application security. Contrast’s developer-first Application Security Platform empowers developers to accelerate the release of secure code with highly accurate results that include context-aware, how-to-fix vulnerability remediation guidance.

Segment Resources:

2021 Application Security Observability Report: https://www.contrastsecurity.com/hubfs/DocumentsPDF/2021ApplicationSecurityObservabilityReport.pdf

White Paper: Pipeline-native Scanning for Modern Application Development https://www.contrastsecurity.com/hubfs/Pipeline-native-Scanning-for-Modern-Application-DevelopmentWhite%20PaperFinal.pdf

DevSecOps Requires a Platform Approach to Application Security https://www.contrastsecurity.com/hubfs/DocumentsPDF/DevSecOps-Requires-a-Platform-Approach-to-Application-Security_Whitepaper.pdf

This segment is sponsored by Contrast Security.

Visit https://securityweekly.com/contrast to learn more about them!

Sponsored By

Contrast Security

Full episode and show notes

Announcements

Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guest

Co-Founder and Chief Technology Officer at Contrast Security

Jeff brings more than 20 years of security leadership experience as Co-Founder and Chief Technology Officer of Contrast. Previously, Jeff was Co-Founder and Chief Executive Officer of Aspect Security, a successful and innovative application security consulting company acquired by Ernst & Young. Jeff is also a founder and major contributor to OWASP, where he served as Global Chairman for eight years and created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet, and many other widely adopted free and open projects.

Hosts

Tech Lead at Block

Senior Engineering Leader at AWS

Related

Cloud Security for SMBs: Strategies, Risks, and Resources – Adam John – CSP #205

December 17, 2024

Jess and Adam discuss cloud security challenges for SMBs, emphasizing strategic planning, compliance with regulations like CMMC, and vendor due diligence. They highlight common pitfalls like the illusion of security and inadequate staffing while offering cost-effective solutions like virtual CISOs. Practical tips help SMBs secure their data, naviga...

Ancient Curl Bug, AWS re:Invent, Malware in NPM, Census III Report, MS OTP – ASW #311

December 16, 2024

Curl's oldest bug yet, RCPs (and more!) from AWS re:Invent, possible controls for NPM's malware proliferation, insights and next steps on protecting top 500 packages from the Census III report, the flawed design choice that made Microsoft's OTP (successfully) brute-forceable, and more! 00:00 - Intro & Cyber Resilience Insights 01:20 - The 25-Y...

AWS does IR, credit card canarytokens, shared responsibility, phishing tests do harm – ESW #387

December 12, 2024

This week, in the enterprise security news, NOTE: We didn't get to 2, 3, 5, or 7 due to some technical difficulties and time constraints, but we'll hit them next week! The show notes have been updated to reflect what we actually discussed this week: https://www.scworld.com/podcast-segment/13370-enterprise-security-weekly-387 Snowflake takes sec...