Open Web Application Security Project (OWASP) - Portland, Oregon Chapter podcast

Player FM - Internet Radio Done Right

25 subscribers

اضافه شده در five سال پیش
Looks like the publisher may have taken this series offline or changed its URL. Please contact support if you believe it should be working, the feed URL is invalid, or you have any other concerns about it.

محتوای ارائه شده توسط OWASP PDX. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط OWASP PDX یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

All About Change

1
The Goodwill You Don't Know with CEO Steve Preston 29:53

۵ روز پیش29:53

پخش در آینده

لیست ها

پسندیدن

دوست داشته شد

29:53

Steve Preston is the CEO of Goodwill Industries. Though Goodwill is known for big stores where people can donate clothes and buy them secondhand, those stores are just the first level of what Goodwill Industries are about. Those stores fund an international organization that provides job training, employment placement services and other community-based programs for people who face barriers in their employment. Steve joins Jay to discuss the ways Goodwill Industries support veterans and individuals who lack job experience, an education, or face employment challenges, such as those people who are formerly incarcerated. Today's episode was produced by Tani Levitt and Mijon Zulu. To check out more episodes or to learn more about the show, you can visit our website Allaboutchangepodcast.com. If you like our show, spread the word, tell a friend or family member, or leave us a review on your favorite podcasting app. We really appreciate it. All About Change is produced by the Ruderman Family Foundation. Episode Chapters 0:00 intro 1:02 The Goodwill you don’t know 4:33 The troubling reality of work reintegration for formerly incarcerated folks 10:00 How Steve brings his public-sector experience to Goodwill 11:17 Goodwill’s employment centers 15:51 The interplay between Goodwill’s national and local arms 24:07 The case for minimizing recidivism becoming a cross-party cause 27:05 Goodbye For video episodes, watch on www.youtube.com/@therudermanfamilyfoundation Stay in touch: X: @JayRuderman | @RudermanFdn LinkedIn: Jay Ruderman | Ruderman Family Foundation Instagram: All About Change Podcast | Ruderman Family Foundation To learn more about the podcast, visit https://allaboutchangepodcast.com/ Looking for more insights into the world of activism? Be sure to check out Jay’s brand new book, Find Your Fight , in which Jay teaches the next generation of activists and advocates how to step up and bring about lasting change. You can find Find Your Fight wherever you buy your books, and you can learn more about it at ⁠⁠⁠www.jayruderman.com⁠⁠⁠ .…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

اشتراک گذاری

خانه سری•Feed

بایگانی مجموعه ها ("فیدهای غیر فعال" status)

When? This feed was archived on September 17, 2024 07:05 (9M ago). Last successful fetch was on July 22, 2024 18:41 (11M ago)

Why? فیدهای غیر فعال status. سرورهای ما، برای یک دوره پایدار، قادر به بازیابی یک فید پادکست معتبر نبوده اند.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies, and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security. This podcast mostly focuses on cybersecurity in the Portland, Oregon chapter.

47 قسمت

#Tech #Podcasting Education #News #Tech News #OWASP PDX #OWASP #Cybersecurity #Security #InfoSec #AppSec #Whitehat #Pentest #Hacking #Vulnerable #Exploitation #Owasp Top 10

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

25 subscribers

updated ۲ سال پیش

اشتراک گذاری

خانه سری•Feed

بایگانی مجموعه ها ("فیدهای غیر فعال" status)

When? This feed was archived on September 17, 2024 07:05 (9M ago). Last successful fetch was on July 22, 2024 18:41 (11M ago)

Why? فیدهای غیر فعال status. سرورهای ما، برای یک دوره پایدار، قادر به بازیابی یک فید پادکست معتبر نبوده اند.

47 قسمت

#Tech #Podcasting Education #News #Tech News #OWASP PDX #OWASP #Cybersecurity #Security #InfoSec #AppSec #Whitehat #Pentest #Hacking #Vulnerable #Exploitation #Owasp Top 10

همه قسمت ها

1
AppSec Days PNW 2023 Portland: A conversation with Jeevan Singh and Chelsea Willis 26:43

۲ years پیش26:43

26:43

AppSec Days PNW leaders Jeevan Singh and Chelsea Willis join us to talk about the upcoming OWASP collaborative event from the OWASP chapters of Vancouver, Victoria, Seattle, and Portland happening this year in Portland on June 10th. AppSec Days PNW has been running for three years now and this is the first in person event. You can learn more and register at appsecpnw.org . Support the Show.…

1
OWASP Portland Training Day Sponsor Highlight - Summit Security Group 14:43

۴ years پیش14:43

14:43

Summit Security Group is a long time partner of Portland OWASP Training Day and this year's CTF sponsor. David Quisenberry interviews Summit Security Group Managing Director and Founder Dan Briley to talk about their services, trends they are seeing in their security consulting practice, and ways they encourage a learning lifestyle at Summit. Support the Show.…

1
OWASP Portland Training Day Sponsor Highlight - Cambia Health 13:02

۴ years پیش13:02

13:02

Support the Show.

1
Michael Allen Lake - From the JEDI Initiative to the New U.S. Digital Corps 43:02

۴ years پیش43:02

43:02

Our special guest today is Michael Allen Lake who is a digital transformation consultant focused on innovation and change adoption within the Federal government. He has worked on projects at nine different Federal agencies. His experience ranges from helping organizations leverage data as a strategic asset to the adoption and promotion of enterprise-wide cloud computing and artificial intelligence initiatives. In addition, Michael researches and publishes articles on the diplomatic history of the United States and Mongolia. He is also a volunteer with the Medical Reserve Corps, and co-hosts a YouTube channel on Star Wars called Never Tell Us the Odds . You can find more about Michael and his thoughts at YaksOnTheRunway.com . Links from the show: Michael's Twitter Michael's Instagram Michael's LinkedIn U.S. Digital Corps Yaks on the Runway Never Tell Us the Odds Michael Allen Lake was interviewed by David Quisenberry. Post production work by John L. Whiteman. Introduction and closing by Shayne Morgan. Follow us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

1
Sarba Roy - The Security World Is Your Oyster and You Are the Pearl 37:51

۴ years پیش37:51

37:51

Our special guest today is Sarba Roy. Sarba is currently a Product Security Consultant at Umpqua Bank where she is collaborating and acting as a security advisor to the product teams when new digital technologies and/or business needs are identified. She is also the Oregon Affiliate Membership Chair for Women In CyberSecurity (WiCyS), and she also the Oregon Chapter Lead for Infosec Girls and a founding member of WomenH2H, a global community for women leaders and changemakers. She is also a passionate volunteer and advocate for women’s empowerment and education equity while being an artist, writer and mentor at heart, dedicated to helping individuals and organizations to become more compassionate, curious and cybersmart. Check out her recent presentation on our OWASP PDX YouTube channel called "My Journey to Becoming a CISSP - Life Lessons and Study Tips." Other links mentioned during our interview with Sarba can be found in this podcast's RSS feed. Show Links: Women in CyberSecurity Infosec Girls WomenH2H My Journey to Becoming a CISSP LinkedIn Sarba Roy was interviewed by David Quisenberry and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

1
Aarti Gadhia - Doing Real Work in Bridging the Diversity Gap in Cybersecurity Leadership 21:18

۴ years پیش21:18

21:18

Our special guest today is Aarti Gadhia. She is a highly successful cybersecurity professional who has worked in various leadership roles in sales and marking for well-known companies such as Bugcrowd, Carbon Black, Trend Micro and Sophos. Aarti is also the founder of Standout to Lead and SHE (Sharing Her Empowerment). Aarti is passionate about bridging the diversity gap in STEM and in leadership. She recently presented at our OWASP AppSec Pacific Northwest Conference on the topic of Women in Appsec: Advice to Differentiate Your Skills. As a podcast bonus, you will learn about how a childhood lesson in making roti with her mother helped shape Aarti to become the strong leader she is today. We want to say thank you to Bugcrowd for being one of our sponsors for the inaugural OWASP Pacific Northwest Application Security Conference 2021. Show Links: LinkedIn Bugcrowd BSides Vancouver The Diana Initiative The Rise of the Cyber Women: Volume 2: Inspirational stories from the women who are taking the cyber security industry by storm PNWSEC https://pnwcon.com Twitter: @pnwseccon pnwseccon@gmail.com (contact) Aarti Gadhia was interviewed by David Quisenberry and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

1
Jeff Williams - We Are in the Stone Age for Application Security 44:16

۴ years پیش44:16

44:16

Our special guest today is Jeff Williams, Co-Founder and CTO of Contrast Security. Jeff was one of the pioneering members who formed the Open Web Application Security Project® (OWASP). Not only did he chair it, he also contributed to many successful open source projects, including WebGoat, the OWASP Application Security Verification Standard (ASVS), the OWASP Top Ten and much more. Without him and others we would not be doing this podcast today. Besides founding Contrast Security in 2014, he started Aspect Security in 2002. Jeff got his law degree at Georgetown University Law Center along with a computer science and psychology degree at the University of Virginia. In the early 1990's, he built high assurance systems for the U.S. Navy and taught the INFOSEC curriculum for the NSA during the good old days of the Orange Book - a trusted computer system evaluation criteria for the U.S. Department of Defense. We want to say thank you to Contrast Security for being one of our sponsors for the inaugural OWASP Pacific Northwest Application Security Conference 2021. Jeff's Links Contrast Security LinkedIn Twitter Security Maganize Article - New NIST Standards on IAST and RASP Deliver State-of-the-Art AppSec WebGoat ASVS BlackHat USA - Enterprise Java Rootkits - "Hardly anyone watches the developers" PNWSEC https://pnwcon.com Twitter: @pnwseccon pnwseccon@gmail.com (contact) Jeff Williams was interviewed by David Quisenberry and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

1
Frank Heidt - CEO and Co-Founder of Leviathan Security Group 43:59

۴ years پیش43:59

43:59

Our special guest today is Frank Heidt who is the CEO and Co-Founder at Leviathan Security Group. Frank is a recognized expert in the fields of information assurance, network security and systems penetration. Prior to starting Leviathan, Frank was a managing security architect for @stake. He also engaged in various computer and networking security projects for the U.S. Department of Defense and the U.S. Department of the Navy. You can watch Frank speak at various TEDx conferences online. Frank is also a master at the living art of bonsai. Check out his delightful Jigsaw Bonsai Workshop on YouTube. We want to say thank you to Leviathan Security Group for being one of our sponsors for the inaugural OWASP Pacific Northwest Application Security Conference 2021. Show Links Leviathan Security Group LinkedIn TEDx - State Sanctioned Hacking - The Elephant in the Room TEDx - Hacking 101 Jigsaw Bonsai Workshop PNWSEC https://pnwcon.com https://www.eventbrite.ca/e/first-annual-pacific-northwest-appsec-conference-tickets-155757566073 (buy tickets) @pnwseccon pnwseccon@gmail.com (contact) Frank Heidt was interviewed by David Quisenberry. Post-production by John L. Whiteman Follow us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

1
Rebekah Brown and Scott J. Roberts - Intelligence-Driven Incident Response 52:50

۴ years پیش52:50

52:50

Our guests today are Rebekah Brown and Scott J. Roberts. They wrote a seminal book together called Intelligence-Driven Incident Response: Outwitting the Adversary . Both have extensive backgrounds in information security. Rebekah started her work as an intelligence and network warfare analyst while honorably serving in the United States Marine Corps, and Scott comes from a more traditional yet impressive background in defensive network security. Both are SANS instructors. To understand its enemy, an organization must first understand its threats by analyzing the data it collects. How to do this effectively is what we will discuss today. Definitely check out their book and listen to this podcast for a surprise announcement. Book: Intelligence-Driven Incident Response: Outwitting the Adversary Twitter: Rebekah Brown Twitter: Scott J. Roberts Rebekah Brown and Scott J. Roberts are interviewed by David Quisenberry and John L. Whiteman Follow us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

1
Farshad Abasi and Roberto Salgado - Our New Pacific Northwest Application Security Conference (PNWSEC) 54:12

۴ years پیش54:12

54:12

On Saturday, June 19, 2021 something very special is going to happen. For the first time, a perfect trifecta of OWASP chapters in the Pacific Northwest are getting together to host a virtual conference focused on serious application security. It's called the Pacific Northwest Application Security Conference (PNWSEC) . The chapters hosting this fine event are from the beautiful, breathtaking Canadian cities of Vancouver and Victoria B.C. and to the south in the States, Portland, Oregon. Our guests today are Farshad Abasi and Roberto Salgado along with our host David Quisenberry, each a leader of the same OWASP chapters respectively. Tickets are going fast so hurry. Also if you want give a talk, including those short lighting ones, or even volunteer, it's still not too late. Go to pnwcon.com for details also check out this podcast's RSS feed for additional information regarding the conference and our guests. PNWSEC https://pnwcon.com https://www.eventbrite.ca/e/first-annual-pacific-northwest-appsec-conference-tickets-155757566073 (buy tickets) @pnwseccon pnwseccon@gmail.com (contact) Vancouver, B.C. OWASP Chapter https://owasp.org/www-chapter-vancouver/ https://twitter.com/owaspvancouver Victoria, B.C. OWASP Chapter https://owasp.org/www-chapter-victoria/ https://twitter.com/owaspvictoria Farshad Abasi (Vancouver, B.C.) https://www.linkedin.com/in/farshadabasi/ Forward Security Inc. @farshadabasi Roberto Salgado (Victoria, B.C.) https://www.linkedin.com/in/roberto-salgado/ Websec Canada @lightos David Quisenberry (Portland, Oregon) https://www.linkedin.com/in/davidmquisenberry/ https://zapproved.com/ @QuizSec Farshad Abasi and Roberto Salgado are interviewed by David Quisenberry and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

1
Jonathan Badeen - Tinder Co-Founder - Flirting With Fire: A Conversation about Start-ups, Evolving App Sec, and His Path of Creation 46:19

۴ years پیش46:19

46:19

Our special guest today is Jonathan Badeen, He is one of the co-founders of Tinder and has been its Chief Strategy Officer since March 2016. He is a programmer, designer and inventor, including Tinder's famous #SwipeRight feature. His other work experiences include Cardify, Chegg Flashcards, Casting Networks' FastCapture & Match Made. He is also an actor with credits in Zombie Wars (2007), The Proposal (2008) and Swiped: Hooking Up in the Digital Age (2018). And if that ain't enough … Jonathan is also lifelong friends with our very own OWASP PDX Chapter President, David Quisenberry. This podcast is sponsored by the We Hack Purple Academy . Links from the show: Homepage Twitter IMDB LinkedIn Tinder Security Jobs Jonathan Badeen is interviewed by David Quisenberry and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

1
Nabil Hannan - I Can Teach Someone to Be Smart, but I Can't Teach Someone to Be Clever When It Comes to Training a Pentester; A Pentester Must Be the Latter 38:03

۴ years پیش38:03

38:03

Our guest today is Nabil Hannan, who is a Managing Director at NetSPI. He leads the company’s consulting practice, focusing on helping clients solve their cyber security assessment, and threat & vulnerability management needs. He has over 13 years of experience in cyber security consulting from his tenure at Cigital/Synopsys Software Integrity Group. Nabil has also worked as a Product Manager at Research In Motion (now, of course, BlackBerry) and has managed several flagship initiatives and projects through the full software development life cycle. You must also check out Nabil's podcast - Agent of Influence. This podcast is sponsored by the We Hack Purple Academy . Links from the show: NetSPI Agent of Influence Podcast Nabil's Twitter Account Nabil's LinkedIn Account DarkReading Posts by Nabil Nabil Hannan is interviewed by David Quisenberry and John L. Whiteman Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

1
John Strand - Running a Security Company Is to Do Illegal Things With Permissions 39:41

۴ years پیش39:41

39:41

John Strand is our special guest today. He is the owner of Black Hills Information Security - a company that specializes in penetration testing and security architecture services. He is also cofounder of Active Countermeasures. He created the popular Backdoors and Breaches incident response card game. He wrote a book called Offensive Countermeasures (The Art of Active Defense). He can watch him along with other great guests on the Black Hills Information Security Podcast on YouTube. This podcast is sponsored by the We Hack Purple Academy . Links from the show: John's Twitter Page John's LinkedIn Page Offensive Countermeasures: The Art of Active Defense (book) Black Hills Information Security Black Hills Information Security Podcast Active Countermeasures Backdoors and Breaches Game DaftHack's Twitter Page N0BANDW1DTH's Twitter Page John Strand is interviewed by David Quisenberry and John L. Whiteman Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

1
Lewis Ardern and PwnFunction - Discovering Clever Ways to Exploit the Vue.js JavaScript Framework 47:42

۴ years پیش47:42

47:42

Our special guests today are Lewis Ardern and PwnFunction. Lewis is an Associate Principal Consultant at Synopsys where he focuses on web application security. He is also an organizer for the OWASP Bay Area Chapter. Check out his new SecuriTEA and Crumpets videos on YouTube. PwnFunction is an independent security consultant. He makes popular hacking videos on YouTube. He also created a popular online cross-site scripting (XSS) game where you can learn offensive techniques from basic to advance skill sets. This podcast is sponsored by the We Hack Purple Academy . Links from the show: PwnFunction's Twitter PwnFunction's YouTube PwnFunction's XSS Game PwnFunction's HackerCamp Lewis Ardern's Twitter Lewis Ardern's SecuriTEA & Crumpets (New) Day of Shecurity Day of Shecurity Twitter Evading Defences Using VueJS Script Gadgets (PortSwigger Blog) Code Golf Stack Exchange Parsing Techniques - A Practical Guide (Grune, Dick, Jacobs, Ceriel J.H.) Lewis Arden and PwnFunction are interviewed by David Quisenberry and John L. Whiteman Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

1
Volko Ruhnke, Adam Shostack and Hadas Cassorla - Building Games to Teach Real-World Security 1:08:59

۴ years پیش1:08:59

1:08:59

We have three very special guests today. All come from different backgrounds but share a common interest in gaming - the kind that can be used to teach you things, like how to become better at handling security incidents or winning a historical insurrection. This podcast is sponsored by the We Hack Purple Academy . Volko Ruhnke is a renowned wargame designer and educator. He retired as a career analyst with the CIA and as an instructor for the Sherman Kent School for Intelligence Analysis which is responsible for training people in the intelligence community. While working there he became an acclaimed designer of commercial board games - best known for the COIN Series published by GMT Games . Adam Shostack is a leading expert on threat modeling, and a consultant, entrepreneur, technologist, author and game designer. He's a member of the BlackHat Review Board, and helped create the CVE and many other things. He currently helps many organizations improve their security via Shostack & Associates , and helps startups become great businesses as an advisor and mentor. While at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and created the "Elevation of Privilege" game. Adam is the author of Threat Modeling: Designing for Security , and the co-author of The New School of Information Security . Hadas Cassorla is a security leader in the Portland area. She is the manager of security engineering and platform engineering at Simple Finance in Portland. She also does work with Hackback Gaming as an Incident Master (IM) running teams through dynamic role playing in tabletop incident response scenarios. Hadas is a recovering attorney too who took up improv after finishing law school. Volko Ruhnke, Adam Shostack and Hadas Cassorla are interviewed by David Quisenberry and John L. Whiteman Links from the Show: Zenobia Award (Board Game Design Contest for Underrepresented Groups) HackBack Gaming Adam Shostack's Home Page Elevation of Privilege Philip Sabin - Simulating War: Studying Conflict through Simulation Games Jeremy Holcomb - The White Box Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Caroline Wong - What a Top Chief Strategy Officer Has to Say About Security These Days 25:15

۵ years پیش25:15

25:15

Our very special guest today is Caroline Wong. She is the Chief Strategy Officer at Cobalt. As CSO, Caroline leads the Security, Community, and People teams at Cobalt. She brings a proven background in communications, cybersecurity, and experience delivering global programs to the role. Caroline’s close and practical information security knowledge stems from her broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. Caroline also hosts the Humans of InfoSec podcast, teaches cybersecurity courses on LinkedIn Learning and has authored the popular textbook Security Metrics, A Beginner's Guide. Caroline holds a bachelor’s degree in electrical engineering and computer sciences from UC Berkeley and a master’s in finance and accounting from Stanford University Graduate School of Business. Some useful links: https://twitter.com/carolinewmwong https://twitter.com/humansofinfose https://www.linkedin.com/in/carolinewmwong/ https://soundcloud.com/humans-of-infosec https://twitter.com/cobalt_io https://resource.cobalt.io/pentesting-in-devops-how-to-guide https://www.mheducation.com/highered/product/security-metrics-beginner-s-guide-wong/9780071744003.html Caroline Wong is interviewed by Kendra Ash and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Jim Manico - "Kūlia I Ka Nu'u" to Be Your Best in Security 33:49

۵ years پیش33:49

33:49

Our special guest today is Jim Manico. He is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also the co-founder of the LocoMoco Security Conference in Hawaii as well as an investor and advisor for BitDiscovery and Signal Sciences. Jim is a frequent speaker on secure software practices and is a member of the JavaOne rockstar speaker community. He is the author of Iron-Clad Java: Building Secure Web Applications from McGraw-Hill. https://www.linkedin.com/in/jmanico https://locomocosec.com/ https://bitdiscovery.com/ https://www.signalsciences.com/ http://www.amazon.com/Iron-Clad-Java-Building-Secure-Applications/dp/0071835881 Jim Manico is interviewed by David Quisenberry and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Bruce Schneier - We Live in a Security and Privacy World That Science Fiction Didn't Predict 32:55

۵ years پیش32:55

32:55

Our distinguished guest today is Bruce Schneier. Bruce is a public-interest security and privacy technologist, cryptographer, an author of over one dozen books, including the famous blue and red versions of Applied Cryptography . His most recent book is Click Here to Kill Everybody . He is a fellow and lecturer at Harvard's Kennedy School and a board member of the Electronic Frontier Foundation . Bruce's blog, Schneier on Security , is read by over a quarter of a million people. You can find it at schneier.com . He has testified before Congress, is a frequent guest on television and radio, served on several government technical committees, and is regularly quoted in the press. Bruce's symmetric key block cipher, called Twofish , was a top five finalist for the Advanced Encryption Standard Selection Process organized by the U.S. National Institute of Standards and Technology . Show Links: https://www.schneier.com/ https://public-interest-tech.com/ https://www.schneier.com/essays/archives/2018/09/cryptography_after_t.html Bruce Schneier is interviewed by David Quisenberry and John L. Whiteman Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
STÖK - What It Takes to Be a Good Hacker 23:52

۵ years پیش23:52

23:52

Our guest today is Fredrik Alexandersson. You probably know him better as STÖK. He is a highly regarded Swedish hacker and cyber-security advisor with passions in technology and sustainable fashion. Our conversation today is about hacking and bug bounties. STÖK brings to the table many years of experience with a refreshingly positive perspective in our never-ending quest to find that next security bug in a dark world we call software. STÖK's Website Twitter YouTube Channel STÖK is interviewed by John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Terry Dunlap - IoT Security Starts with Getting Rid of Your IoT Devices 24:25

۵ years پیش24:25

24:25

Our guest today is Terry Dunlap. Arrested at 17 while hacking with a Commodore 64, Terry went on to work for the US National Security Agency to help track terrorists. He left the NSA in 2007 to bootstrap Tactical Network Solutions, an offensive-focused cyber company catering to the world's friendly foreign governments and militaries. Today he's a co-founder of ReFirm Labs, an IoT-focused cybersecurity company. ReFirm Labs binwalk U.S. National Security Agency (NSA) Terry Dunlap is interviewed by Shayne Morgan and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Dr. Linus Karlsson - The Art of Managing Open Source Vulnerabilities is Good Science Too 19:01

۵ years پیش19:01

19:01

Our guest today is Dr. Linus Karlsson who is a security specialist for Debricked - a company that was founded in 2018 as a spin-off from a research project at Lund University in Sweden. Dr. Karlsson has done some fascinating security research work in the areas of trusted computing, cryptography, software-defined networking and interconnectivity of embedded systems. I encourage you to read his work on Google scholar. Today our discussion focuses on the detection and handling of vulnerabilities in open source software. Debricked Some Research Papers by Dr. Karlsson Latest Top 25 Common Weakness Enumerations (CWEs) Lund University Dr. Linus Karlsson is interviewed by John L. Whiteman. Also a special thanks to Joanna Qvarnström for helping to arrange this podcast. Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Terry Tower - Drones Be Hacked 26:34

۵ years پیش26:34

26:34

Our guest today is our very own Terry Tower. Terry was in the Army for almost 11 years with two deployments in Iraq. He currently works for EZDrone in Portland, Oregon and for VanderHouwen at the Nike Campus doing devops with security in mind. He has a Masters in Computer Science and a Bachelors in Business. Terry's drone experience started out when he was a real estate agent which eventually evolved to a point where drones and security became an integral part of his life. He was a speaker at BSidesPDX talking about none other than drone security. Terry also heads the mentorship program for our OWASP, Portland chapter. If you are interested in becoming a mentor or mentee or both, please talk to Terry. Links are provided in this podcast's RSS feed. OWASP PDX Mentorship EZDrone Terry Tower is interviewed by Shayne Morgan and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Andrew van der Stock - OWASP Executive Director - Our Software is the Firewall 25:50

۵ years پیش25:50

25:50

Our special guest today is Andrew van der Stock. He is our new Executive Director at OWASP, taking the Foundation through organizational change and taking our mission to the next level. Andrew is a seasoned web application security specialist and enterprise security architect. He has worked in the IT industry for over 25 years. He has researched and developed the web application security and architecture fields since 1998. He is a lifetime member of OWASP, a former director, and co-leads the OWASP Application Security Verification Standard (ASVS) and is actively involved in OWASP Top 10 projects too. Andrew is an Australian expat of Melbourne and Sydney. He currently lives in the USA with his family. Open Web Application Security Project (OWASP) OWASP Application Security Verification Standard (ASVP) Open Source Security Foundation (OpenSSF) Andrew van der Stock is interviewed by David Quisenberry and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Simon Bennetts and Rick Mitchell - The Great Proxy Wars - ZAP vs. Burp Suite 18:19

۵ years پیش18:19

18:19

Our special guests today are Simon Bennetts and Rick Mitchell. Simon co-leads the OWASP Zed Attack Proxy (ZAP) project, which he started in 2009 and is a Distinguished Engineer at StackHawk, a SaaS company that uses ZAP to help users fix application security bugs before they hit production. He has talked about and demonstrated ZAP at conferences all over the world, including Blackhat, JavaOne, FOSDEM and OWASP AppSec EU, USA & AsiaPac. Prior to making the move into security he was a developer for 25 years and strongly believes that you cannot build secure web applications without knowing how to attack them. Rick is an IT Security professional from Canada. With over 20 years of experience in the IT industry focused on security for the majority of that time, he really believes in OWASP's mission and the importance of Application Security in the industry. He's co-led a number of community projects including ZAP, The Web Security Testing Guide, and the Vulnerable Web Apps Directory. He's a strong believer in learning by doing and that all community efforts are valuable and make us all strong. ZAP Home Page Simon and Rick are interviewed by Shayne Morgan and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Eva Galperin - Director of Cybersecurity at the Electronic Frontier Foundation (EFF) - Go Look Where No One Else is Looking 31:10

۵ years پیش31:10

31:10

Our special guest today is Eva Galperin who is the Director of Cybersecurity at the Electronic Frontier Foundation (EFF). Prior to 2007, when she came to work for EFF, Eva worked in security and IT in Silicon Valley and earned degrees in Political Science and International Relations from San Francisco State University (SFSU). Her work is primarily focused on providing privacy and security for vulnerable populations around the world. To that end, she has applied the combination of her political science and technical background to everything from organizing EFF's Tor Relay Challenge, to writing privacy and security training materials (including Surveillance Self Defense and the Digital First Aid Kit), and publishing research on malware in Syria, Vietnam, Kazakhstan. When she is not collecting new and exotic malware, she practices aerial circus arts and learning new languages. EFF: https://www.eff.org/ Security Education Companion: https://sec.eff.org/ Coalition Against Stalkerware: https://stopstalkerware.org/ Atlas of Surveillance: https://atlasofsurveillance.org/ Eva Galperin is interviewed by Kendra Ash and John L. Whiteman Follow us, join us, be us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Glenn Bravy and Merritt Wilson - Secure Code Warrior - Are Some Languages More Dangerous Than Others? 22:18

۵ years پیش22:18

22:18

Our guests today are Glenn Bravy and Merritt Wilson. Glenn works at Secure Code Warrior, partnering with people who believe that secure code training can be both hands-on and enjoyable. When it comes to getting upskilling, active learning and consistent practice outperform talent over time. When not working, Glenn is trying to hack and grow veggies at home. Merritt Wilson also works at Secure Code Warrior. He helps customers prudently solve real world cyber security and compliance problems. He enjoys working with those who truly understand their business objectives and challenges. During his off time, Merritt's passions include anything automobile-related and woodworking. Secure Code Warrior: https://securecodewarrior.com/ Portland Oregon OWASP Tournament Details: (July 21, 2020, 8:00 AM - July 24, 2020, 8:00 PM) Register: https://discover.securecodewarrior.com/OWASP-Portland-tournament.html RSVP: https://www.meetup.com/OWASP-Portland-Chapter/events/271638472/ Slack Channel: https://join.slack.com/t/owasppdx/shared_invite/zt-fid1qpsj-L_EaKW7WSxQMDzSIpubuaw OWASP PDX Study Night: Join Sam Lemly as he helps you prepare for the tournament RSVP: https://www.meetup.com/OWASP-Portland-Chapter/events/271905106/ Glenn and Merritt are interviewed by John L. Whiteman Follow us, join us, be us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Jake King - Linux Cloud and Endpoint Security - Do It Wisely. Make it Easy. 23:15

۵ years پیش23:15

23:15

Our guest today is Jake King, who is the CEO & Co-Founder of Cmd. He's a long-time security practitioner specializing in infrastructure security, primarily in cloud environments. Prior to starting Cmd, Jake managed the security program at social media giant Hootsuite where he experienced first-hand the risks pertaining to Linux systems at scale. Cmd was born out of these, and many other frustrations, quickly becoming one of the hottest startups in the cybersecurity space. Jake is a frequent speaker on the topic of Linux Security at BSides, MITRE, and other conferences, as well as an active member of the Vancouver cybersecurity community. An Australian native, Jake studied cyber forensics and information security management before relocating to Vancouver, Canada in 2013. Links: Cmd Cmd Free (Custom Portland OWASP Link) Jake is interviewed by Kendra Ash and John L. Whiteman Follow us, join us, be us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Eric Higgins - Security From Zero: Practical Security for Busy People 18:53

۵ years پیش18:53

18:53

Our guest today is Eric Higgins. He has been in the technology industry for over 20 years. He spent a decade in Silicon Valley, where he worked at Google and then led the security team at Optimizely. Now he runs a consulting firm that helps business leaders understand how to start a security program at their company - and how to help it be successful. Based on this work, he just wrote a book called Security From Zero. Podcast & Book available at securityfromzero.com Eric is interviewed by Shayne Morgan and John L. Whiteman Follow us, join us, be us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Mike Goodwin and Jon Gadsden - Threat Dragon is for Threat Modeling. Come Help Build It! 26:44

۵ years پیش26:44

26:44

Today we are going to be talking about - OWASP Threat Dragon - and our guests are Mike Goodwin, the founder, and Jon Gadsden, a major contributor to the project. Threat Dragon is a popular, free tool used for threat modeling, including diagramming, threat identification, mitigation and report generation. Mike is the VP of Product Security and Architecture and Technical Fellow at Sage Software - a FTSE100 company providing accounting, payroll and HR software to businesses in 23 countries worldwide. After short careers as an academic and then as a nuclear engineer, Mike settled into software development about 20 years ago working for a startup, a government corporation and now the UKs largest tech company. After developing an interest in security during a large cloud migration project, Mike moved to a full-time security role six years ago to help build Sage's AppSec program. Jon is a software engineer with ForgeRock in Bristol, a company that provides Identity and Access Management services. Jon splits his time between security engineering and embedded C/C++ development - he says that he likes it this way because it reminds him that developers are under time pressure and that security engineers require a whole load of tact. Jon has been involved with the open source software community since Linux 2.0.28, and his latest project is helping with Cupcake's OWASP Threat Modeling project. OWASP Threat Dragon Project Page https://owasp.org/www-project-threat-dragon/ Mike's Medium Article https://medium.com/sagefuturemakers/real-world-threat-modelling-fb14ef767c49 Mike and Jon are interviewed by Shayne Morgan and John L. Whiteman Follow us, join us, be us: https://owasp.org/www-chapter-portland/ https://twitter.com/portlandowasp?lang=en https://www.meetup.com/OWASP-Portland-Chapter https://www.linkedin.com/groups/4223013/ https://www.youtube.com/channel/UCYDkARIRTaeiP-o19tSWZfw Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Ashish Patel - Best Practices for Proactive Cloud Security 16:05

۵ years پیش16:05

16:05

We're super delighted to have today, Ashish Patel. He's a security engineer on the Box Infrastructure Security team. He usually lives in the realm of cloud security and automating security related tasks that scale across multiple clouds & attack surfaces. Articles written by Ashish and talked about on the show: Cloud Security Automation with Python (we have a link to our automation workshop with full code included that we gave at BSides SF 2020) Shifting left with preventative policies inside of public cloud Ashish is interviewed by John L. Whiteman Intro/exit voice over by Shayne Morgan Follow us, join us, be us: https://owasp.org/www-chapter-portland/ https://twitter.com/portlandowasp?lang=en https://www.meetup.com/OWASP-Portland-Chapter https://www.linkedin.com/groups/4223013/ https://www.youtube.com/channel/UCYDkARIRTaeiP-o19tSWZfw Support the Show.…

به Player FM خوش آمدید!

Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.