Player FM - Internet Radio Done Right
Checked 1M ago
Agregado hace veintiuno semanas
Invicti Security에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Invicti Security 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!
Player FM 앱으로 오프라인으로 전환하세요!
AppSec Serialized by Invicti
모두 재생(하지 않음)으로 표시
Manage series 3603311
Invicti Security에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Invicti Security 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
The cybersecurity podcast about application security and those who practice it. Hosted by tech industry veterans Frank Catucci and Dan Murphy, AppSec Serialized by Invicti puts a new spin on the ”two guys talking” format by starting each episode with a security-themed fiction story in the style of old-time radio shows. Each episode focuses on a specific area of cybersecurity, with the hosts and their guests sharing their practitioners’ experiences and opinions, sprinkled liberally with a solid dose of humor and anecdotes.
…
continue reading
5 에피소드
모두 재생(하지 않음)으로 표시
Manage series 3603311
Invicti Security에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Invicti Security 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
The cybersecurity podcast about application security and those who practice it. Hosted by tech industry veterans Frank Catucci and Dan Murphy, AppSec Serialized by Invicti puts a new spin on the ”two guys talking” format by starting each episode with a security-themed fiction story in the style of old-time radio shows. Each episode focuses on a specific area of cybersecurity, with the hosts and their guests sharing their practitioners’ experiences and opinions, sprinkled liberally with a solid dose of humor and anecdotes.
…
continue reading
5 에피소드
Todos los episodios
×The role of Chief Information Security Officer, or CISO, is crucial for any sizable organization yet often misunderstood as purely a compliance paperwork post. In reality, CISOs have to balance multiple aspects of information security to minimize risk, ensure timely incident response, maintain compliance, and more—all with finite resources and competing priorities. In this episode, Frank Catucci and Dan Murphy talk to a real-life CISO, Invicti’s own Matthew Sciberras, discussing the balancing skills required to define and apply application security policies with limited resources. In the story segment, Alice the head dev realizes her cherished new project will be delayed due to vulnerabilities—if only she had scanned earlier……
Software supply-chain security is one aspect of cybersecurity that affects every sizable application out there and also every organization that uses web apps and APIs. Application frameworks and libraries make up much of the running code base of modern software—and it only takes one vulnerable or compromised component to create a critical security gap. In this episode, Frank Catucci and Dan Murphy go into supply-chain security and look at several high-profile breaches caused by insecure components and dependencies. In the fiction segment, Alice the head dev realizes that vulnerable library the CISO is asking about is used in lots and lots of places...…
APIs are the secret door through which so many application attacks are executed in recent years. Compared to graphical user interfaces, they are far easier to build and deploy but far harder to test and secure, making API security a top concern. In this episode, Frank Catucci and Dan Murphy dive into the world of API security, discussing high-profile breaches and looking at ways to discover and test the API part of your web applications. In the fiction segment, Mallory the hacker finds a shadow API being exposed by MegaHelix Corp.…
Knowing what sites, apps, and APIs you’re exposing to the Internet is crucial for determining your realistic risk level and making accurate security decisions. In this episode, Frank Catucci and Dan Murphy are joined by special guest Bogdan Calin, Principal Security Researcher at Invicti, to talk about ways of determining an organization’s web attack surface and the resulting risk level. In particular, they discuss the pro and cons of various AI and ML approaches to this problem and go deeper into the workings of the pioneering Predictive Risk Scoring feature that Bogdan helped design and build. In the fiction segment, it’s Bob the CISO’s first day at a new company and from the first cursory check, he’s worried that the org is exposing a lot more that it should be. A call with Alice the head developer does nothing to put his mind at ease—quite the opposite...…
Cross-site scripting (XSS) is one of the oldest web vulnerability types and still a very real threat. In this episode, Frank Catucci and Dan Murphy talk about the origins of cross-site scripting, some high-profile attacks, and best practices to test for and also prevent XSS in applications. In the fiction segment, Mallory the hacker uses XSS to inject script into an old and vulnerable leaderboard server—but she has to work hard to get around the WAF first.…
플레이어 FM에 오신것을 환영합니다!
플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.