Go offline with the Player FM app!
Starting an OWASP Project (That's Not a List!) - Grant Ongers - ASW #272
Manage episode 399565413 series 2794635
We can't talk about OWASP without talking about lists, but we go beyond the lists to talk about a product security framework. Grant shares his insights on what makes lists work (and not work). More importantly, he shares the work he's doing to spearhead a new OWASP project to help scale the creation of appsec programs, whether you're on your own or part of a global org.
Segment Resources:
- https://owasp.org/www-project-product-security-capabilities-framework/
- https://github.com/OWASP/pscf
- https://prods.ec/
- https://owaspsamm.org
- https://iso25000.com/index.php/en/iso-25000-standards/iso-25010
- https://www.scmagazine.com/podcast-episode/application-security-weekly-242
Qualys discloses syslog and qsort vulns in glibc, Apple's jailbroken iPhone for security researchers, moving away from OpenSSL, what an ancient vuln in image parsing can teach us today, and more!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-272
302 episodes
Manage episode 399565413 series 2794635
We can't talk about OWASP without talking about lists, but we go beyond the lists to talk about a product security framework. Grant shares his insights on what makes lists work (and not work). More importantly, he shares the work he's doing to spearhead a new OWASP project to help scale the creation of appsec programs, whether you're on your own or part of a global org.
Segment Resources:
- https://owasp.org/www-project-product-security-capabilities-framework/
- https://github.com/OWASP/pscf
- https://prods.ec/
- https://owaspsamm.org
- https://iso25000.com/index.php/en/iso-25000-standards/iso-25010
- https://www.scmagazine.com/podcast-episode/application-security-weekly-242
Qualys discloses syslog and qsort vulns in glibc, Apple's jailbroken iPhone for security researchers, moving away from OpenSSL, what an ancient vuln in image parsing can teach us today, and more!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-272
302 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.