Tag: security

Episode 427: Sven Schleier and Jeroen Willemsen on Mobile Application Security

Filed in Episodes by on September 24, 2020 0 Comments
Episode 427: Sven Schleier and Jeroen Willemsen on Mobile Application Security

Sven Schleier and Jeroen Willemsen from the OWASP Mobile Application Security Verification Standard (MASVS) and Testing Guide (MSTG) project discuss mobile application security and how the verification standard and testing guide can be used to improve your app’s security.  Host Justin Beyer spoke with Schleier and Willemsen on webviews, certificate pinning, anti-reverse engineering technology, and […]

Continue Reading »

Episode 416: Adam Shostack on Threat Modeling

Filed in Episodes by on July 10, 2020 0 Comments
Episode 416: Adam Shostack on Threat Modeling

Adam Shostack of Shostack & Associates and author of Threat Modeling: Designing for Security discussed different approaches to threat modeling, the multiple benefits it can provide, and how it can be added to an organization’s existing software process. Host Justin Beyer spoke with Shostack about the steps associated with threat modeling and the different approaches […]

Continue Reading »

Episode 406: Torin Sandall on Distributed Policy Enforcement

Filed in Episodes by on April 15, 2020 0 Comments
Episode 406: Torin Sandall on Distributed Policy Enforcement

Torin Sandall of Styra and Open Policy Agent discussed OPA and policy engines and how they can benefit software projects security and compliance. Host Justin Beyer spoke with Sandall about the benefits of removing authorization logic from your applications. Specifically, how OPA can create a single view of all policies across your software stack for […]

Continue Reading »

Episode 404: Bert Hubert on DNS Security

Filed in Episodes by on March 26, 2020 0 Comments
Episode 404: Bert Hubert on DNS Security

Bert Hubert, author of the open source PowerDNS nameserver discusses DNS security and all aspects of the Domain Name System with its flaws and history. Host Gavin Henry spoke with Hubert about what DNS is, DNS history, DNS attacks, DNS flaws, DNS privacy, DNS Encryption, DNS integrity, how DNS is used against your privacy, how […]

Continue Reading »

Episode 395: Katharine Jarmul on Security and Privacy in Machine Learning

Filed in Episodes by on January 10, 2020 0 Comments
Episode 395: Katharine Jarmul on Security and Privacy in Machine Learning

Katharine Jarmul of DropoutLabs discusses security and privacy concerns as they relate to Machine Learning. Host Justin Beyer spoke with Jarmul about attacks that can be leveraged against data pipelines and machine learning models; attack types – adversarial example, model inference, deanonymization; and how they can be utilized to manipulate model outcomes; the dangers of […]

Continue Reading »