ep2024-12 Tanya Janca: Happy Holidays are Secure Code
Some production issues caused this one to slip to December so the intro is a bit off but this is still a great episode. So, learn some lessons on creating secure code from one of my favorite guests: Tanya Janca. It was hard to keep this one to its current length as Tanya is such a great person to talk to for any reason. Enjoy and happy holidays!
Show Links:
Get your copy of Alice and Bob Learn Secure Coding! (and more):
https://shehackspurple.ca/books/
Also the newsletter so that you can join the free online streams:
https://newsletter.shehackspurple.ca/
--------
1:00:13
ep2024-10 Don't be Scared, It's just a Pen Test with Brad Causey
There's no reason to be scared about a pen test - especially when it's run by a professional like Brad Causey. I catch up with Brad in this episode to discuss what's recently changed in pen testing in how you test and people's motivations for hiring a pen testing. Interesting and not spooky at all.
Show Links:
Brad on LinkedIn
- https://www.linkedin.com/in/bradcausey/
SecurIT360
- https://www.securit360.com/
- https://www.linkedin.com/company/securit360/
OWASP Testing Guide
- https://owasp.org/www-project-web-security-testing-guide/
--------
37:19
ep2024-09 Threat Modeling with Takaharu
What happens when you get interested in Threat Modeling and you want to share. For some, that means you do one work shop, then another, then another. What happens when you start down this path. Takaharu Ogasa tells us what it's been like to become a threat modeling evangelist in Japan, what he's learned and what he's got planned next. It's a great story on how sharing what you learned can make the world just that much better for you and those lucky enough to be involved.
Threat Modeling Community (Japanese):
- https://threatmodeling.connpass.com/
Takaharu on Twitter
-https://x.com/TakaharuOgasa
--------
36:19
ep2024-08 OWASP Projects Roundup
The August episode is a review of projects from a recent OWASP project showcase. We talk to the leaders of the OWASP pytm, OWASP Developer Guide, OWASP State of AppSec Survey Project. Get up on the latest news and update on these OWASP projects.
OWASP pytm:
- https://owasp.org/www-project-pytm/
- https://github.com/izar/pytm
OWASP Develper Guide:
- https://owasp.org/www-project-developer-guide/
- https://github.com/OWASP/www-project-developer-guide
OWASP AppSec Survey Project:
- https://owasp.org/www-project-state-of-appsec-survey/
--------
36:19
ep2024-07 Safety belts for AppSec with Lisa Plaggemier
After a long and unplanned pause, the OWASP podast is back with a home run of an episode. We have Lisa Plaggemier as our guest who reprises her eloquent keynote topic from AppSec DC. All hope isn't lost, we are making progress - just look at safety in the auto industry to understand where we are and where we're going.
Links:
Lisa's keynote from AppSec DC
https://www.youtube.com/watch?v=Rirxc1OXR4Q&list=PLpr-xdpM8wG_3eyVQxB0oXqVJwlNKs85x&index=38&ab_channel=OWASPFoundation
Kubikle web series
https://kubikleseries.com/
Convene Seattle 2024 event
https://staysafeonline.org/programs/events/convene-seattle-2024/
The OWASP Podcast Series is a recorded series of discussions with thought leaders and practitioners who are working on securing the future for coming generations.
México