Ep. 123: Goals of Security Culture - Sort of?

Ep. 123: Goals of Security Culture - Sort of?

Author: Jardine Software Inc. February 18, 2025 Duration: 7:56
DevelopSec: Developing Security Awareness
TechnologyEducationNews
In this episode, I talk about how security is a part of everyone's role and the labeling of "Security Culture". I share some ideas on how to improve on role based security awareness and building stronger relationships between security and the rest of the organization. For more info go to https://www.developsec.com or follow us on X (@developsec). Send us Fan Mail For more info go to https://www.developsec.com or follow us on X (@developsec). The DevelopSec podcast is brought to you by Jardine...

Ever find yourself wondering how the digital tools you build every day can be made more resilient? DevelopSec: Developing Security Awareness, from Jardine Software Inc., digs into the practical realities of application security. This isn't about abstract theory; it's a grounded conversation for developers, engineers, and tech leaders who know that security is now a core part of the development lifecycle. Each episode focuses on a specific topic, breaking down how vulnerabilities emerge in code and, more importantly, how to identify and mitigate them before they become a problem. You'll hear straightforward discussions on everything from common coding flaws to emerging threats, providing actionable insights you can apply directly to your projects. The goal is to build a more intuitive security mindset, transforming it from a compliance checkpoint into a natural part of the development process. Tune into this podcast for a clear-eyed look at securing applications, where complex concepts are made accessible without sacrificing depth. It's a resource for anyone ready to move beyond curiosity and actively strengthen their work.
Author: Language: English Episodes: 100

Official website RSS
youtubelinkedinspotify
DevelopSec: Developing Security Awareness
Podcast Episodes
Ep. 58: "Untrusted" Data [not-audio_url] [/not-audio_url]

Duration: 21:40
Have you heard someone mention "untrusted" data? Applications take data from multiple data sources and we are often confused on what should be trusted or not. In this episode, James Jardine talks about untrusted data and…
Ep. 57: Source Code Review [not-audio_url] [/not-audio_url]

Duration: 21:59
Are you an organization looking to do source code review? Are you trying to hire a pen tester with source code review as a duty? James talks about Secure Code Review and some common implementations. For more info go to h…
Ep. 56: Security Contacts [not-audio_url] [/not-audio_url]

Duration: 12:32
Do you have a clear path for users to contact you about potential security issues in your application or device? Is there a potential for the communication to be lost in the mix? James talks about how it is important for…
Ep. 55: Scoping an application security assessment (Applications) [not-audio_url] [/not-audio_url]

Duration: 12:03
Having a penetration test performed against your applications? Do you have mobile and web applications performing the same functionality? James talks about the reason behind doing these assessments at the same time vs. s…
Ep. 54: WAFs and Pen Testing [not-audio_url] [/not-audio_url]

Duration: 16:19
Your pen tester want you to white list them in your WAF? What should you do? Why do they ask? James breaks it down for you in this episode. For more info go to https://www.developsec.com or follow us on twitter (@develop…
Ep. 53: Chrome Changing Secure Notifications [not-audio_url] [/not-audio_url]

Duration: 17:09
We talk HTTP/HTTPS all the time. Google just announced that in January they are going to change how they display their secure/not secure indicators for HTTP sites that have passwords or credit cards. James talks about ho…
Login Forms and HTTPS [not-audio_url] [/not-audio_url]

Duration: 10:28
Are your login forms secure? Are you sure? In this episode James talks about potential risks with presenting your login forms when using HTTPS and how to avoid them. We often are focused on HTTPS for the submission of cr…
Ep. 52: Importance of UI to Security [not-audio_url] [/not-audio_url]

Duration: 11:37
The user interface plays a big part in the security of an application. We often only look at flaws such as XSS, but here James provides an example of the lack of Input Validation messages creating a Denial of Service typ…
Ep. 51: Everything is a target [not-audio_url] [/not-audio_url]

Duration: 12:48
James discusses how all applications, big or small, are a potential target and need to have secure coding practices. We often only look at our big applications from a security perspective, but in reality, all application…
Ep. 50: How Serious is Username Enumeration [not-audio_url] [/not-audio_url]

Duration: 23:06
In this episode, James talks about what Username Enumeration is, how it can be used by attackers, and some ways to help reduce the risk of it. For more info go to https://www.developsec.com or follow us on twitter (@deve…

«1...45678910»