The Application Security Weekly podcast delivers interviews and news from the worlds of AppSec, DevOps, DevSecOps, and all the other ways people find and fix software flaws. Join hosts Mike Shema, John Kinsella, and Akira Brand on a journey through modern security practices for apps, clouds, containers, and more.
…
continue reading
Brief of SDLC Cover art photo provided by Vanessa Ives on Unsplash: https://unsplash.com/@vanessaives
…
continue reading
Join us every other week on "Test Case Scenario" presented by Sauce Labs, where our expert panel dives into the exciting and ever-changing landscape of technology, pop culture, and business. Host Jason Baum, Director of Community at Sauce Labs, will lead the discussion with our esteemed recurring panelists: Marcus Merrell, VP of Technology Strategy; Nikolay Advolodkin, Senior Developer Advocate and Evelyn Coleman, Manager of Implementation Engineering. Get ready to uncover the impact of cont ...
…
continue reading
Brought to you by Emergent Software, we talk about the latest news and tips in the software engineering and Microsoft world. Visit https://www.emergentsoftware.net/ to see how you can become more efficient and effective using the Microsoft Cloud.
…
continue reading
A melting pot for all things Artificial Intelligence, including the latest AI News, trends, technologies, reviews, analyses, and more!
…
continue reading
1
CISSP Cyber Training Podcast - CISSP Training Program
Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur
Join Shon Gerber on his weekly CISSP Cyber Training podcast, where his extensive 22-year background in cybersecurity shines through. With a rich history spanning corporate sectors, government roles, and academic positions, Shon imparts the essential insights and advice necessary to conquer the CISSP exam. His expertise is not just theoretical; as a CISSP credential holder since 2009, Shon translates his deep understanding into actionable training. Each episode is packed with invaluable secur ...
…
continue reading
Official podcasts channel for The Foote School in New Haven, CT.
…
continue reading
Tune into our tech conversations that allow you to stay up to date on tech trends. Our podcasts revolve around cutting edge tech topics from the most insightful hosts from Knoldus.
…
continue reading
Learn how the top brands wow customers through production-first engineering. On this podcast you will find the tactics, methodologies, and metrics used to drive customer value by the engineering leaders actually doing it. Join Rookout CTO, Liran Haimovitch as he explores how customer-centric brands approach engineering to create a competitive advantage; with interviews covering topics such as automation, issue resolution, team structure, DevOps, and more.
…
continue reading
1
CCT 134: CISSP Insights into Software Development Life Cycle (SDLC)
42:32
42:32
Play later
Play later
Lists
Like
Liked
42:32
Unlock the secrets of weaving impenetrable security into the fabric of software development, as we dissect the Software Development Life Cycle and its crucial role in cybersecurity. We're not just coding; we're crafting digital fortresses that stand resilient against the onslaught of cyber threats. From the strategic implementation of least privile…
…
continue reading
1
#23 Figure 01: Robot of the future, Cognition Labs set to redefine SDLC, EU passes world’s first comprehensive AI law, Anthropic releases Claude 3, Drama between Elon Musk and Sam Altman, New AI regulations ...
25:07
25:07
Play later
Play later
Lists
Like
Liked
25:07
In this episode of AI Nexus, hosts Elias and Newton delve into the latest developments in the world of artificial intelligence, exploring groundbreaking innovations, impending regulations, and notable controversies that shape the AI landscape. The hosts kicked off the discussion by highlighting recent AI news, including Emad Mostaque stepping down …
…
continue reading
1
Mastering Microservices and Breaking Up the Monolith
13:22
13:22
Play later
Play later
Lists
Like
Liked
13:22
Back in the 2000s, code lived in one execution thread. Database queries, user interactions, and data pipelines were all managed by the same processes. The problem? Everything was interconnected and interdependent. Fixing one thing might break another. Releases were all or nothing. We call this monolith hell. Your ticket out? Microservices. In this …
…
continue reading
1
Sustainable Funding of Open Source Tools - Mark Curphey, Simon Bennetts - ASW #282
1:17:57
1:17:57
Play later
Play later
Lists
Like
Liked
1:17:57
How can open source projects find a funding model that works for them? What are the implications with different sources of funding? Simon Bennetts talks about his stewardship of Zed Attack Proxy and its journey from OWASP to OpenSSF to an Open Source Fellowship with Crash Override. Mark Curphy adds how his experience with OWASP and the appsec commu…
…
continue reading
1
CCT 133: Practice CISSP Questions – Firewalls, NGFWs, Static Packet Filtering and More (D7.7.1)
20:26
20:26
Play later
Play later
Lists
Like
Liked
20:26
Unlock the secrets of cutting-edge cybersecurity as we navigate the revolutionary impact of drone technology in the insurance industry and delve into the critical components of network security essential for CISSP certification. Sean Gerber here, and I'm eager to guide you through the complex landscape of firewalls, from the fundamentals to next-ge…
…
continue reading
Are we in an AI bubble? We can't stop talking about AI in tech. It's at every conference and in every startup pitch. But is the rest of the world as enamored as we are? In this conversation, we explore AI’s impact beyond the echo chamber of the tech industry. We look at attitudes toward AI in other spaces, from healthcare to finance, weighing the r…
…
continue reading
1
GitHub Copilot: Redefining Software Engineering with AI Tools
31:55
31:55
Play later
Play later
Lists
Like
Liked
31:55
Discover how AI is revolutionizing the way we write code with Mike Allen, a seasoned software development virtuoso, as he unpacks the transformative powers of GitHub Copilot. Mike's deep dive into the integration of OpenAI's GPT model with GitHub's repositories reveals how this cutting-edge tool is elevating developers' efficiency and precision. By…
…
continue reading
1
Demystifying Security Engineering Career Tracks - Karan Dwivedi - ASW #281
1:03:23
1:03:23
Play later
Play later
Lists
Like
Liked
1:03:23
There are as many paths into infosec as there are disciplines within infosec to specialize in. Karan Dwivedi talks about the recent book he and co-author Raaghav Srinivasan wrote about security engineering. There's an appealing future to security taking on engineering roles and creating solutions to problems that orgs face. We talk about the breadt…
…
continue reading
1
CCT 132: Firewalls, NGFW, Static Packet Filtering, Application, Circuit Level, Proxy's, URL Filtering (D7.7.1)
42:41
42:41
Play later
Play later
Lists
Like
Liked
42:41
Dive into the digital trenches with me, Sean Gerber, and ward off cyber threats as we dissect the intricate design of firewalls. Cybersecurity isn't just tech jargon; it's a barricade guarding our financial fortresses from trillion-dollar breaches. In this comprehensive session, we don't just skim through firewall types and setups; we equip you for…
…
continue reading
1
CCT 131: Practice CISSP Questions - Mastering Vulnerability Assessments and Network Scanning (D6.2.1)
20:22
20:22
Play later
Play later
Lists
Like
Liked
20:22
Cybersecurity's battleground is evolving with AI and quantum computing at the forefront. Are you prepared for the oncoming digital storm? Join me, Shon Gerber, as we reinforce crucial skills for vulnerability assessments and network scanning, and delve into the promising yet perilous world where artificial intelligence meets digital defense. With i…
…
continue reading
Imagine a world where every piece of digital content can be verified and traced back to its source. Lindsay Walker, Product Lead at Starling Lab for Data Integrity, walks us through the emerging tools that could make this possible. While AI tools hold incredible potential for good, Lindsay also warns against threats and countermeasures needed to ke…
…
continue reading
1
Lessons That The XZ Utils Backdoor Spells Out - Farshad Abasi - ASW #280
1:00:18
1:00:18
Play later
Play later
Lists
Like
Liked
1:00:18
We look into the supply chain saga of the XZ Utils backdoor. It's a wild story of a carefully planned long con to add malicious code to a commonly used package that many SSH connections rely on. It hits themes from social engineering and abuse of trust to obscuring the changes and suppressing warnings. It also has a few lessons about software devel…
…
continue reading
1
CCT 130: Securing the Digital Frontier - Mastering Vulnerability Assessments and Network Scanning (D6.2.1)
40:03
40:03
Play later
Play later
Lists
Like
Liked
40:03
Join me, Shon Gerber, on a journey that cuts through the complex undergrowth of cybersecurity's vulnerability assessments. This week's episode is a treasure trove for CISSP exam candidates and professionals alike, as we unpack the intricate details of CVEs, CVSS scores, and the acronyms that are the bread and butter of our industry. Discover how th…
…
continue reading
1
CCT 129: Practice CISSP Questions – Deprovisioning and Role Definitions (D5.5.2-3)
19:19
19:19
Play later
Play later
Lists
Like
Liked
19:19
Cybersecurity isn't just a buzzword—it's the fortress between your data and a barrage of cyber threats. I'm Sean Gerber, and in this deep-dive session, we confront the stark reality of a world where ransomware attacks have soared, as per a Scottish non-profit's alarming statistics. Doubling down on the urgency for cyber resilience, we underscore th…
…
continue reading
1
From Poker Pro to Coding Ace: Mastering Software Engineering with a Gambler's Grit
40:05
40:05
Play later
Play later
Lists
Like
Liked
40:05
Ever shuffled a deck of cards and found your life's calling? That's precisely what Jason did, transitioning from the high-stakes world of professional poker to the meticulous craft of software engineering. Our latest episode brings you the story of this remarkable shift, as Jason shares his insights on mastering poker, the emotional rollercoaster o…
…
continue reading
1
Infosec Myths, Mistakes, and Misconceptions - Adrian Sanabria - ASW #279
1:00:57
1:00:57
Play later
Play later
Lists
Like
Liked
1:00:57
Sometimes infosec problems can be summarized succinctly, like "patching is hard". Sometimes a succinct summary sounds convincing, but is based on old data, irrelevant data, or made up data. Adrian Sanabria walks through some of the archeological work he's done to dig up the source of some myths. We talk about some of our favorite (as in most dislik…
…
continue reading
1
CCT 128: CISSP Mastery - Deprovisioning and Role Definitions (D5.5.2-3)
40:22
40:22
Play later
Play later
Lists
Like
Liked
40:22
Could your company's board benefit from cybersecurity expertise? Discover the untold impact security professionals can make in risk mitigation and financial stability. This week on the CISSP Cyber Training Podcast, I, Sean Gerber, navigate the critical intersection of cybersecurity and corporate governance, underscoring a need for expertise that's …
…
continue reading
1
CCT 127: Practice CISSP Questions – Secure Communication Protocols (D4.1.3)
17:17
17:17
Play later
Play later
Lists
Like
Liked
17:17
Embark on an exciting foray into the ever-evolving world of cybersecurity with me, Sean Gerber, as I chart a new course into independent consultancy. The waters are rough, with the UK's critical infrastructure facing an unprecedented OT threat landscape, exacerbated by global geopolitical unrest. Uncover how seemingly secure supply chains and legac…
…
continue reading
1
Unleashing Frameworks: A Live Audience Experience
51:40
51:40
Play later
Play later
Lists
Like
Liked
51:40
On this thrilling LIVE session of 'Test Case Scenario' our esteemed host Jason Baum is accompanied by co-hosts Nikolay Advolodkin, Evelyn Coleman, and Marcus Merrell. With special guests, open-source advocates, Diego Molina, Christian Bromann, and Titus Fortner, we explore topics such as ownership, governance, and the sustainability of open-source …
…
continue reading
1
Blazor Vs JavaScript: Unpacking Pros and Cons of Each
26:33
26:33
Play later
Play later
Lists
Like
Liked
26:33
Ready to revolutionize the way you approach web development? That’s precisely what awaits you with Aaron Varga, the Microsoft maestro from Pittsburgh, lighting the path in this tech-packed episode. With his seasoned insights, we unravel the mysteries behind Blazor and JavaScript, comparing their functionalities, productivity, and how they've shaped…
…
continue reading
1
Successful Security Needs a Streamlined UX - Benedek Gagyi - ASW #278
1:09:03
1:09:03
Play later
Play later
Lists
Like
Liked
1:09:03
One of the biggest failures in appsec is an attitude that blames users for security problems. A lot of processes and workflows break down because of an insecure design or insecure defaults. Benedek Gagyi chats with us about the impact of the user experience (UX) on security and why it's not only important to understand how to make a user's life eas…
…
continue reading
1
CCT 126: CISSP Expertise Unveiled - Secure Communication Protocols and Defense Strategies in Cybersecurity (D4.1.3)
32:45
32:45
Play later
Play later
Lists
Like
Liked
32:45
Embark on a cybersecurity odyssey with Sean Gerber as he reveals his leap into the consultancy realm, navigating the precarious balance between the thrill of independence and the stark realities of forging a new path. This episode offers an insider's perspective on secure communication protocols, a fundamental aspect of the CISSP exam, and a critic…
…
continue reading
1
CCT 125: Practice CISSP Questions - Integrity Unhashed through Ensuring Message Authenticity with the CISSP (D3.6)
19:34
19:34
Play later
Play later
Lists
Like
Liked
19:34
Embark on a transformative journey with me, Sean Gerber, as I share the pivotal moment of venturing into full-time cybersecurity consulting after a significant chapter of my career. It's a time of change and opportunity, not just for me but for the entire cybersecurity landscape, as we witness the shockwaves of a ransomware attack on Change Healthc…
…
continue reading
1
Microsoft Teams: Awesome Features for Enhanced Work Efficiency
33:10
33:10
Play later
Play later
Lists
Like
Liked
33:10
Ever feel like you're just scratching the surface of what Microsoft Teams can do for your workplace? Prepare to unlock new levels of productivity and innovation as we sit down with Jeremy Brewer, an Azure architect from Emergent Software, who's turning thLearne tide on workplace collaboration. Our enlightening discussion traverses from the cutting-…
…
continue reading
1
Figuring Out Where Appsec Fits When Starting a Cybersecurity Program - Tyler VonMoll - ASW #277
1:13:20
1:13:20
Play later
Play later
Lists
Like
Liked
1:13:20
Lots of companies need cybersecurity programs, as do non-profits. Tyler Von Moll talks about how to get small organizations started on security and how to prioritize initial investments. While an appsec program likely isn't going to be one of the first steps, it's going to be an early one. What decisions can you make at the start that will benefit …
…
continue reading
1
CCT 124: Integrity Unhashed through Ensuring Message Authenticity with the CISSP (D3.6)
31:26
31:26
Play later
Play later
Lists
Like
Liked
31:26
Could your passwords withstand a cyber siege by expert Russian hackers? My latest podcast episode serves as a wakeup call to the cyber threats looming over us, showcasing the recent breach of Microsoft's test environment. As Sean Gerber, I dissect the pivotal missteps in password management and underscore the lifesaving grace of multi-factor authen…
…
continue reading
1
CCT 123: Practice CISSP Questions – Data Security Controls and Compliance Requirements (D2.6)
20:30
20:30
Play later
Play later
Lists
Like
Liked
20:30
Confront the cyber siege that has the healthcare industry on high alert; this episode sees me, Sean Gerber, dissecting the harrowing United Healthcare ransomware crisis that's rocked our nation. We're not just crunching numbers here—$22 million in ransom to Black Cat hackers signifies more than a hefty payout, it's a stark reminder of our critical …
…
continue reading
1
Unlocking Dev Success: ngrok, Tech Innovations & Developer Communities
41:16
41:16
Play later
Play later
Lists
Like
Liked
41:16
Join 'Test Case Scenario' with Scott McAllister, Developer Advocate at ngrok. Explore ngrok's innovative approach to securing and exposing local services online, aiding businesses like restaurants with seamless order integrations. Learn how ngrok differs from traditional VPNs, saving developers time while ensuring security through OAuth integration…
…
continue reading
1
More API Calls, More Problems: The State of API Security in 2024 - Lebin Cheng - ASW #276
1:12:17
1:12:17
Play later
Play later
Lists
Like
Liked
1:12:17
A majority of internet traffic now originates from APIs, and cybercriminals are taking advantage. Increasingly, APIs are used as a common attack vector because they’re a direct pathway to access sensitive data. In this discussion, Lebin Cheng shares what API attack trends Imperva, a Thales Company has observed over the past year, and what steps org…
…
continue reading
1
CCT 122: CISSP Deep Dive: Uncovering Data Encryption, Loss Prevention, and Code Obfuscation Strategies (D2.6)
44:54
44:54
Play later
Play later
Lists
Like
Liked
44:54
Embarking on a new chapter in my cybersecurity journey, I can't wait to share the depth of insights that come with stepping into the consulting realm. The world of cybersecurity is ever-evolving, and I'm here to navigate this complex landscape with you, offering the expertise you need to protect your data in today's digital battleground. From decip…
…
continue reading
1
Harnessing SDLC for Superior Tech Solutions and Team Dynamics
47:01
47:01
Play later
Play later
Lists
Like
Liked
47:01
Discover how the software development landscape is radically shifting with insights from Sal, director of product delivery at Emergent Software. He brings you the inside track on Agile methodologies and their transformative impact on tech deliverables. We promise you'll gain a profound understanding of the need for speed and responsiveness in creat…
…
continue reading
1
CCT 121: Practice CISSP Questions - Navigating Security Policies and BIA Basics (Domain 1)
20:57
20:57
Play later
Play later
Lists
Like
Liked
20:57
Imagine your Ubiquiti router as an open treasure chest amidst cyber pirates—how long before it's plundered? This episode throws you a lifeline, urging IoT and critical infrastructure pros to safeguard their digital booty by updating those default credentials, stat! But it's not all about fending off Russian cyber threats; we also turn the tables wi…
…
continue reading
1
CICD & QA: Boosting Cybersecurity in SDLC
32:39
32:39
Play later
Play later
Lists
Like
Liked
32:39
Discover how Continuous Integration/Continuous Deployment (CICD) and quality assurance (QA) bolster cybersecurity in the Software Development Life Cycle (SDLC). Join us on this episode of Test Case Scenario as we uncover strategies to enhance defenses against cyber threats with special guest, Karen Laiacona Frazier, Senior Director QA at Unqork. Le…
…
continue reading
1
The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275
1:19:26
1:19:26
Play later
Play later
Lists
Like
Liked
1:19:26
The need for vuln management programs has been around since the first bugs -- but lots of programs remain stuck in the past. We talk about the traps to avoid in VM programs, the easy-to-say yet hard-to-do foundations that VM programs need, and smarter ways to approach vulns based in modern app development. We also explore the ecosystem of acronyms …
…
continue reading
1
CCT 120: CISSP Essentials: Navigating Security Policies and BIA Basics (Domain 1)
38:12
38:12
Play later
Play later
Lists
Like
Liked
38:12
Get ready to fortify your cybersecurity knowledge base, as I, Sean Gerber, guide you through the labyrinth of security policies and the pivotal Business Impact Analysis (BIA). Our latest CISSP Cyber Training Podcast episode is a treasure trove of insights, where we unravel how security policies aren't just documentation—they're the shields guarding…
…
continue reading
1
CCT 119: Practice CISSP Questions – Integrated Product Team (IPT) and Waterfall, Spiral, Agile, Scrum Development (D8.1.2-8.1.5)
15:21
15:21
Play later
Play later
Lists
Like
Liked
15:21
Unlock the secrets to crafting impenetrable software as we delve into Domain 8 of the CISSP exam, where design and architecture reign supreme in the security integration battle. Prepare to have your coding paradigms shifted and your architectural blueprints fortified in this episode, which is nothing short of a cyber-fortification masterclass. We t…
…
continue reading
1
Communicating the Value of Testing Internally
31:06
31:06
Play later
Play later
Lists
Like
Liked
31:06
Get ready to debunk testing myths with Ross Radford in the latest 'Test Case Scenario' episode! Ross, Director of Software Engineering at BarSign, joins Jason, Nikolay, Marcus, and Evelyn, as they banter about the roles of testing in professional workflow and management, how to communicate the importance of testing to leadership, and the question o…
…
continue reading
1
Creating the Secure Pipeline Verification Standard - Farshad Abasi - ASW #274
56:59
56:59
Play later
Play later
Lists
Like
Liked
56:59
Farshad Abasi joins us again to talk about creating a new OWASP project, the Secure Pipeline Verification Standard. (Bonus points for not being a top ten list!) We talk about what it takes to pitch a new project and the problems that this new project is trying to solve. For this kind of project to be successful -- as in making a positive impact to …
…
continue reading
1
#22 SORA: New OpenAI marvel, Emotion Prompts could be a thing, Gemini: The truth about AI Biases
31:14
31:14
Play later
Play later
Lists
Like
Liked
31:14
In this episode of AI Nexus, hosts Elias and Newton delve deeper into the dynamic landscape of artificial intelligence, dissecting recent advancements and emerging challenges. Their conversation kicks off with a fascinating exploration of the power of language in interacting with AI chatbots like ChatGPT. Elias and Newton discuss the concept of "em…
…
continue reading
1
CCT 118: Integrated Product Team (IPT) and Waterfall, Spiral, Agile, Scrum Development (D8.1.2-8.1.5)
36:07
36:07
Play later
Play later
Lists
Like
Liked
36:07
Are you prepared to navigate the intricate maze of software development and cybersecurity? This week's episode guarantees to arm you with the expertise to conquer the CISSP exam and apply these vital skills in the real world. We delve into the structures and strategies that define successful software projects, comparing the precision of the waterfa…
…
continue reading
1
CCT 117: CISSP Practice Questions - Navigating the CISSP Incident Management Maze (D7)
14:01
14:01
Play later
Play later
Lists
Like
Liked
14:01
Unlock the secrets to expert incident response with me, Sean Gerber, in this week’s CISSP Cyber Training Podcast. We're crunching down on the essential steps to effectively detect, respond to, mitigate, and recover from cybersecurity incidents. If you're serious about acing the CISSP exam and expanding your cybersecurity acumen, this episode is you…
…
continue reading