Tag: security
Episode 476: Leonid Shevtsov on Transactional Email
Leonid Shevtsov, software architect at Railsware and developer of a forthcoming mail transfer agent talks with host Robert Blumen about email protocols and transactional email. The discussion opens with an overview of email; the architecture of email; DNS records and email; components of an email address; how email is forwarded; bounces; other things that can […]
Episode 474: Paul Butcher on Fuzz testing
Paul Butcher of AdaCore discusses Fuzz Testing, an automated testing technique used to find security vulnerabilities and other software flaws. Host Philip Winston spoke with Butcher about positive and negative testing, how fuzz testing fits into the life-cycle of software development, brute-force and blunt-force fuzz testing, the popular open-source American Fuzzy Lop fuzzer from Google, […]
Episode 447: Michael Perry on Immutable Architecture
Michael L. Perry discusses his recently published book, The Art of Immutable Architecture. Using familiar examples such as git and blockchain, he distinguishes immutable architecture from other approaches and addresses possible misunderstandings about designing an architecture for immutability. Michael and host Jeff Doolittle also examine other relevant topics such as location independence, conflict-free replicated data […]
Episode 427: Sven Schleier and Jeroen Willemsen on Mobile Application Security
Sven Schleier and Jeroen Willemsen from the OWASP Mobile Application Security Verification Standard (MASVS) and Testing Guide (MSTG) project discuss mobile application security and how the verification standard and testing guide can be used to improve your app’s security. Host Justin Beyer spoke with Schleier and Willemsen on webviews, certificate pinning, anti-reverse engineering technology, and […]
Episode 416: Adam Shostack on Threat Modeling
Adam Shostack of Shostack & Associates and author of Threat Modeling: Designing for Security discussed different approaches to threat modeling, the multiple benefits it can provide, and how it can be added to an organization’s existing software process. Host Justin Beyer spoke with Shostack about the steps associated with threat modeling and the different approaches […]
