Tag: security

Episode 383: Neil Madden On Securing Your API

Filed in Episodes by on October 10, 2019 0 Comments
Episode 383: Neil Madden On Securing Your API

Neil Madden, author of the API Security in Action book and Security Director of ForgeRock, discusses the key technical features of securing an API. Host Gavin Henry spoke with Madden about API versus Web App security, choice of authentication tokens, the various security models you can follow, NIST-800-92, ISO27001, STRIDE, CIA Triad, audit log best […]

Continue Reading »

Episode 378: Joshua Davies on Attacking and Securing PKI

Filed in Episodes by on August 28, 2019 0 Comments
Episode 378: Joshua Davies on Attacking and Securing PKI

Joshua Davies, author of Implementing SSL / TLS Using Cryptography and PKI discussed SSL/TLS, public-key infrastructure, certificate authorities, and vulnerabilities in the security infrastructure.  Robert Blumen spoke with Davies about the history of SSL/TLS; TLS 1.3; symmetric and asymmetric cryptography; the TLS handshake; the Diffie-Helman key exchange; the HTTPS protocol; verification of domain ownership; man-in-the-middle […]

Continue Reading »

SE-Radio Episode 359: Engineering Maturity with Jean-Denis Greze

Filed in Episodes by on March 8, 2019 0 Comments
SE-Radio Episode 359: Engineering Maturity with Jean-Denis Greze

Jean-Denis Greze of Plaid discusses Engineering Maturity and its importance in maintaining velocity while growing an engineering team grows.  Where engineering managers have not experienced rapid growth, related problems can grow out of hand. Host Nate Black spoke with Jean-Denis about his framework for understanding a team’s current maturity level; how to create a roadmap […]

Continue Reading »

SE Radio Episode 341: Michael Hausenblas on Container Networking

Filed in Episodes by on October 10, 2018 0 Comments
SE Radio Episode 341: Michael Hausenblas on Container Networking

Michael Hausenblas talks with host Kim Carter about topics covered in Michael’s ebook Container Networking, such as single vs. multi-host container networking, orchestration, Kubernetes, service discovery, and many more. Michael and Kim also discuss the roles that IPTables plays, how the allocation of IP addresses is handled, along with the assignment of ports. Overlay networks […]

Continue Reading »

SE-Radio Episode 330: Natalie Silvanovich on Attack Surface Reduction

Filed in Episodes by on July 17, 2018 0 Comments
SE-Radio Episode 330: Natalie Silvanovich on Attack Surface Reduction

Natalie Silvanovich from Google Project Zero talks with Kim Carter about what attack surface is in regards to software, how to identify risks and reduce the attack surface of the software you as a Software Engineer are creating. Natalie found over 100 0 day security defects in flash in her first year at Google, and […]

Continue Reading »