New Ideas. New Voices. New Hosts.

New Ideas. New Voices. New Hosts.

Author: The OWASP Podcast Series February 2, 2022 Duration: 18:21
The OWASP Podcast Series
Technology
8 years ago I took over the OWASP Podcast from Jim Manico, originator of the project. In that time over 160 episodes have been published, with over 500,000 downloads. It has been a fun project, but it’s time to change things up a bit. There is a lot going on at OWASP, even more going on with the technology industry when it comes to cybersecurity. It’s too much for one person to keep up with. Enter the idea of multiple co-hosts for the podcast. Many of you listening already know of Vandana Verma and Matt Tesauro from their work with OWASP. I called to ask if they’d like to share the platform, producing their own episodes around a chosen concept. In today’s episode, Vandana, Matt and I talk about thoughts of an expanded concept for the podcast. We’ll each explain what we will be covering in our shows, and what you can expect to hear in the coming year. Our plan is to have three shows, (kind of like NPR programming when I think of it), under one umbrella: The OWASP Podcast Series. Come along with us and we talk through the new series and what it will me to you, as a listener.

Tune in to The OWASP Podcast Series for genuine conversations that go beyond the headlines of cybersecurity. Instead of dry lectures, you'll hear from the people actually building, testing, and defending the software that shapes our world. Each episode sits down with a different practitioner or innovator, pulling insights directly from their daily work and long-term vision. The discussions are grounded in the real challenges of application security, offering practical knowledge and forward-thinking strategies. This podcast provides a unique audio space to understand the evolving threats and defensive techniques critical for our digital infrastructure. You’ll find the dialogue is both technical and accessible, demystifying complex topics through the experiences of those on the front lines. The goal is to share actionable wisdom from the OWASP community and its extended network, focusing on how to create more resilient systems. By listening, you gain a deeper appreciation for the ongoing effort required to secure technology for everyone. It’s an essential resource for developers, security professionals, and anyone curious about the foundational work of safeguarding our connected future. The series turns abstract concepts into tangible lessons, all through the voices of the individuals dedicated to this crucial mission.
Author: Language: English Episodes: 100

Official website RSS
youtubelinkedingithub
The OWASP Podcast Series
Podcast Episodes
Strategic Asymetry - Leveling the Playing Field w/ Chetan Conikee [not-audio_url] [/not-audio_url]

Duration: 34:42
"In the past when we were writing software, it was our engineers and our organizations that had total cost of ownership of that software. But now, that has fundamentally changed. Engineers are using open source software…
Threat Modeling - A Disaster Story with Edwin Kwan [not-audio_url] [/not-audio_url]

Duration: 18:05
We continue the "Epic Failures in DevSecOps" series by speaking with Edwin Kwan on his chapter, "Threat Modeling - A Disaster Story". Edwin is Application and Software Security Team Lead at Tyro Payments. In our discussi…
The DevSecOps Unicorn Rodeo w/ Stefan Streichsbier [not-audio_url] [/not-audio_url]

Duration: 23:24
Stefan Streichsbier talks about his chapter, "Unicorn Rodeos", in the just released book, "Epic Failures in DevSecOps". We start with where did the chapter name come from and what does it mean, then lead into his three m…
The DevSecOps Experiment [not-audio_url] [/not-audio_url]

Duration: 14:22
DJ Schleen talks about his upcoming 15 part video series, "The DevSecOps Experiment", where he will walk through the setup of a software supply chain, including building in security during every step of the process. This…
Open Source Vulnerabilities - Who is Ultimately Responsible [not-audio_url] [/not-audio_url]

Duration: 46:31
In this broadcast, I speak with Chris Roberts and Derek Weeks about lines of responsibility and npm package highjacking in light of the event-stream vulnerability announcement last week. The announcement of the event-str…
event-stream: Analysis of a Compromised npm Package [not-audio_url] [/not-audio_url]

Duration: 21:36
Once again, the pattern of taking over a known package and modifying it with malicious intent has happened. In this case, it's with the event-stream module in the npm repository. In this broadcast I speaker with Thomas H…
Spy vs Spy in Application Security: Harvesting Adversaries [not-audio_url] [/not-audio_url]

Duration: 16:13
"The guy who wrote wifi software with SSID never imagined that someone could use that SSID to transmit data by writing two smaller applications to leverage it. We are constantly going to be in this [type of] battle. Ulti…
Moving from Projects to Products w/ Mik Kersten [not-audio_url] [/not-audio_url]

Duration: 39:24
"If you look inside a large enterprise IT organization, they have this very bizarre and broken layer that's completely separating the way that business thinks in terms of products, budgets and costs, and the way IT peopl…
The Journey to Open Source at Capital One w/ Tapabrata "Topo" Pal [not-audio_url] [/not-audio_url]

Duration: 19:44
Why would you allow open source usage in your company. What are the compelling reasons to take the risk. In this discussion, I talk with Topo Pal and Derek Weeks about the industry perception of open source and what's re…
The Future of Software and DevOps / with Sacha Labourey [not-audio_url] [/not-audio_url]

Duration: 23:22
"The compensation, the incentives that people have are very much anchored in short term objectives that do not take into account the vision for the bigger transformations that are happening within the market." -- Sacha L…

«1...345678910»