Tag: application security

Developer in darkened room

Podcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan Hunt

The pandemic isn’t the only thing shaking up development organizations. Application security is a top concern and security work is “shifting left” and becoming more intertwined with development. In this podcast, Security Ledger Editor in Chief Paul Roberts talks about it with Jonathan Hunt, Vice President of Security at the firm GitLab.

GE Filtergate Image

Episode 187: Filtergate is DRM for Water

In this episode of the podcast (#187), sponsored by Virsec, we talk with journalist and author Cory Doctorow of BoingBoing.net about the recent GE Filtergate incident and how DRM is invading our homes. Also, Satya Gupta the Chief Technology Officer of the firm VirSec joins us to talk about how application runtime monitoring is gaining traction in the age of DevSecOps and left-shifted security.

Laptop with Code on it

Spotlight Podcast: How Machine Learning is revolutionizing Application Fuzzing

In this Spotlight episode of the Podcast, sponsored* by ForAllSecure we speak with CEO David Brumley about application “fuzzing” and how advancements in machine learning technology are allowing security researchers to find more and more serious vulnerabilities faster. The challenge now, Brumley says, is to keep up with the machines.

software application

Episode 168: Application Security Debt is growing. Also: Web App Security in the Age of IoT

In this week’s episode of the podcast (#168), sponsored by Signal Sciences, Chris Eng of Veracode joins us to talk about the 10th annual State of Software Security Report and the problem of application security debt. Also, Brendan Macaraeg of Signal Sciences talks about the expanding landscape of web application attacks and defenses.

Are You Creating A Culture of Security?

Here at The Security Ledger, we’ve written often about the barriers to improving the security practices of software development organizations. It is simple enough to say things like “we have to teach people to write code that is secure. But to actually accomplish that across the myriad of companies that do software development is akin to boiling the ocean. Still, it is a far more manageable problem at the level of a single organization. In fact: it is quite do-able. How? That’s the subject of a Google Hangout Security Ledger is doing this afternoon in conjunction with Veracode. The topic: creating a culture of security within your organization.  In the hangout, I will be speaking with Veracode’s Chris Eng and Greg Nicastro about how Veracode, itself, built its secure development culture from the ground up. This is going to be a great discussion. Greg is the Executive Vice President of […]