1:07:51 Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339 Security Weekly - A CRA Resource
1:07:15 Checking in on the State of Appsec in 2025 - Sandy Carielli, Janet Worthington - ASW #338 Security Weekly - A CRA Resource
38:26 Simple Patterns for Complex Secure Code Reviews - Louis Nyffenegger - ASW #337 Security Weekly - A CRA Resource
1:01:19 How Fuzzing Barcodes Raises the Bar for Secure Code - Artur Cygan - ASW #336 Security Weekly - A CRA Resource
1:08:00 Threat Modeling With Good Questions and Without Checklists - Farshad Abasi - ASW #335 Security Weekly - A CRA Resource
1:09:09 Bringing CISA's Secure by Design Principles to OT Systems - Matthew Rogers - ASW #334 Security Weekly - A CRA Resource
39:06 AIs, MCPs, and the Acutal Work that LLMs Are Generating - ASW #333 Security Weekly - A CRA Resource
1:04:35 AI in AppSec: Agentic Tools, Vibe Coding Risks & Securing Non-Human Identities - Mo Ab... - ASW #332 Security Weekly - A CRA Resource
1:01:48 Appsec News & Interviews from RSAC on Identity and AI - Charlotte Wylie, Rami Saas - ASW #331 Security Weekly - A CRA Resource
1:09:38 AI and Secure Code: Trust, Risk, and the Future of DevSecOps - ASW #330 Security Weekly - A CRA Resource
1:03:03 AI Era, New Risks: How Data-Centric Security Reduces Emerging AppSec Threats - Idan Pl... - ASW #329 Security Weekly - A CRA Resource
44:08 Secure Designs, UX Dragons, Vuln Dungeons - Jack Cable - ASW #328 Security Weekly - A CRA Resource
1:14:45 More WAFs in Blocking Mode and More Security Headaches from LLMs - Sandy Carielli, Jan... - ASW #326 Security Weekly - A CRA Resource
40:34 CISA's Secure by Design Principles, Pledge, and Progress - Jack Cable - ASW #321 Security Weekly - A CRA Resource
33:17 Skype Hangs Up, Android Backdoors, Jailbreak Research, Pretend AirTags, Wallbleed - ASW #321 Security Weekly - A CRA Resource
35:08 Keeping Curl Successful and Secure Over the Decades - Daniel Stenberg - ASW #320 Security Weekly - A CRA Resource
33:55 QR Codes Replacing SMS, MS Pulls VSCode Extension, Threat Modeling, Bybit Hack - ASW #320 Security Weekly - A CRA Resource
33:56 Developer Environments, Developer Experience, and Security - Dan Moore - ASW #319 Security Weekly - A CRA Resource
36:26 Regex DoS, LLM Backdoors, Secure AI Architectures, Rust Survey - ASW #319 Security Weekly - A CRA Resource
44:57 Top 10 Web Hacking Techniques of 2024 - James Kettle - ASW #318 Security Weekly - A CRA Resource
37:01 Code Scanning That Works With Your Code - Scott Norberg - ASW #317 Security Weekly - A CRA Resource
35:52 Unforgivable Vulns, DeepSeek iOS App Security Flaws, Memory Safety Standards - ASW #317 Security Weekly - A CRA Resource
36:54 Threat Modeling That Helps the Business - Sandy Carielli, Akira Brand - ASW #316 Security Weekly - A CRA Resource
34:47 New SLAP & FLOP Attacks, OCSP Fades Away, DeepSeek's ClickHouse, OAuth 2.0 Security - ASW #316 Security Weekly - A CRA Resource
34:57 Opengrep & Semgrep, Hacking Subarus, Hacking Synths, Stealing Cookies, and RANsacked - ASW #315 Security Weekly - A CRA Resource
36:04 Discussing Useful Security Requirements with Developers - Ixchel Ruiz - ASW #313 Security Weekly - A CRA Resource
31:43 PyPI's Quarantine, Phishing & Awareness, Porting Fishshell to Rust, Cyber Trust Mark - ASW #313 Security Weekly - A CRA Resource
33:48 DefectDojo and Bringing Quality Appsec Tools to Small Appsec Teams - Greg Anderson - ASW #312 Security Weekly - A CRA Resource
33:24 Removing Rust, Double Clickjacking, h3i CLI, JWT Mistakes, Reviewing Recursion - ASW #312 Security Weekly - A CRA Resource
34:09 Applying Usability and Transparency to Security - Hannah Sutor - ASW #311 Security Weekly - A CRA Resource
35:35 Ancient Curl Bug, AWS re:Invent, Malware in NPM, Census III Report, MS OTP - ASW #311 Security Weekly - A CRA Resource
29:02 AI's Junk Vulns, Web3 Backdoor, LLM CTFs, 5 GenAI Mistakes, Top Ten for LLMs - ASW #310 Security Weekly - A CRA Resource
34:24 Adding Observability with OpenTelemetry - Adriana Villela - ASW #309 Security Weekly - A CRA Resource
36:34 Fuzzing Barcodes, Fuzzing with AI, AI vs. Scammers, CWEs, Repo Swatting - ASW #309 Security Weekly - A CRA Resource
33:19 Biometric Frontiers: Unlocking The Future Of Engagement - Andras Cser, Enza Iannopollo - ASW #308 Security Weekly - A CRA Resource
37:14 AI fixes everything, C++ the actual worst, IAM is hard - ASW #308 Security Weekly - A CRA Resource
35:50 Typosquatting NPM, vulnerability analysis, and AI challenges - ASW #307 Security Weekly - A CRA Resource
32:08 Bug bounties, vulnerability disclosure, PTaaS, fractional pentesting - Grant McCracken - ASW #306 Security Weekly - A CRA Resource
33:29 Total Recall? LLM finds bug in SQLite, C++ safety failures, zero time for zero privs - ASW #306 Security Weekly - A CRA Resource
53:04 Making TLS More Secure, Lessons from IPv6, LLMs Finding Vulns - ASW #305 Security Weekly - A CRA Resource
30:42 Protecting Identity of AI Agents & Standardizing Identity Security for SaaS Apps - Shi... - ASW #305 Security Weekly - A CRA Resource
38:53 The Complexities, Configurations, and Challenges in Cloud Security - Scott Piper - ASW #304 Security Weekly - A CRA Resource
38:34 JSON Parsing, Email Parsing, CISA's Bad Practices Guide, Abusing Disclosure Policies - ASW #304 Security Weekly - A CRA Resource
42:00 Perl & PHP Vulns, Fuzzing & Parsers, Protecting Multi-Hosted Tenants, Secure Design - ASW #303 Security Weekly - A CRA Resource
35:34 The Future of Zed Attack Proxy - Simon Bennetts, Ori Bendet - ASW #302 Security Weekly - A CRA Resource
37:03 RCE from Iconv + PHP, Fuzzing a Codec, Fuzzing LLMs, Revisiting Recall - ASW #302 Security Weekly - A CRA Resource
45:57 More Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - ASW #301 Security Weekly - A CRA Resource
35:07 Vulnerable APIs and Bot Attacks: Two Interconnected, Growing Security Threats - David ... - ASW #300 Security Weekly - A CRA Resource
32:45 Fuzzing for Vulns, GitLab Auth Bypass, JPEG Vulns, Programming Language Ranks - ASW #300 Security Weekly - A CRA Resource
33:10 Bringing Secure Coding Concepts to Developers - Dustin Lehr - ASW #299 Security Weekly - A CRA Resource
29:16 A TLD Takeover, An LLM CTF, A Firmware Flaw, 6 Truths of Cyber Risk - ASW #299 Security Weekly - A CRA Resource
56:25 Paying Down Tech Debt, Rust in Firmware, EUCLEAK, Deploying SSO - ASW #298 Security Weekly - A CRA Resource
37:48 Close the Security Theater: Enter Resilience - Kelly Shortridge - ASW Vault Security Weekly - A CRA Resource
37:21 Changing the Course of IoT's Future from Its Insecure Past - Paddy Harrington - ASW #297 Security Weekly - A CRA Resource
27:08 Apache HTTPD Vulns, Hacking IoT Speakers, Use Cases for WASM, Slack AI Leak - ASW #297 Security Weekly - A CRA Resource
42:38 The Fallout and Lessons Learned from the CrowdStrike Fiasco - Allie Mellen, Jeff Pollard - ASW #296 Security Weekly - A CRA Resource
39:22 Navigating the Path to Maturity & AI is helping combat cyber threats - Shimon Modi, Bo... - ASW #296 Security Weekly - A CRA Resource
34:30 Reducing Supply Chain Risk & What’s lurking in your phone? - Danny Jenkins, Nikos Kiou... - ASW #295 Security Weekly - A CRA Resource
36:24 Building Successful Security Champions Programs - Marisa Fagan - ASW #294 Security Weekly - A CRA Resource
33:55 Dead Code, CrowdStrike's Kernel Lessons, VMs & Security Boundaries, SLUBStick Attack - ASW #294 Security Weekly - A CRA Resource
45:18 A CISO's Perspective on AI, Appsec, and Changing Behaviors - Paul Davis - ASW #293 Security Weekly - A CRA Resource
36:04 Where Generative AI Can Actually Help Security (And Where It Doesn't) - Allie Mellen, ... - ASW #292 Security Weekly - A CRA Resource
28:57 SAPwned, Squarespace Domain Hijacks, AIs Fixing Code, Infosec Investments - ASW #292 Security Weekly - A CRA Resource
33:06 Producing Secure Code by Leveraging AI - Stuart McClure - ASW #291 Security Weekly - A CRA Resource
35:58 A 2024 Appsec Report, Preparing for the AIxCC, Secure Design and Post-Quantum Crypto - ASW #291 Security Weekly - A CRA Resource
38:12 State Of Application Security 2024 - Sandy Carielli, Janet Worthington - ASW #290 Security Weekly - A CRA Resource
34:30 Polyfill Empties Trust, regreSSHion, CocoaPods Vulns & Secure Design, LLM Bughunters - ASW #290 Security Weekly - A CRA Resource
37:01 OAuth 2.0 from Protecting APIs to Supporting Authorization & Authentication - Aaron Pa... - ASW #289 Security Weekly - A CRA Resource
24:10 Shared Responsibility Models, AI in Offensive Security, Apple's Private Cloud Compute - ASW #289 Security Weekly - A CRA Resource
38:37 Microsoft Recall's Security & Privacy, Hacking Web APIs, Secure Design Pledge - ASW #288 Security Weekly - A CRA Resource
42:04 Open Source Software Supply Chain Security & The Real Crisis Behind XZ Utils - Luis Villa - ASW #287 Security Weekly - A CRA Resource
30:12 Bots are Taking Over the Internet & Defining ASPM - Idan Plotnik, Erez Hasson - ASW #287 Security Weekly - A CRA Resource
36:24 Collecting Bounties and Building Communities - Ben Sadeghipour - ASW Vault Security Weekly - A CRA Resource
30:32 Securing Shadow Apps & Protecting Data - Guy Guzner, Pranava Adduri - ASW Vault Security Weekly - A CRA Resource
30:30 Unpacking XDR & Business Applications - Chris Thomas, Oliver Tavakoli - ASW #286 Security Weekly - A CRA Resource
37:33 Inside the OWASP Top 10 for LLM Applications - Sandy Dunn - ASW #285 Security Weekly - A CRA Resource
29:24 The Enterprise Browser & AI in Securing Software and Supply Chains - Mike Fey, Josh Lemos - ASW #285 Security Weekly - A CRA Resource
31:48 Hacking AI Bias with Human Techniques - Keith Hoodlet - ASW #284 Security Weekly - A CRA Resource
41:11 Why Companies Continue to Struggle with Supply Chain Security - Melinda Marks - ASW #283 Security Weekly - A CRA Resource
38:40 Random Problems, Protecting Packages, and Vulns in Designs, Defaults & Data Leaks - ASW #283 Security Weekly - A CRA Resource
39:29 Sustainable Funding of Open Source Tools - Simon Bennetts, Mark Curphey - ASW #282 Security Weekly - A CRA Resource
38:28 XZ & Open Source, PuTTY's Private Keys, LeakyCLI, LLMs Writing Exploits - ASW #282 Security Weekly - A CRA Resource
35:17 Demystifying Security Engineering Career Tracks - Karan Dwivedi - ASW #281 Security Weekly - A CRA Resource
28:12 Arg Parsing in Rust, End of Life Hardware, CSRB & MS, Chrome’s V8 Sandbox - ASW #281 Security Weekly - A CRA Resource
31:53 Lessons That The XZ Utils Backdoor Spells Out - Farshad Abasi - ASW #280 Security Weekly - A CRA Resource
28:30 OWASP Breach, Types of Prompt Injection, Device-Bound Sessions, ASVS & APIs - ASW #280 Security Weekly - A CRA Resource
