Raf asks - Why haven’t we solved the same old software security
James asks how a security team gets out of the way and still
get better security?
We discuss threat modeling, and channel a bit of John
Jeff talks about the OWASP ESAPI and standard security
libraries and controls
Jeff talks about “libraries with known vulnerabilities” and the
role of open source components
Raf brings up the ugly side of enterprise outsourcing - code
development by committee
We discuss static, dynamic and run-time security tools
Raf asks Jeff what the RIGHT approach to creating a software
program looks like
Jeff Williams ( @PlanetLevel ) - Jeff brings more than 20 years
of security leadership experience as co-founder and Chief
Technology Officer of Contrast. In 2002, Jeff co-founded and became
CEO of Aspect Security, a successful and innovative consulting
company focused on application security. Jeff is also a founder and
major contributor to OWASP, where he served as the Chair of the
OWASP Board for 8 years and created the OWASP Top 10, OWASP
Enterprise Security API, OWASP Application Security Verification
Standard, XSS Prevention Cheat Sheet, and many other widely adopted
free and open projects. Jeff has a BA from Virginia, an MA from
George Mason, and a JD from Georgetown.
Take a step outside the echo chamber - gain some perspective and context.
Welcome to Cybersecurity: An immature industry where we mandate impossible-to-remember complex passwords that change every 30 days - and call that security. It's an industry where everyone is an expert, but no one's actually solved anything... weird right?
This show is focused on the many aspects of cybersecurity - from professional to leadership, technical to abstract. We look to entertain you while filling your brain with expertise and knowledge from all corners of our industry and beyond. You can expect security experts, policy professionals, and people from outside our own "security bubble" because frankly, our echo chamber needs some perspective.
Join us, subscribe, and share in the conversation.
Follow us on Twitter: @DtSR_Podcast
Check out Rafal's @Medium blog at https://medium.com/@BlogWh1t3Rabbit