Best Sdlc Podcasts (2024)

1
CCT 134: CISSP Insights into Software Development Life Cycle (SDLC) 42:32

17m ago42:32

42:32

Unlock the secrets of weaving impenetrable security into the fabric of software development, as we dissect the Software Development Life Cycle and its crucial role in cybersecurity. We're not just coding; we're crafting digital fortresses that stand resilient against the onslaught of cyber threats. From the strategic implementation of least privile…

1
#23 Figure 01: Robot of the future, Cognition Labs set to redefine SDLC, EU passes world’s first comprehensive AI law, Anthropic releases Claude 3, Drama between Elon Musk and Sam Altman, New AI regulations ... 25:07

24d ago25:07

25:07

In this episode of AI Nexus, hosts Elias and Newton delve into the latest developments in the world of artificial intelligence, exploring groundbreaking innovations, impending regulations, and notable controversies that shape the AI landscape. The hosts kicked off the discussion by highlighting recent AI news, including Emad Mostaque stepping down …

1
Mastering Microservices and Breaking Up the Monolith 13:22

1h ago13:22

13:22

Back in the 2000s, code lived in one execution thread. Database queries, user interactions, and data pipelines were all managed by the same processes. The problem? Everything was interconnected and interdependent. Fixing one thing might break another. Releases were all or nothing. We call this monolith hell. Your ticket out? Microservices. In this …

1
Sustainable Funding of Open Source Tools - Mark Curphey, Simon Bennetts - ASW #282 1:17:57

27m ago1:17:57

1:17:57

How can open source projects find a funding model that works for them? What are the implications with different sources of funding? Simon Bennetts talks about his stewardship of Zed Attack Proxy and its journey from OWASP to OpenSSF to an Open Source Fellowship with Crash Override. Mark Curphy adds how his experience with OWASP and the appsec commu…

1
CCT 133: Practice CISSP Questions – Firewalls, NGFWs, Static Packet Filtering and More (D7.7.1) 20:26

7d ago20:26

20:26

Unlock the secrets of cutting-edge cybersecurity as we navigate the revolutionary impact of drone technology in the insurance industry and delve into the critical components of network security essential for CISSP certification. Sean Gerber here, and I'm eager to guide you through the complex landscape of firewalls, from the fundamentals to next-ge…

1
Are We in an AI Information Bubble? 26:59

1d ago26:59

26:59

Are we in an AI bubble? We can't stop talking about AI in tech. It's at every conference and in every startup pitch. But is the rest of the world as enamored as we are? In this conversation, we explore AI’s impact beyond the echo chamber of the tech industry. We look at attitudes toward AI in other spaces, from healthcare to finance, weighing the r…

1
GitHub Copilot: Redefining Software Engineering with AI Tools 31:55

1d ago31:55

31:55

Discover how AI is revolutionizing the way we write code with Mike Allen, a seasoned software development virtuoso, as he unpacks the transformative powers of GitHub Copilot. Mike's deep dive into the integration of OpenAI's GPT model with GitHub's repositories reveals how this cutting-edge tool is elevating developers' efficiency and precision. By…

1
Demystifying Security Engineering Career Tracks - Karan Dwivedi - ASW #281 1:03:23

8d ago1:03:23

1:03:23

There are as many paths into infosec as there are disciplines within infosec to specialize in. Karan Dwivedi talks about the recent book he and co-author Raaghav Srinivasan wrote about security engineering. There's an appealing future to security taking on engineering roles and creating solutions to problems that orgs face. We talk about the breadt…

1
CCT 132: Firewalls, NGFW, Static Packet Filtering, Application, Circuit Level, Proxy's, URL Filtering (D7.7.1) 42:41

4d ago42:41

42:41

Dive into the digital trenches with me, Sean Gerber, and ward off cyber threats as we dissect the intricate design of firewalls. Cybersecurity isn't just tech jargon; it's a barricade guarding our financial fortresses from trillion-dollar breaches. In this comprehensive session, we don't just skim through firewall types and setups; we equip you for…

1
CCT 131: Practice CISSP Questions - Mastering Vulnerability Assessments and Network Scanning (D6.2.1) 20:22

7d ago20:22

20:22

Cybersecurity's battleground is evolving with AI and quantum computing at the forefront. Are you prepared for the oncoming digital storm? Join me, Shon Gerber, as we reinforce crucial skills for vulnerability assessments and network scanning, and delve into the promising yet perilous world where artificial intelligence meets digital defense. With i…

1
Blockchain, Deepfakes, and AI, Oh My! 38:58

8d ago38:58

38:58

Imagine a world where every piece of digital content can be verified and traced back to its source. Lindsay Walker, Product Lead at Starling Lab for Data Integrity, walks us through the emerging tools that could make this possible. While AI tools hold incredible potential for good, Lindsay also warns against threats and countermeasures needed to ke…

1
Lessons That The XZ Utils Backdoor Spells Out - Farshad Abasi - ASW #280 1:00:18

15d ago1:00:18

1:00:18

We look into the supply chain saga of the XZ Utils backdoor. It's a wild story of a carefully planned long con to add malicious code to a commonly used package that many SSH connections rely on. It hits themes from social engineering and abuse of trust to obscuring the changes and suppressing warnings. It also has a few lessons about software devel…

1
CCT 130: Securing the Digital Frontier - Mastering Vulnerability Assessments and Network Scanning (D6.2.1) 40:03

10d ago40:03

40:03

Join me, Shon Gerber, on a journey that cuts through the complex undergrowth of cybersecurity's vulnerability assessments. This week's episode is a treasure trove for CISSP exam candidates and professionals alike, as we unpack the intricate details of CVEs, CVSS scores, and the acronyms that are the bread and butter of our industry. Discover how th…

1
CCT 129: Practice CISSP Questions – Deprovisioning and Role Definitions (D5.5.2-3) 19:19

15d ago19:19

19:19

Cybersecurity isn't just a buzzword—it's the fortress between your data and a barrage of cyber threats. I'm Sean Gerber, and in this deep-dive session, we confront the stark reality of a world where ransomware attacks have soared, as per a Scottish non-profit's alarming statistics. Doubling down on the urgency for cyber resilience, we underscore th…

1
From Poker Pro to Coding Ace: Mastering Software Engineering with a Gambler's Grit 40:05

16d ago40:05

40:05

Ever shuffled a deck of cards and found your life's calling? That's precisely what Jason did, transitioning from the high-stakes world of professional poker to the meticulous craft of software engineering. Our latest episode brings you the story of this remarkable shift, as Jason shares his insights on mastering poker, the emotional rollercoaster o…

1
Infosec Myths, Mistakes, and Misconceptions - Adrian Sanabria - ASW #279 1:00:57

17d ago1:00:57

1:00:57

Sometimes infosec problems can be summarized succinctly, like "patching is hard". Sometimes a succinct summary sounds convincing, but is based on old data, irrelevant data, or made up data. Adrian Sanabria walks through some of the archeological work he's done to dig up the source of some myths. We talk about some of our favorite (as in most dislik…

1
CCT 128: CISSP Mastery - Deprovisioning and Role Definitions (D5.5.2-3) 40:22

17d ago40:22

40:22

Could your company's board benefit from cybersecurity expertise? Discover the untold impact security professionals can make in risk mitigation and financial stability. This week on the CISSP Cyber Training Podcast, I, Sean Gerber, navigate the critical intersection of cybersecurity and corporate governance, underscoring a need for expertise that's …

1
CCT 127: Practice CISSP Questions – Secure Communication Protocols (D4.1.3) 17:17

26d ago17:17

17:17

Embark on an exciting foray into the ever-evolving world of cybersecurity with me, Sean Gerber, as I chart a new course into independent consultancy. The waters are rough, with the UK's critical infrastructure facing an unprecedented OT threat landscape, exacerbated by global geopolitical unrest. Uncover how seemingly secure supply chains and legac…

1
Unleashing Frameworks: A Live Audience Experience 51:40

22d ago51:40

51:40

On this thrilling LIVE session of 'Test Case Scenario' our esteemed host Jason Baum is accompanied by co-hosts Nikolay Advolodkin, Evelyn Coleman, and Marcus Merrell. With special guests, open-source advocates, Diego Molina, Christian Bromann, and Titus Fortner, we explore topics such as ownership, governance, and the sustainability of open-source …

1
Blazor Vs JavaScript: Unpacking Pros and Cons of Each 26:33

23d ago26:33

26:33

Ready to revolutionize the way you approach web development? That’s precisely what awaits you with Aaron Varga, the Microsoft maestro from Pittsburgh, lighting the path in this tech-packed episode. With his seasoned insights, we unravel the mysteries behind Blazor and JavaScript, comparing their functionalities, productivity, and how they've shaped…

1
Successful Security Needs a Streamlined UX - Benedek Gagyi - ASW #278 1:09:03

24d ago1:09:03

1:09:03

One of the biggest failures in appsec is an attitude that blames users for security problems. A lot of processes and workflows break down because of an insecure design or insecure defaults. Benedek Gagyi chats with us about the impact of the user experience (UX) on security and why it's not only important to understand how to make a user's life eas…

1
CCT 126: CISSP Expertise Unveiled - Secure Communication Protocols and Defense Strategies in Cybersecurity (D4.1.3) 32:45

24d ago32:45

32:45

Embark on a cybersecurity odyssey with Sean Gerber as he reveals his leap into the consultancy realm, navigating the precarious balance between the thrill of independence and the stark realities of forging a new path. This episode offers an insider's perspective on secure communication protocols, a fundamental aspect of the CISSP exam, and a critic…

1
CCT 125: Practice CISSP Questions - Integrity Unhashed through Ensuring Message Authenticity with the CISSP (D3.6) 19:34

28d ago19:34

19:34

Embark on a transformative journey with me, Sean Gerber, as I share the pivotal moment of venturing into full-time cybersecurity consulting after a significant chapter of my career. It's a time of change and opportunity, not just for me but for the entire cybersecurity landscape, as we witness the shockwaves of a ransomware attack on Change Healthc…

1
Microsoft Teams: Awesome Features for Enhanced Work Efficiency 33:10

1M ago33:10

33:10

Ever feel like you're just scratching the surface of what Microsoft Teams can do for your workplace? Prepare to unlock new levels of productivity and innovation as we sit down with Jeremy Brewer, an Azure architect from Emergent Software, who's turning thLearne tide on workplace collaboration. Our enlightening discussion traverses from the cutting-…

1
Figuring Out Where Appsec Fits When Starting a Cybersecurity Program - Tyler VonMoll - ASW #277 1:13:20

1M ago1:13:20

1:13:20

Lots of companies need cybersecurity programs, as do non-profits. Tyler Von Moll talks about how to get small organizations started on security and how to prioritize initial investments. While an appsec program likely isn't going to be one of the first steps, it's going to be an early one. What decisions can you make at the start that will benefit …

1
CCT 124: Integrity Unhashed through Ensuring Message Authenticity with the CISSP (D3.6) 31:26

1M ago31:26

31:26

Could your passwords withstand a cyber siege by expert Russian hackers? My latest podcast episode serves as a wakeup call to the cyber threats looming over us, showcasing the recent breach of Microsoft's test environment. As Sean Gerber, I dissect the pivotal missteps in password management and underscore the lifesaving grace of multi-factor authen…

1
CCT 123: Practice CISSP Questions – Data Security Controls and Compliance Requirements (D2.6) 20:30

1M ago20:30

20:30

Confront the cyber siege that has the healthcare industry on high alert; this episode sees me, Sean Gerber, dissecting the harrowing United Healthcare ransomware crisis that's rocked our nation. We're not just crunching numbers here—$22 million in ransom to Black Cat hackers signifies more than a hefty payout, it's a stark reminder of our critical …

1
Unlocking Dev Success: ngrok, Tech Innovations & Developer Communities 41:16

1M ago41:16

41:16

Join 'Test Case Scenario' with Scott McAllister, Developer Advocate at ngrok. Explore ngrok's innovative approach to securing and exposing local services online, aiding businesses like restaurants with seamless order integrations. Learn how ngrok differs from traditional VPNs, saving developers time while ensuring security through OAuth integration…

1
More API Calls, More Problems: The State of API Security in 2024 - Lebin Cheng - ASW #276 1:12:17

1M ago1:12:17

1:12:17

A majority of internet traffic now originates from APIs, and cybercriminals are taking advantage. Increasingly, APIs are used as a common attack vector because they’re a direct pathway to access sensitive data. In this discussion, Lebin Cheng shares what API attack trends Imperva, a Thales Company has observed over the past year, and what steps org…

1
CCT 122: CISSP Deep Dive: Uncovering Data Encryption, Loss Prevention, and Code Obfuscation Strategies (D2.6) 44:54

1M ago44:54

44:54

Embarking on a new chapter in my cybersecurity journey, I can't wait to share the depth of insights that come with stepping into the consulting realm. The world of cybersecurity is ever-evolving, and I'm here to navigate this complex landscape with you, offering the expertise you need to protect your data in today's digital battleground. From decip…

1
Harnessing SDLC for Superior Tech Solutions and Team Dynamics 47:01

1M ago47:01

47:01

Discover how the software development landscape is radically shifting with insights from Sal, director of product delivery at Emergent Software. He brings you the inside track on Agile methodologies and their transformative impact on tech deliverables. We promise you'll gain a profound understanding of the need for speed and responsiveness in creat…

1
CCT 121: Practice CISSP Questions - Navigating Security Policies and BIA Basics (Domain 1) 20:57

2M ago20:57

20:57

Imagine your Ubiquiti router as an open treasure chest amidst cyber pirates—how long before it's plundered? This episode throws you a lifeline, urging IoT and critical infrastructure pros to safeguard their digital booty by updating those default credentials, stat! But it's not all about fending off Russian cyber threats; we also turn the tables wi…

1
CICD & QA: Boosting Cybersecurity in SDLC 32:39

1M ago32:39

32:39

Discover how Continuous Integration/Continuous Deployment (CICD) and quality assurance (QA) bolster cybersecurity in the Software Development Life Cycle (SDLC). Join us on this episode of Test Case Scenario as we uncover strategies to enhance defenses against cyber threats with special guest, Karen Laiacona Frazier, Senior Director QA at Unqork. Le…

1
The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275 1:19:26

2M ago1:19:26

1:19:26

The need for vuln management programs has been around since the first bugs -- but lots of programs remain stuck in the past. We talk about the traps to avoid in VM programs, the easy-to-say yet hard-to-do foundations that VM programs need, and smarter ways to approach vulns based in modern app development. We also explore the ecosystem of acronyms …

1
CCT 120: CISSP Essentials: Navigating Security Policies and BIA Basics (Domain 1) 38:12

2M ago38:12

38:12

Get ready to fortify your cybersecurity knowledge base, as I, Sean Gerber, guide you through the labyrinth of security policies and the pivotal Business Impact Analysis (BIA). Our latest CISSP Cyber Training Podcast episode is a treasure trove of insights, where we unravel how security policies aren't just documentation—they're the shields guarding…

1
CCT 119: Practice CISSP Questions – Integrated Product Team (IPT) and Waterfall, Spiral, Agile, Scrum Development (D8.1.2-8.1.5) 15:21

2M ago15:21

15:21

Unlock the secrets to crafting impenetrable software as we delve into Domain 8 of the CISSP exam, where design and architecture reign supreme in the security integration battle. Prepare to have your coding paradigms shifted and your architectural blueprints fortified in this episode, which is nothing short of a cyber-fortification masterclass. We t…

1
Communicating the Value of Testing Internally 31:06

2M ago31:06

31:06

Get ready to debunk testing myths with Ross Radford in the latest 'Test Case Scenario' episode! Ross, Director of Software Engineering at BarSign, joins Jason, Nikolay, Marcus, and Evelyn, as they banter about the roles of testing in professional workflow and management, how to communicate the importance of testing to leadership, and the question o…

1
Creating the Secure Pipeline Verification Standard - Farshad Abasi - ASW #274 56:59

2M ago56:59

56:59

Farshad Abasi joins us again to talk about creating a new OWASP project, the Secure Pipeline Verification Standard. (Bonus points for not being a top ten list!) We talk about what it takes to pitch a new project and the problems that this new project is trying to solve. For this kind of project to be successful -- as in making a positive impact to …

1
#22 SORA: New OpenAI marvel, Emotion Prompts could be a thing, Gemini: The truth about AI Biases 31:14

2M ago31:14

31:14

In this episode of AI Nexus, hosts Elias and Newton delve deeper into the dynamic landscape of artificial intelligence, dissecting recent advancements and emerging challenges. Their conversation kicks off with a fascinating exploration of the power of language in interacting with AI chatbots like ChatGPT. Elias and Newton discuss the concept of "em…

1
CCT 118: Integrated Product Team (IPT) and Waterfall, Spiral, Agile, Scrum Development (D8.1.2-8.1.5) 36:07

2M ago36:07

36:07

Are you prepared to navigate the intricate maze of software development and cybersecurity? This week's episode guarantees to arm you with the expertise to conquer the CISSP exam and apply these vital skills in the real world. We delve into the structures and strategies that define successful software projects, comparing the precision of the waterfa…

1
CCT 117: CISSP Practice Questions - Navigating the CISSP Incident Management Maze (D7) 14:01

2M ago14:01

14:01

Unlock the secrets to expert incident response with me, Sean Gerber, in this week’s CISSP Cyber Training Podcast. We're crunching down on the essential steps to effectively detect, respond to, mitigate, and recover from cybersecurity incidents. If you're serious about acing the CISSP exam and expanding your cybersecurity acumen, this episode is you…

Podcasts Worth a Listen

Sdlc Podcasts

Podcasts Worth a Listen

Quick Reference Guide