Tag: security

Episode 494: Robert Seacord on Avoiding Defects in C Programming

Filed in Episodes by on January 12, 2022 0 Comments
Episode 494: Robert Seacord on Avoiding Defects in C Programming

Robert Seacord, author of Effective C, The CERT C Coding Standard, and Secure Coding in C and C++, discusses the top 5 security issues and the tools and techniques you can employ to write secure code in C. Host Gavin Henry spoke with Seacord about the C standards, strings, arrays of chars, null pointers, buffer […]

Continue Reading »

Episode 492: Sam Scott on Building a Consistent and Global Authorization Service

Filed in Episodes by on December 28, 2021 0 Comments
Episode 492: Sam Scott on Building a Consistent and Global Authorization Service

Sam Scott, CTO of Oso discusses authorization challenges with host Priyanka. They discussed basics such as definitions of authorization, RBAC, ReBAC and differentiating with authentication. Sam also described the Google Zanzibar engine. The host quizzed Sam on whether to build an off the shelf authorization service or build a custom one. Sam deep dived in […]

Continue Reading »

Episode 482: Luke Hoban on Infrastructure as Code

Filed in Episodes by on October 21, 2021 0 Comments
Episode 482: Luke Hoban on Infrastructure as Code

Luke Hoban, CTO of Pulumi, joined host Jeff Doolittle for a conversation about infrastructure as code (IAC), which allows software development teams to configure and control their cloud infrastructure assets using code in contrast to other approaches such as using web interfaces or command line interfaces. Luke described how IAC allows teams to apply good […]

Continue Reading »

Episode 476: Leonid Shevtsov on Transactional Email

Filed in Episodes by on September 8, 2021 0 Comments
Episode 476: Leonid Shevtsov on Transactional Email

Leonid Shevtsov, software architect at Railsware and developer of a forthcoming mail transfer agent talks with host Robert Blumen about email protocols and transactional email. The discussion opens with an overview of email; the architecture of email; DNS records and email; components of an email address; how email is forwarded; bounces; other things that can […]

Continue Reading »

Episode 474: Paul Butcher on Fuzz Testing

Filed in Episodes by on August 25, 2021 0 Comments
Episode 474: Paul Butcher on Fuzz Testing

Paul Butcher of AdaCore discusses Fuzz Testing, an automated testing technique used to find security vulnerabilities and other software flaws. Host Philip Winston spoke with Butcher about positive and negative testing, how fuzz testing fits into the life-cycle of software development, brute-force and blunt-force fuzz testing, the popular open-source American Fuzzy Lop fuzzer from Google, […]

Continue Reading »