Data stolen? Get used to it kid. That’s the reality for young people coming of age today in the app sec shanty town that is the 21st century U.S. economy. Like the actual favelas and shanty towns that have sprung up in developing nations over the last century, our application ecosystem is sprawling, unregulated, ad-hoc and prone to shocking breakdowns and failures. Our kids are paying the price.
How do we improve software quality and end the epidemic of shoddy, exploitable software harming consumers, communities and businesses? To start, we need to change the way we think and talk about software-based risks.
Amid a spike in attacks on software supply chains, GitGuardian launched HasMySecretLeaked.com, a site that allows developers and appsec teams to search for exposed secrets.
Tanya Janca of the group We Hack Purple, talks with Security Ledger host Paul Roberts about the biggest security mistakes that DevSecOps teams make, and application development’s “tragedy of the commons,” as more and more development teams lean on open source code.
The hack of Beanstalk is just the latest major compromise of a decentralized finance (DeFi) platform. In this podcast, Jennifer Fernick of NCC Group joins me to talk about why DeFi’s security woes are much bigger than Beanstalk.
